Lebanese loop

Last updated October 29, 2024

A Lebanese loop is a device used to commit fraud and identity theft by exploiting automated teller machines (ATMs). In its simplest form, it is a strip or sleeve of metal or plastic which blocks the ATM's card slot, causing any inserted card to be apparently retained by the machine, allowing it to be retrieved by the fraudster when the card holder leaves.

Process

The term “Lebanese loop” is applied to any number of similar devices that are used to perpetrate ATM fraud by retaining the user's card. In their simplest form, Lebanese loops consist of a strip or sleeve of metal or plastic (even something as simple as a strip of video cassette tape) that is inserted into the ATM's card slot. Some loops have a covering fascia which appears superficially to be part of the ATM, while others are simply a length of dark-coloured tape with glue strips to hold it temporarily inside an ATM slot.^[6] Lebanese Loop devices are relatively simple to construct, requiring less technical skill than a card skimming technique.

When the victim inserts their ATM card, the loop is long and narrow enough that the ATM machinery can still fully draw the card in and read it. The victim then enters their personal identification number (PIN) as normal, and requests the funds. The ATM then tries to eject the card, the loop device prevents the card from being ejected, either with a flap covering the fascia's slot, or a diagonal slit in the tape which catches against the card.^[6] The machine senses that the card has not been ejected, and draws the card back into the machine. The cash drawer does not open, and the money that has been counted is retained by the machine. In most cases, the victim's account is not debited. The victim believes the machine has malfunctioned or genuinely retained their card.^[7]

In a typical scam, the perpetrator will obtain the victim's PIN either by watching them enter it the first time (shoulder surfing), or by approaching the victim under the pretense of offering help and suggesting they re-enter their PIN (and again, watching them do so). More sophisticated variants of the Lebanese loop scam have developed. In some cases, the fraudsters attach a small camera to the ATM to record the victim entering their PIN. The video from this camera is then transmitted to the fraudsters, who may be waiting near the machine and viewing the video on a laptop computer,^[2] meaning they need not approach the victim directly. There have been cases where a fake keypad is fitted to the machine over the top of the real one, and this records the PINs entered.^[7]

Once the victim has left the area, the perpetrator retrieves the loop and the trapped card, and uses it, along with the stolen PIN, to withdraw cash from the victim's account.^[8]

Since the Lebanese Loop is only able to capture one card at a time and the card holder will usually react quickly to the loss of the card, the technique must be widely deployed to net a useful number of cards in a short amount of time. This may require a large workforce to accomplish the task.^{[ citation needed ]}

Countermeasures

ATM manufacturers have resorted to several methods to counteract the Lebanese Loop, generally consisting of adding various sensing mechanisms to the card readers. Various network activity profiling processes can be applied to attempt to detect this activity.^[9] Often ATM vestibules have video surveillance equipment installed in them, which can make identification of the perpetrator and method easier.^[10]

ATM industry groups counsel cardholders to take precautions when entering their PIN into any device.^[11] Customers are also advised to avoid an ATM if strangers are standing next to it (especially if they do not move after being asked), be careful of ATMs which appear out of the ordinary (such as having unusual instructions attached), to never enter a PIN more than twice (to prevent the card from being retained by the machine), and to ignore advice from "helpful" strangers who may approach when they see a customer is having difficulty.^[12]

Other forms of card fraud

Other variants of fraud may use a “skimming” technique, where an electronic device is fitted over the ATM's card slot and which reads the information encoded into the magnetic strip on the back of the victim's card as it is inserted. This variant does not require the card to be retained; the transaction runs normally, and the data recorded from the original card is copied to another blank magnetic stripe card, which is then used to withdraw cash.

At their most sophisticated, scams can involve the construction and installation of fake fascias built to fit particular ATMs or other card reading devices. These false fronts can house any of the above devices to gather data from the user and allow the perpetrators to acquire or clone cards and their associated PINs. These fakes can often be indistinguishable from unmodified devices to the untrained eye.

