As payment cards and mobile devices are equipped with Near Field Communication (NFC) technology, electronic payment transactions at physical Point of Sale (POS) environments are changing. Payment transactions do not require the customer to insert their card into a slot of the payment terminal. The customer is able to simply swipe the payment card or mobile phone in front of a dedicated zone of the terminal to initiate a payment transaction. Secure Elements (SEs) in mobile phones and payment cards with NFC should keep sensitive application data in a save place to protect it from abuse by attackers. Although hardware and the operating system of such a chip has to go through an intensive process of security testing, the current integration of such a chip in mobile phones easily allows attackers to access the information stored. In the following paper we present the implementation of two different proof-of-concept attacks. Out of the analysis of the attack scenarios, we propose various starting points for the forensic analysis in order to detect such fraudulent transactions. The presented concept should lead to fewer fraudulent transactions as well as protected evidence in case of fraud.