Lebanese loop

A Lebanese loop is a device used to commit fraud and identity theft by exploiting automated teller machines (ATMs). Its name comes from its regular use amongst Lebanese financial crime perpetrators, although it has now spread to various other international criminal groups.[1] The Lebanese loop is becoming one of the simplest and most widespread forms of ATM fraud.

Contents

Characteristics

The term “Lebanese loop” is applied to any number of similar devices that are used to perpetrate ATM fraud by retaining the user's card. In their simplest form, Lebanese loops consist of a strip or sleeve of metal or plastic (even something as simple as a strip of video cassette tape) that is inserted into the ATM's card slot. When the victim inserts their ATM card, the loop is long enough for the card to be fully drawn into the machine and read. The victim then enters their PIN as normal, and requests the funds. The ATM then tries to eject the card, but a "lip" folded at the end of the loop prevents the card from being ejected. The machine senses that the card has not been ejected, and draws the card back into the machine. The cash drawer does not open, and the money that has been counted is retained by the machine. In most cases, the victim's account is not debited. The victim believes the machine has malfunctioned or genuinely retained their card.[2]

In a typical scam, the perpetrator will obtain the victim's PIN either by watching them enter it the first time (shoulder surfing), or by approaching the victim under the pretence of offering help and suggesting they re-enter their PIN (and again, watching them do so). Once the victim has left the ATM, the perpetrator retrieves the loop and the trapped card, and uses it, along with their PIN, to withdraw cash from the victim's account.[3]

Variants

More sophisticated variants of the Lebanese loop scam have developed. In some cases, the fraudsters attach a small camera to the ATM to record the victim entering their PIN. The video from this camera is then transmitted to the fraudsters, who may be waiting near the machine and viewing the video on a laptop computer,[4] meaning they need not approach the victim directly. There have been cases where a fake keypad is fitted to the machine over the top of the real one, and this records the PINs entered.[2]

Evaluation of Lebanese loop fraud technique

There are distinct considerations, advantages, and disadvantages to this technique from the fraud perpetrator's perspective.

Since the Lebanese Loop is only able to capture one card at a time and the card holder will usually react quickly to the loss of the card, the technique must be widely deployed to net a useful number of cards in a short amount of time. This may require a large workforce to accomplish the task.

Often ATM vestibules have video surveillance equipment installed in them, which can make identification of the perpetrator and method easier. [5]

Lebanese Loop devices are relatively simple to construct, which means a lower skill level is required by the perpetrator than with a “skimming” technique.

Spread

The Lebanese Loop has been a problem in countries with a high number of ATMs like the UK,[4] the United States,[6] Germany [7] and France.[8] Russian criminal gangs are known to have involvement in the execution of this and other fraud techniques.[9]

Industry reaction

ATM manufacturers have resorted to several methods to counteract the Lebanese Loop, generally consisting of adding various sensing mechanisms to the card readers. Various network activity profiling processes can be applied to attempt to detect this activity.[10]

ATM industry groups also counsel cardholders to take precautions when entering their PIN into any device.[11]

Precautions Cardholders can take against the Lebanese Loop

There are a number of methods which cardholders can use to help prevent themselves from falling victim to Lebanese loop-type scams:

Other forms of card fraud

Other variants of fraud may use a “skimming” technique, where an electronic device is fitted over the ATM's card slot and which reads the information encoded into the magnetic strip on the back of the victim's card as it is inserted. This variant does not require the card to be retained; the transaction runs normally, and the data recorded from the original card is copied to another blank magnetic stripe card, which is then used to withdraw cash.

At their most sophisticated, scams can involve the construction and installation of fake fascias built to fit particular ATMs or other card reading devices. These false fronts can house any of the above devices to gather data from the user and allow the perpetrators to acquire or clone cards and their associated PINs. These fakes can often be indistinguishable from unmodified devices to the untrained eye.

See also

References

  1. ^ Schreiber, Barry. ATM Security Forecast at Forefront of 1996 Plans. EFT Report, vol. 19 issue 2, Jan 18 1996
  2. ^ a b Nettleton, Philip. Lebanese loop is new cashpoint con. Evening Standard (London), Feb 5 2001 [1]
  3. ^ http://www.snopes.com/inboxer/scams/atmtheft.htm
  4. ^ a b Summers, Chris; Toyne, Sarah (2003-10-09). "BBC News - Gangs preying on cash machines". http://news.bbc.co.uk/1/hi/uk/3157214.stm. Retrieved 2006-07-21. 
  5. ^ SiliconRepublic.com: Attack of the clones
  6. ^ ATM Security | Landscaper admits to Lebanese loop scam at ATMs in 4 states and D.C. | ATM Marketplace
  7. ^ TU Berlin - Hoax-Info - Extra-Blatt: Ausspionieren von EC-Karten-Daten
  8. ^ Google cache of Detroit Free Press article
  9. ^ canada.com
  10. ^ Fraud fight gets more proactive at ATMs | ATM Marketplace
  11. ^ http://www.interac.org/en_n2_51_cardholdertips.html
  12. ^ Lebanese Loop at Snopes.com.