Related Research Articles

A debit card, also known as a check card or bank card, is a payment card that can be used in place of cash to make purchases. The card usually consists of the bank's name, a card number, the cardholder's name, and an expiration date, on either the front or the back. Many new cards now have a chip on them, which allows people to use their card by touch (contactless), or by inserting the card and keying in a PIN as with swiping the magnetic stripe. Debit cards are similar to a credit card, but the money for the purchase must be in the cardholder's bank account at the time of the purchase and is immediately transferred directly from that account to the merchant's account to pay for the purchase.

An automated teller machine (ATM) is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, funds transfers, balance inquiries or account information inquiries, at any time and without the need for direct interaction with bank staff.

A personal identification number is a numeric passcode used in the process of authenticating a user accessing a system.

EMV is a payment method based on a technical standard for smart payment cards and for payment terminals and automated teller machines which can accept them. EMV stands for "Europay, Mastercard, and Visa", the three companies that created the standard.

Bank fraud is the use of potentially illegal means to obtain money, assets, or other property owned or held by a financial institution, or to obtain money from depositors by fraudulently posing as a bank or other financial institution. In many instances, bank fraud is a criminal offence.

Interac is a Canadian interbank network that links financial institutions and other enterprises for the purpose of exchanging electronic financial transactions. Interac serves as the Canadian debit card system and the predominant funds transfer network via its e-Transfer service. There are over 59,000 automated teller machines that can be accessed through the Interac network in Canada, and over 450,000 merchant locations accepting Interac debit payments.

Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.

Mondex was a smart card electronic cash system, implemented as a stored-value card and owned by Mastercard.

Payment cards are part of a payment system issued by financial institutions, such as a bank, to a customer that enables its owner to access the funds in the customer's designated bank accounts, or through a credit account and make payments by electronic transfer with a payment terminal and access automated teller machines (ATMs). Such cards are known by a variety of names, including bank cards, ATM cards, client cards, key cards or cash cards.

Identity fraud is the use by one person of another person's personal information, without authorization, to commit a crime or to deceive or defraud that other person or a third person. Most identity fraud is committed in the context of financial advantages, such as accessing a victim's credit card, bank accounts, or loan accounts. False or forged identity documents have been used in criminal activity or in dealings with government agencies, such as immigration. Today, the identities of real persons are often used in the preparation of these false documents. This can lead to bad consequences and trouble.

Ukash was a UK-based electronic money system that allowed users to exchange their cash for a secure code to make payments online. It was acquired by Skrill Group in April 2014 and merged into Austrian competitor paysafecard, acquired by Skrill a year earlier. All existing vouchers expired after 31 October 2015. Remaining ones could be exchanged into paysafecard PINs, in May 2016 paysafecard announced completion of the process.

Voice phishing, or vishing, is the use of

telephony to conduct phishing attacks.

The payment card industry (PCI) denotes the debit, credit, prepaid, e-purse, ATM, and POS cards and associated businesses.

Internet fraud prevention is the act of stopping various types of internet fraud. Due to the many different ways of committing fraud over the Internet, such as stolen credit cards, identity theft, phishing, and chargebacks, users of the Internet, including online merchants, financial institutions and consumers who make online purchases, must make sure to avoid or minimize the risk of falling prey to such scams.

The Chip Authentication Program(CAP) is a MasterCard initiative and technical specification for using EMV banking smartcards for authenticating users and transactions in online and telephone banking. It was also adopted by Visa as Dynamic Passcode Authentication (DPA). The CAP specification defines a handheld device (CAP reader) with a smartcard slot, a numeric keypad, and a display capable of displaying at least 12 characters (e.g., a starburst display). Banking customers who have been issued a CAP reader by their bank can insert their Chip and PIN (EMV) card into the CAP reader in order to participate in one of several supported authentication protocols. CAP is a form of two-factor authentication as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading so-called phishing emails.

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.

