As technology continues to take over our lives, and digitalisation gathers pace, cybercrime is also growing. Europol and Eurojust have published a third joint report identifying and categorising the current developments and common challenges in combating cybercrime, which fall into five different areas.
Loss of data: electronic data is the key to successful investigations in all the cybercrime areas, but the possibilities to obtain such data have been significantly limited.
Loss of location: recent trends have led to a situation in which law enforcement may no longer establish the physical location of the perpetrator, the criminal infrastructure or electronic evidence.
Challenges associated with national legal frameworks: the differences in domestic legal frameworks in EU Member States often prove to be serious impediments to international cybercrime investigations.
Obstacles to international cooperation: in an international context, no common legal framework exists for the expedited sharing of evidence (as does exist for the preservation of evidence). There is also a clear need for a better mechanism for cross-border communication and the swift exchange of information.
Challenges of public-private partnerships: cooperation with the private sector is vital for combating cybercrime, yet no standardised rules of engagement are in place, and investigations can thus be hampered.
Both the EAST Payments Task Force (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF) cover cybercrime and its impact on payments and terminals. Both are public-private sector platforms where experts come together to focus on such issues. EAST National Members also share cybercrime related information with each other, and through the EAST platform, with law enforcement agencies across the world.
A successful operation that took down an international payment card fraud network was carried out by the Public Prosecution Office at the Audiencia Nacional and National Police of Spain, and the General Directorate Combating Organized Crime in Bulgaria, with the support of Eurojust and Europol’s European Cybercrime Centre (EC3).
As a result of the cross-border action, 31 suspects were arrested (21 in Spain, 9 in Bulgaria and one in the Czech Republic) and 48 house searches (14 in Spain and 34 in Bulgaria) were carried out. The suspects were in possession of equipment used to forge payment cards, payment card data readers-recorders, skimmers, micro cameras, devices to manipulate ATMs, as well as cash and numerous counterfeit cards.
Between 2014 and 2017, the criminal network installed skimming devices on an average of 400 ATMs every year, to copy and clone the data contained on the bank cards. The forged cards were then used to make illegal transactions in 200 ATMs outside the European Union, mainly in the USA, the Dominican Republic, Malaysia, Indonesia, Vietnam, Peru, the Philippines and Costa Rica. Approximately 3,000 EU citizens were affected by the criminal network, with losses of at least EUR 500,000.
From 22 to 26 February 2016, law enforcement agencies and judicial bodies from Belgium, Denmark, Greece, the Netherlands, the United Kingdom, Romania, Spain and Portugal – with further support from Moldova and other countries – joined forces in the first coordinated European action against money muling. The operation was also supported by Europol, Eurojust and the European Banking Federation (EBF).
Money mules are individuals recruited by criminal organisations to receive and transfer illegally obtained money between bank accounts and/or countries. Through the money mules, the criminals gain access to the stolen goods or funds without revealing their identity. These fraudulent schemes are often advertised through online postings and social media as seemingly legitimate job opportunities.
During the week, Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT), together with Eurojust and the EBF, provided operational and analytical support to the involved partners. As a result of the operation, nearly 700 money mules were identified across Europe and 81 individuals were arrested after 198 suspects were interviewed by law enforcement agencies. With the support of over 70 banks, significant financial losses were discovered and prevented, and over 900 victims of this crime were identified. More than 90% of the reported money mule transactions were linked to cybercrime (typically the illegal funds come from phishing, malware attacks, on-line shopping/e-Commerce fraud, payment card fraud, sophisticated Nigerian on-line fraud, and others).
The European Money Mule Action (EMMA) is a pilot operational project under the flag of EMPACT Cybercrime Payment Fraud Operational Action Plan, designed to combat online and payment card fraud. EMMA is modelled after a Dutch example successfully employed in recent years in the Netherlands. This action builds upon the effective partnership between the police, the prosecution and the banking sector at the national as well as the international level.