Europol’s AG-Financial Services meets in The Hague

EAST Development Director Rui Carvalho participated in and presented at a meeting of Europol’s Advisory Group on Financial Services (AG-Financial Services) on 20th November 2019 in The Hague.  The AG-Financial Services advises the Programme Board of the European Cybercrime Centre (EC3) at Europol. Its purpose is to:

  • bring knowledge and expertise to the Programme Board on the impact of cybercrime on financial services and on how this sector and law enforcement can cooperate in the prevention and combating of cybercrime;
  • update and share all relevant information and expertise on developments in the area of cybercrime that affect financial services;
  • assist the Programme Board in defining priorities for the work of EC3 in this area, including by advising on the cooperation with the financial services and on developing concepts for enhanced prevention;
  • advise the Programme Board on increasing the sharing/exchange of information between law enforcement and financial services

Rui Carvalho is also Chair of the EAST Payments Task Force (EPTF) which has great synergy with AG- Financial Services in that its remit, as a public-private sector expert working group, covers the impact of cybercrime on financial services.

60 arrested in connection with e-commerce fraud

e-commerce fraud

Advisory Group on Financial ServicesA joint law enforcement operation, coordinated by Europol’s European Cybercrime Centre (EC3) and  supported by 19 countries, led to the arrest of 60 people suspected of e-commerce fraud. The main aim of the 2019 e-Commerce Action (eComm 2019) is to target criminal networks suspected of online fraud through coordinated law enforcement action within the European Union, followed by an awareness-raising campaign.  The operation ran from 23 September to 4 October 2019.

E-commerce fraud includes illegal or false transactions made on online platforms, apps and services or over the internet: fraudsters simply use stolen card information to purchase goods on webshops.  The suspects arrested during the operation were responsible for almost 6,500 fraudulent transactions with compromised credit cards, with an estimated value exceeding €5 million.

Europol supported national competent authorities during the operations in their respective countries with analytical support and information exchange. In order to protect customers from fraudulent payments and assure a safe online environment, Europol also collaborated with banks, payment card schemes European retailers and logistics companies. The private sector supported the action cooperating with national law enforcement authorities, by reporting fraudulent activity. This collaboration between law enforcement and the private sector has proven beneficial and led to the development of best practices.

To protect consumers and provide them with more information, the Payment Service Directive 2 (PSD 2) came into effect in September 2019. One important aspect of the PSD 2 is described as Secure Customer Authentication (SCA), a secure process for customers when paying online.

STAY SAFE ONLINE

It is always better to prevent a crime, rather than solve a crime. This operational action was followed by a prevention and awareness-raising campaign, #BuySafePaySafe. There are a number of guidance measures you can follow to avoid becoming a victim of fraud:

  • make sure the device you are using to make online purchases is properly configured and the internet connection is safe;
  • using a card is a safe method of payment online as long as you exercise the same care as in other shopping;
  • there are simple warning signs that can help you identify scams. If you are a victim of online fraud, report it to the police. If you bought the product with a credit or debit card, report it to your bank as well;
  • check your online banking service regularly. Notify your bank immediately if you see payments or withdrawals that you have not made yourself.​

Read more about safe online shopping on e-Commerce: tips and advice to avoid becoming a fraud victim. and watch the below video to see how making the wrong choice can be very costly.

The EAST Payments Task Force (EPTF) is focussed on security issues affecting the payments industry, such as e-commerce fraud.

 

49th EAST Meeting hosted by LINK in London

The 49th EAST Meeting (National Members) was hosted by the LINK Scheme in London on 8th October 2019. National country crime updates were provided by 20 countries, and a global update by HSBC.  Topics covered included payment fraud and the continuing evolution of payment technology and related threats, terminal related fraud attacks, malware and logical attacks, and ATM related physical attacks.

The European Cybercrime Centre (EC3) at Europol gave a presentation on the ‘Genesis’ dark web marketplace where cyber-criminals are selling digital fingerprints (bots).  This was followed by a presentation from the INTERPOL Financial Crimes unit on ATM and payment crime.

