Here’s How ATM Threat Landscape Has Evolved in Europe With New TRF Attack Technique

• ATM Transaction Reversal Fraud has increased by 59% in the first six months of the year.
• This category of ATM attack includes the use of ATM skimming and techniques like transaction reversal fraud.

Attacks against ATMs across Europe using ATM malware and ATM jackpotting techniques have decreased drastically in the first half of 2019. It has helped the crooks to earn just less than €1,000.

However, a new study released by the European Association for Secure Transactions (EAST) has revealed that criminal gangs are using a new ATM attack technique to launch successful robberies.

Termed as ATM TRF or ATM-Transaction Reversal Fraud, this form of ATM attack has increased by 59% in the first six months of the year, according to the European Association for Secure Transactions (EAST).

How is TRF launched?

• This category of ATM attack includes the use of ATM skimming and techniques like transaction reversal fraud.
• This lesser-known technique invovles exploiting glitches in the normal mode of operation of an ATM.
• Here the crook enters a valid card in the ATM, enters a correct PIN and requests a valid cash withdrawal.
• After the requested amount is received, the criminals leave the card in the ATM slot.

How does a jammed card operate?

• The idea behind leaving the card in the slot is to create confusion. The ATM thinks that the card is jammed and hence cancels the previous transaction.
• This is an effective process as the requested cash - which has already been withdrawn from ATM - gets re-added to the crook’s account.

What next?

At this point, the criminal uses a tool like a screwdriver to force open the ATM dispenser shutter and takes the cash bills that had been previously prepared to be dispensed for the now-canceled transaction.

Future aspects

With criminal groups turning their gaze to this new technique, EAST says that this trend is expected to continue in the future. While ATM malware, jackpotting, and card skimmers are going down, the banking sector will see a rise in TRF attacks.

Protections in the form of software updates can make TRF attacks inefficient in the coming years.