ATM Attack Notice: Transaction Reversal Fraud

February 28, 2023
Transaction Reversal Fraud Update

ATM Attack Notice:

Transaction Reversal Fraud

Case Financial recently became aware of a new style of ATM attack known as Transaction Reversal Fraud (TRF) that is being reported on most makes and models of ATMs.

During these attacks, a criminal physically manipulates the shutter on an ATM in order to access the cash being pre-staged in the ATM dispenser prior to card removal. After they remove the cash during the transaction, the ATM is tricked into thinking the cash has not been delivered to the customer and therefore reverses the transaction internally and to the host processor.

These attacks started in Europe late last year and spread to the East Coast in early 2023. Recently, we have been notified that these attacks are beginning to spread to the Southern and Midwestern areas of the United States as well.

Ever proactive, NCR & Case Financial have released a hotfix to switch the ATM pre-present enabled setting to OFF. When this setting is off, the dispensers will hold the cash at the ‘stack position’ at the rear of the dispenser presenter, until the transaction has successfully processed.

We are currently rapidly testing the efficacy of this cure within our fleet as well as the remote dispersion of the hotfix via our Remote Fleet Solutions. We predict it will be vetted and able to be distributed within a week to all of the RemoteView enabled ATMs in our fleet.

For those ATMs not currently connected to our RemoteView product, this patch can be applied on site upon customer request.

For more information concerning our Remote Fleet Management Solutions and how Case Financial can help alleviate this potential risk please contact us at 877.728.9627 orĀ send us an email.