The Gulf Cooperation Council Police (GCCPOL) then shared an update on payment and fraud isses seen by their 6 member countries. In recognition of their first attendance at an EAST Meeting, GCCPOL representative Major Mohammed Khalid Alabsi presented the current Chair of EAST, Ms Veronica Borgogna (BANCOMAT SpA), with a mementoe of the occasion.  EAST Executive Director Lachlan Gunn said: “We are delighted to be strengthening our relationship with the GCC and the Arab States of the Gulf, another step forward in enhancing the global value of our National Member platform.”

Presentations were also given by the EAST Expert Group on All Terminal Fraud (EGAF) and the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).  An update was given by the EAST Payments Task Force (EPTF).

EAST Fraud Update 3-2019 will be produced later this month, based on the national country crime updates provided at the 49th EAST Meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

EAST participates in Europol’s AG-Financial Services

EAST Development Director Rui Carvalho participated in and presented at a meeting of Europol’s Advisory Group on Financial Services (AG-Financial Services) on 20th June 2019.  The meeting was held at Europol’s HQ in The Hague.  The AG-Financial Services advises the Programme Board of the European Cybercrime Centre (EC3) at Europol. Its purpose is to:

  • bring knowledge and expertise to the Programme Board on the impact of cybercrime on financial services and on how this sector and law enforcement can cooperate in the prevention and combating of cybercrime;
  • update and share all relevant information and expertise on developments in the area of cybercrime that affect financial services;
  • assist the Programme Board in defining priorities for the work of EC3 in this area, including by advising on the cooperation with the financial services and on developing concepts for enhanced prevention;
  • advise the Programme Board on increasing the sharing/exchange of information between law enforcement and financial services

Rui Carvalho is also Chair of the EAST Payments Task Force (EPTF) which has great synergy with AG- Financial Services in that its remit, as a public-private sector expert working group, covers the impact of cybercrime on financial services.  Going forwards he will share updates from the EPTF at future meetings of the AG-Financial Services.

 

Europol and EBF launch cyberscams awareness campaign

avoid cyberscamsEuropol’s European Cybercrime Centre (EC3), the European Banking Federation (EBF) and their partners from the public and private sector have launched the cyberscams awareness campaign (#Cyberscams) as part of the European Cyber Security Month (ECMS). The ECMS is an EU awareness campaign that promotes cyber security among citizens and organisations, highlighting simple steps that can be taken to protect their personal, financial and professional data.

Over the next week, law enforcement agencies from all 28 EU Member States, 5 non- EU Member States, 24 national banking associations and banks and many other cybercrime fighters will be raising awareness about this criminal phenomenon. This pan-European endeavour will be driven by a communication campaign via social media channels and national law enforcement, bank associations and financial institutions.  The EAST Payments Task Force (EPTF) focuses on tackling such cyberscams.

Europol’s Internet Organised Crime Threat Assessemtnt (IOCTA) 2018 recommendations highlight that the most effective defence against social engineering is the education of potential victims – that’s each and every one of us when online! Raising awareness among the general public on how to identify cyberscams will help to protect us and keep our finances safe online.

Awareness-raising material in 27 languages is available for public download – this includes information on the 7 most common online financial scams, and how to avoid them.  These are:

  • CEO fraud: scammers pretend to be your CEO or senior representative in the organisation and trick you into paying a fake invoice or making an unauthorised transfer out of the business account.
  • Invoice fraud: they pretend to be one of your clients/suppliers and trick you into paying future invoices into a different bank account.
  • Phishing/Smishing/Vishing: they call you, send you a text message or an email to trick you into sharing your personal, financial or security information.
  • Spoofed bank website fraud: they use bank phishing emails with a link to the spoofed website. Once you click on the link, various methods are used to collect your financial and personal information. The site will look like its legitimate counterpart, with small differences.
  • Romance scam: they pretend to be interested in a romantic relationship. It commonly takes place on online dating websites, but scammers often use social media or email to make contact.
  • Personal data theft: they harvest your personal information via social media channels.
  • Investment and online shopping scams: they make you think you are on a smart investment… or present you with a great fake online offer.

