48th EAST Meeting hosted by Europol in The Hague

The 48th EAST Meeting (National Members) was hosted by Europol at their Headquarters in The Hague on 5th June 2019. Presentations were made by the European Cybercrime Centre (EC3) and the European Serious Organised Crime Centre (ESOCC).

National country crime updates were provided by 18 countries, and a global update by HSBC. Topics covered included payment fraud and the evolution of payment technology, ATM malware and logical attacks, terminal related fraud attacks and ATM related physical attacks.

Presentations were also given by the EAST Payments Task Force (EPTF), the EAST Expert Group on All Terminal Fraud (EGAF) and the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).

EAST Fraud Update 2-2019 will be produced later this month, based on the national country crime updates provided at the meeting. EAST Fraud Updates are available on the EAST Website to EAST Members.

48th EAST Meeting

EPTF holds Fifth Meeting

EPTF

The Fifth Meeting of the EAST Payments Task Force (EPTF) took place on Wednesday 17th April 2019 at the Banking & Payments Federation Ireland (BPFI) in Dublin.

The EPTF is a specialist task force that discusses security issues affecting the payments industry and that gathers, collates and disseminates related information, trends and general statistics.

The meeting was chaired by Mr Rui Carvalho, EAST Development Director, and was attended by key representatives from Card Issuers, International Banks, Law Enforcement, Payment Processors, Payment Providers and Solution Providers.

EPTFPresentations or updates were given by BANCOMAT S.p.A, Diebold Nixdorf,  EURO Kartensysteme GmbHEuropol, EVRY Norge AS, Fiducia & GAD, Group-IB, ING, INTERPOL, JP Morgan Chase, Payment Services Austria, PLUSCARD Gmbh, and Trend Micro.

The Group, which meets twice a year, adds value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.  EAST National Members represent 35 countries and outputs from the group are presented to National Member Meetings.  There are 210 EAST Associate Member Organisations from 53 countries and territories.

EAST Presents at CyberSouth Event

CyberSouthEAST Executive Director Lachlan Gunn presented at a CyberSouth Regional Workshop on Business Email Compromise (CEO Fraud) and Electronic Payment Fraud on 13 November 2018 . The event, which ran from 12-14 November 2018, was held at the Directorate for Investigating Organised Crime and Terrorism (DIICOT) in Bucharest, Romania and was implemented by the Council of Europe.  The CyberSouth project focuses on cooperation on cybercrime in the Southern Neighbourhood and aims at reinforcing the capacities of specialised units with responsibilities relating to tackling cybercrime and dealing with electronic evidence.

The workshop focused on increasing the knowledge of the participants on the different trends and typologies of online fraud and of electronic payment fraud in order to assist with strengthening the capacity of the criminal justice authorities in the CyberSouth countries to search for, seize, and confiscate the illicit proceeds of cyber-criminals in the target areas.  Cybercrime investigators and prosecutors from the following Southern Neighbourhood priority area countries attended the event: Algeria; Jordan; Lebanon; Morocco; Tunisia.

National representatives were also present from Germany, Israel, Romania and the USA.  Europol and Eurojust were present and the private sector was represented by American Express, BIT Defender and EAST.

The EAST presentation covered the structure and methodology used by EAST to help improve public/private sector cross-border cooperation in the fight against organised cross-border crime, and then shared information on the latest statistics and trends relating to logical (black box) attacks against ATMs, and also on malware used to enable jackpotting (cash out) at ATM locations.  The latest fraud definitions produced by EAST were also shared and it was advised that an updated version of these will soon be available.  These definitions are aimed at helping law enforcement agencies, private sector fraud investigators and other stakeholders to standardise reporting terminology when following up on incidents.

The Cybercrime Programme Office of the Council of Europe (C-PROC), based in Bucharest, is responsible for assisting countries worldwide in the strengthening of their criminal justice capacity to respond to to the challenges posed by cybercrime and electronic evidence on the basis of the standards of the Budapest Convention of Cybercrime.  This is the only binding international instrument on this issue and serves as a guideline for any country developing comprehensive national legislation against Cybercrime and as a framework for international cooperation between State Parties to The Convention on Cybercrime of the Council of Europe (CETS No.185).

 

Cross-border e-Commerce Police action leads to 95 arrests

Police forces across Europe have arrested 95 professional fraudsters and members of internet-based criminal networks in a successful cross-border e-Commerce Action (eComm 2018).

The joint law enforcement operation, coordinated by the European Cybercrime Centre (EC3) from Europol’s headquarters in The Hague, was supported by 28 countries and ran from 4 to 15 June 2018. It received the direct assistance from merchants, logistic companies, and banks and payment card schemes. Europol also supported national authorities on-the-spot by providing analytical services in their investigations.