Automated teller machines (ATMs) are targets for fraud, robberies and other security breaches. In the past, the main purpose of ATMs was to deliver cash in the form of banknotes, and to debit a corresponding bank account. However, ATMs are becoming more complicated and they now serve numerous functions, thus becoming a high priority target for robbers and hackers.

A card-not-present transaction is a payment card transaction made where the cardholder does not or cannot physically present the card for a merchant's visual examination at the time that an order is given and payment effected. It is most commonly used for payments made over the Internet, but can also be used with mail-order transactions by mail or fax, or over the telephone.

<span class="mw-page-title-main">Card security code</span> Security feature on payment cards

A card security code is a series of numbers that, in addition to the bank card number, is printed on a credit or debit card. The CSC is used as a security feature for card not present transactions, where a personal identification number (PIN) cannot be manually entered by the cardholder. It was instituted to reduce the incidence of credit card fraud. Unlike the card number, the CSC is deliberately not embossed, so that it is not read when using a mechanical credit card imprinter which will only pick up embossed numbers.

A SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.

References

↑ Schreiber, Barry. ATM Security Forecast at Forefront of 1996 Plans. EFT Report, vol. 19 issue 2, Jan 18 1996
1 2 Summers, Chris; Toyne, Sarah (2003-10-09). "BBC News - Gangs preying on cash machines" . Retrieved 2006-07-21.
↑ ATM Security | Landscaper admits to Lebanese loop scam at ATMs in 4 states and D.C. | ATM Marketplace Archived 2005-03-02 at the Wayback Machine
↑ TU Berlin - Hoax-Info - Extra-Blatt: Ausspionieren von EC-Karten-Daten
↑ Google cache of Detroit Free Press article
1 2 "Atm theft atm theft Lebanese loop".
1 2 Nettleton, Philip. Lebanese loop is new cashpoint con. Evening Standard (London), February 5, 2001
↑ "Lebanese Loop ATM Theft". 15 May 2001.
↑ Fraud fight gets more proactive at ATMs | ATM Marketplace Archived 2006-05-09 at the Wayback Machine
↑ SiliconRepublic.com: Attack of the clones Archived 2006-07-20 at the Wayback Machine
↑ "Interac Association - Protect Your PIN > Cardholder Tips". www.interac.org. Archived from the original on 12 February 2003. Retrieved 14 January 2022.
↑ Lebanese Loop at Snopes.com.

External links

SS Richard Montgomery Matter: How Lebanese Loops Work

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[schreiber1996-1] Schreiber, Barry. ATM Security Forecast at Forefront of 1996 Plans. EFT Report, vol. 19 issue 2, Jan 18 1996

[bbcnews2003-2] 1 2 Summers, Chris; Toyne, Sarah (2003-10-09). "BBC News - Gangs preying on cash machines" . Retrieved 2006-07-21.

[3] ATM Security | Landscaper admits to Lebanese loop scam at ATMs in 4 states and D.C. | ATM Marketplace Archived 2005-03-02 at the Wayback Machine

[4] TU Berlin - Hoax-Info - Extra-Blatt: Ausspionieren von EC-Karten-Daten

[5] Google cache of Detroit Free Press article

[ssr-6] 1 2 "Atm theft atm theft Lebanese loop".

[nettleton2001-7] 1 2 Nettleton, Philip. Lebanese loop is new cashpoint con. Evening Standard (London), February 5, 2001

[8] "Lebanese Loop ATM Theft". 15 May 2001.

[9] Fraud fight gets more proactive at ATMs | ATM Marketplace Archived 2006-05-09 at the Wayback Machine

[10] SiliconRepublic.com: Attack of the clones Archived 2006-07-20 at the Wayback Machine

[11] "Interac Association - Protect Your PIN > Cardholder Tips". www.interac.org. Archived from the original on 12 February 2003. Retrieved 14 January 2022.

[12] Lebanese Loop at Snopes.com.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]