Some general tips to help avoid falling victim to the above cyberscams are:

  • Check your online accounts regularly.
  • Check your bank account regularly and report any suspicious activity to your bank.
  • Perform online payments only on secure websites (check the URL bar for the padlock and https) and using secure connections (choose a mobile network instead of public Wi-Fi).
  • Your bank will never ask you for sensitive information such as your online account credentials over the phone or email.
  • If an offer sounds too good to be true, it’s almost always a scam.
  • Keep your personal information safe and secure.
  • Be very careful about how much personal information you share on social network sites. Fraudsters can use your information and pictures to create a fake identity or to target you with a scam.
  • If you think that you have provided your account details to a scammer, contact your bank immediately.
  • Always report any suspected fraud attempt to the police, even if you did not fall victim to the scam.

Don’t become a cyberscams victim!  Stay aware and spread the word

EAST joins Europol’s Advisory Group on Financial Services

EAST Development Director Rui Carvalho will represent EAST at Europol’s Advisory Group on Financial Services, an advisory group to the Programme Board of the European Cybercrime Centre (EC3).  In the context of the cross-border fight against cybercrime the purpose of the advisory group is to:

  • bring knowledge and expertise to the Programme Board on the impact of cybercrime on financial services and on how this sector and law enforcement can cooperate in the prevention and combating of cybercrime;
  • update and share all relevant information and expertise on developments in the area of cybercrime that affect financial services;
  • assist the Programme Board in defining priorities for the work of EC3 in this area, including by advising on the cooperation with the financial services and on developing concepts for enhanced prevention;
  • advise the Programme Board on increasing the sharing/exchange of information between law enforcement and financial services.

EAST has worked closely with Europol since 2004 and in 2015 Europol and EAST signed a Memorandum of Understanding to further strengthen the partnership.

EAST Executive Director Lachlan Gunn said: “I am delighted that EAST can support Europol in the Advisory Group on Financial Services, a further development of our strategic partnership.  Since 2015, and in addition to the normal operation of our National Member and Expert Group meetings, EAST has supported Europol at five strategic payment card fraud meetings in Asia, most recently in May in Vietnam, and also at similar meetings in The Hague and in Colombia.  We have also presented at three Europol Trainings on Payment Card Fraud Forensics, most recently in June at the Spanish National Police Academy.” 

EAST Attends Europol’s Cryptocurrencies Conference

Rui Carvalho, Chair of the EAST Payments Task Force (EPTF), attended the 5th Virtual Currencies Conference organised by Europol’s European Cybercrime Centre (EC3) in The Hague (from 19-21 June 2018). Over 300 participants from 40 countries attended the event, which focused on cryptocurrencies and how to foster the legitimate use of this virtual monetary system which is often abused by hackers, international drug dealers and the money movers of organised crime.

While the majority of participants came from law enforcement agencies and public prosecutors’ offices, key experts from well-known cryptocurrency services were also in attendance – the companies, who work closely with law enforcement agencies, foster the legitimate use of virtual currencies by implementing strong Know Your Customer (KYC) policies. Private sector participants included Bitcoin.de, Bitfinex, BitPanda, Bitstamp, BitPay, Blockchain.info, CEX, Coinfloor, Coinhouse, Cryptopia, Cubits, Kraken, LocalBitcoins, OKCoin, SpectroCoin and Xapo.

This year twelve operational case studies were presented, where suspects were detected through cryptocurrency tracing, including phishing incidents, DDoS extortion, take downs of dark web marketplaces and malicious cryptocurrency mining. The legitimate use of blockchain technologies was also discussed, including the use of cryptocurrencies for trading/investment activities, payment methods for goods and services and as a store of value.