The main goal was to target online fraud through a coordinated law enforcement action within the European Union (EU) and beyond, followed by an awareness-raising campaign. This action also marks the start of several investigations with more arrests expected in the next few months. The activity was inspired by a similar UK pilot conducted in collaboration with Visa.

The suspects arrested during the operation were responsible for more than 20 000 fraudulent transactions with compromised credit cards, with an estimated value exceeding EUR 8 million.

The e-commerce action focused on combating card-not-present (CNP) fraud, to help create a safer online environment for customers worldwide by sharing information and developing best practices between law enforcement and the private sector. It promotes the hashtag  #BuySafePaySafe: tips to avoid becoming a fraud victim.

For more information visit Europol’s website.

Rui Carvalho, Chair of the EAST Payments Task Force (EPTF), represents EAST at Europol’s e-Commerce actions.

 

5th Europol-INTERPOL Cybercrime Conference

The Europol-INTERPOL Cybercrime Conference is a joint initiative launched in 2013. Held annually, it is hosted alternatively by Europol and INTERPOL.  This year, more than 420 participants gathered at Europol’s headquarters in The Hague to attend the 5th annual Europol-INTERPOL Cybercrime Conference.

The central theme of this three day conference, from 27-29 September 2017, was “Actively united for a safer cyber space” and has underlined the importance of law enforcement, private sector, academia, government and NGOs jointly engaging in the fight against cybercriminals.

Expanding on the theme of last year’s conference hosted by INTERPOL in Singapore  – ‘Solutions for Attribution’ – this year’s conference saw 205 participants from different sectors representing more than 185 organisations and 167 law enforcement representatives from 68 countries engaging in fruitful and solution-oriented discussions on a number of cybercrime-related topics.  EAST Executive Director Lachlan Gunn attended the event on behalf of EAST.

More than 50 speakers actively elaborated on the current and new threats and trends in cybercrime , the financial aspects of cybercrime, Internet of Things security and resilience, strategies to combat ransomware, the criminal abuse of encryption and anonymisation, Darknet market sites, access to data and electronic evidence, and DNS abuse.

In the part of the Agenda that focused on the financial aspects of cybercrime cases were presented by both law enforcement agencies and the private sector.  Key topics in this section were new types of logical attack on ATMs and a history of the different types of financial malware.  Threats and trends were also covered which included a threat assessment and current view of the European fraud landscape.

cybercrime

 

EAST presents at INTERPOL Dialogue

EAST presents at INTERPOL DialogueOn 13th July 2017 Otto de Jong from ING Netherlands and chair of the EAST Expert Group on All Terminal Fraud (EGAF) attended and presented at the INTERPOL event Countering Cyber and Financial Crimes: A High-level Dialogue for a New Governance Architecture in Lyon, France.

Otto de Jong (second from right in the picture) gave an overview of EAST and covered ATM Crime and Card Fraud rising threats from the perspective of the private sector.

Nearly 190 representatives from law enforcement, financial, telecommunications and Internet sectors discussed cyber-enabled fraud issues and recommendations aimed at streamlining the global response in the face of escalating cyber and financial crime threats.

ATM Malware Criminals Apprehended

Five members of an international organised criminal group (OCG) have been arrested and three of them convicted so far as a result of a complex operation led by law enforcement agencies from Europe and Asia, with the active support of Europol’s European Cybercrime Centre (EC3).  One arrest was made by the Romanian National Police, three arrests by the Taiwanese Criminal Investigation Bureau and one arrest by the Belarusian Central Office of the Investigative Committee.  EC3 assisted the investigation by providing analytical support, organising operational meetings in Europe and Asia as well as analysing the seized data/ equipment.

This OCG is responsible for carrying out highly-sophisticated ATM malware attacks against bank ATMs, which were made to dispense all the money they contained (known as cash-out or jackpotting).  The modus operandi employed was highly sophisticated and involved:

  • spear-phishing emails with attachments containing malicious programmes,
  • penetration of the banks’ internal networks,
  • compromising and controlling the network of ATMs,
  • special computer programmes which deleted most of the traces of the criminal activity, etc.

Related losses suffered by the affected banks are estimated at around EUR 3 million. In some cases, after the cashing-out, the stolen money was partially recovered from the criminals.

EC3A key factor for the successful dismantling of this international cybercrime syndicate was close police cooperation on the global level and deep involvement of the Europol Liaison Office at the INTERPOL Global Complex for Innovation (IGCI).

Steven Wilson, Head of EC3, said: “The majority of cybercrimes have an international dimension, taking into account the origins of suspects and places where crimes are committed. Only through a coordinated approach at the global level between law enforcement agencies can we successfully track down the criminal networks behind such large-scale frauds and bring them to justice.”  Mr Wilson will give the keynote address at the EAST Financial Crime and Security Forum which will be held in The Hague on 8th/9th June 2017.