In order to practically demonstrate the benefits of the tamper-proof decentralised ledger technology, all speakers received Europol’s certificates permanently stored and fully traceable within Bitcoin blockchain. Europol therefore became the first law enforcement organisation to award active participants blockchain validated certificates.

Airline Fraud Action Day leads to 141 Arrests

As part of a global action against airline fraud Europol coordinated raids at European airports, targeting criminals trying to travel using fraudulently bought tickets. Last week (from 18-22 June) over 141 individuals were arrested around the world during a law enforcement swoop which took place at over 226 airports.

61 countries, 69 airlines and 6 online travel agencies were involved in the 11th edition of the Global Airport Action Days (GAAD) targeting criminals suspected of travelling with airline tickets bought using stolen, compromised or fake credit card details. Some 334 suspicious transactions were reported, and a number of investigations have been subsequently opened.

The GAAD which was organised through coordination centres at Europol in The Hague, at the INTERPOL Global Complex for Innovation in Singapore and at Ameripol in Bogota, was supported by Canadian and US law enforcement authorities through the NCFTA in Pittsburgh.

During the action week, representatives from airlines, online travel agencies, payment card companies, Perseuss and IATA worked together with experts from Europol’s European Cybercrime Centre (EC3) to identify suspicious airline ticket transactions.

More information can be found on Europol’s website

Information on the GAAD held in June 2017 can be found here

 

 

Cross-border e-Commerce Police action leads to 95 arrests

Police forces across Europe have arrested 95 professional fraudsters and members of internet-based criminal networks in a successful cross-border e-Commerce Action (eComm 2018).

The joint law enforcement operation, coordinated by the European Cybercrime Centre (EC3) from Europol’s headquarters in The Hague, was supported by 28 countries and ran from 4 to 15 June 2018. It received the direct assistance from merchants, logistic companies, and banks and payment card schemes. Europol also supported national authorities on-the-spot by providing analytical services in their investigations.

The main goal was to target online fraud through a coordinated law enforcement action within the European Union (EU) and beyond, followed by an awareness-raising campaign. This action also marks the start of several investigations with more arrests expected in the next few months. The activity was inspired by a similar UK pilot conducted in collaboration with Visa.

The suspects arrested during the operation were responsible for more than 20 000 fraudulent transactions with compromised credit cards, with an estimated value exceeding EUR 8 million.

The e-commerce action focused on combating card-not-present (CNP) fraud, to help create a safer online environment for customers worldwide by sharing information and developing best practices between law enforcement and the private sector. It promotes the hashtag  #BuySafePaySafe: tips to avoid becoming a fraud victim.

For more information visit Europol’s website.

Rui Carvalho, Chair of the EAST Payments Task Force (EPTF), represents EAST at Europol’s e-Commerce actions.

 

45th EAST Meeting hosted by EC3 at Europol

EC3The 45th Meeting of EAST National Members was hosted by the European Cybercrime Centre (EC3) at Europol on 6th June 2018. National country crime updates were provided by 21 countries, and a global update by HSBC.  Topics covered included payment fraud and the evolution of payment technology, ATM malware and logical attacks, terminal related fraud attacks and ATM related physical attacks.

EC3 presented on the latest initiatives and events relating to e-commerce fraud prevention, global airport actions (GAAD) to combat online fraud involving stolen or fake credit card data to purchase plane tickets, actions relating to virtual currencies, the Europol-ASEAN Strategic Payment Card Fraud Meeting, and provided updates on Advisory Group activities relating to Internet Security, Communication Providers and Financial Services.

Presentations were also given by the EAST Payments Task Force (EPTF) and the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).  An update was given by the EAST Expert Group on All Terminal Fraud (EGAF).

EAST Fraud Update 2-2018 will be produced later this month, based on the national country crime updates provided at the meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

The 46th EAST Meeting will be held in London on 9th October 2018 and will be followed by EAST FCS Seminars on 10th October 2018 at the same venue.