To further strengthen international police cooperation the Third Strategic Meeting on Payment Card Fraud (PCF) was held last month at the Electronic Transactions Development Agency (ETDA) in Bangkok, Thailand.

Europol, working with the EAST Expert Group on ATM Fraud (EGAF), has published guidelines to help industry and law enforcement counter the threat presented by ATM logical and malware attacks.

Head of EC3 will give Keynote Address at EAST FCS 2017

Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3) will give the keynote address at the EAST Financial Crime and Security Forum (EAST FCS 2017) which will be held in The Hague on 8th/9th June 2017.

Europol set up EC3 in 2013 to strengthen the law enforcement response to cybercrime in the EU and thus to help protect European citizens, businesses and governments from online crime.

Cybercrime is a wide and varied problem and the EC3 is a key part of Europol’s, and the EU’s, response.  EC3 takes a three-pronged approach to the fight against cybercrime: forensics, strategy and operations.

EC3 recognises the severity of the threat presented by ATM logical and malware attacks and has prepared security guidelines regarding this new cyber threat to ATMs.  The production of this document was coordinated by the EAST Expert Group on ATM Fraud (EGAF), and is the first of its kind.  Versions are now available in English, German, Italian and Spanish.

Europol is actively developing international cooperation on combating payment fraud, which is one of the EU priorities within the EU Policy Cycle 2014-2017 for organised crime and serious international crime as endorsed by the Council of the EU.  As part of this EC3 has consistently undertaken a proactive approach, assisting EU law enforcement authorities (LEAs) to combat payment card fraud.  On 13th / 14th December 2016, EC3, together with ASEANAPOL and INTERPOL, and with the support of the Romanian National Police and the Royal Thai Police, organised the Third Strategic Meeting on Payment Card Fraud (PCF) in Bangkok Thailand.

Speaker Spotlight

Steven Wilson - EAST FCS 2017

In January 2016 Steven Wilson became the Head of EC3.

Prior to that he served for 30 years with Police Scotland, which included roles with Strathclyde Police, Scottish Crime and Drug Enforcement Agency and Her Majesty’s Inspectorate of Constabulary.  He has worked in a wide range of Senior Detective roles including major investigations, counter terrorism, covert policing, management of sex offenders, fugitives and witness protection.  He had responsibility for all aspects of cyber and cyber enabled crime in Scotland and sat on government, industry and academic groups.  He also represented Scotland on UK national and European cyber groups.

Book soon to ensure you don’t miss your opportunity to attend the event. Places are limited and registration priority will be given to EAST Members, National and Associate.  The early-bird registration discount will expire on Monday 16th January 2017.

EAST participates in International Payment Card Fraud Meeting in Bogota

Bogota PCF MeetingRui Carvalho, EAST Director and national representative for Portuguese National Member SIBs (Sociedade Interbancaria de Servicos S.A.), participated in a two-day meeting in Bogota (Colombia) to discuss payment card fraud overseas and money withdrawals in Latin America.

The meeting, which took place on 28th and 29th October 2015, was organised by Europol in cooperation with the Colombian authorities (Policia Nacional and its Liaison Bureau at Europol) with the financial support of the Romanian authorities.

The meeting participants were 26 experts from EU Member States (Spain, Portugal and Romania), the United States and Latin America (Colombia, Brazil, Dominican Republic, Mexico and Chile).

The aim of the meeting was to increase awareness on card skimming and related overseas cash withdrawals, to share best practices, and to identify new logical attacks and malware targeting ATMs and Point-of-Sales (POS) Terminals.

A number of panel discussions took place to help improve the cooperation of police and judicial organisations in this area.  EAST participated in these discussions, along with representatives from the banking sector, the Colombian Prosecutor’s office and AMERIPOL, which provided an essential multi-stakeholder approach to fighting this transnational organised crime.

More information can be found on the Europol website.

Europol - AMERIPOL - Bogota

 

 

EAST Attends Europol-Interpol Cybercrime Conference 2015

Europol-Interpol Cyberconf 2015Lachlan Gunn, EAST Executive Director, and Otto de Jong, Chair of the EAST Expert Group on ATM Fraud (EGAF), attended the Europol-Interpol Cybercrime Conference held at the European Cybercrime Centre (EC3) in The Hague.

Presentations on cybercrime threats were given by Europol (introducing the IOCTA 2015), Interpol, the Internet Security Industry and the Financial Sector. The tackling of ATM Malware was covered during this section. EAST has supported Europol with the production of ‘Guidance & recommendations regarding logical attacks on ATMs’.

Law Enforcement representatives from several countries highlighted exiting capabilities to fight cybercrime and an overview of international cooperation frameworks was given by various experts and then discussed by a panel.

Other topics included Cyber Security, fighting the abuse of Virtual Currencies and Cybercrime Evolution in Africa.