GAAD cracks down on airline CNP fraud with 79 arrests

GAADThe 12th Global Airline Action Days (GAAD), which ran from 18 – 22 November 2019, resulted in the arrest or detention of 79 individuals suspected of travelling with airline tickets bought using stolen, compromised or fake credit card details. GAAD was coordinated from Command Posts at Europol in The Hague, INTERPOL Global Complex for Innovation in Singapore, Ameripol and Colombia in Bogota, Canada and NCFTA (with the US Secret Service) in the US.

Some of the reported cases were linked to illegal immigration, where the arrested passengers were in possession of counterfeited IDs or valid documents from other persons from different nationalities.  Card-not-present (CNP) fraud, the purchase of physical goods with compromised cards, has significantly increased throughout the EU and across many sectors such as, airline tickets, car rentals and accommodation. Tens of thousands of crimes are reported in many EU countries and volume is increasing every year.

Airline companies are among the most affected by CNP fraud.  It is estimated that losses for the airline industry globally have reached close to 1 billion USD per year, as a result of the fraudulent online purchases of flight tickets. These online transactions are highly lucrative for organised crime and are often linked to more serious criminal activities including irregular immigration, trafficking in human beings, drug smuggling and terrorism.

Eurojust assisted during the action days, together with the European Border and Coast Guard Agency (Frontex), which deployed officers to 28 airports. The Airport Communication Project (AIRCOP), implemented by the United Nations Office on Drugs and Crime (UNODC) in partnership with INTERPOL and the World Customs Organization (WCO) and counting the European Union as its main donor, also took part in law enforcement activities at airports in Africa, by deploying one officer at the main Command Post in Europol HQ.

Representatives from airlines, online travel agencies, payment card companies, the International Air Transport Association (IATA), European Airline Fraud Prevention Group and Perseuss, collaborated with Europol’s experts to identify suspicious transactions and provide confirmation to law enforcement officers deployed in the airports.  Europol’s European Migrant Smuggling Centre (EMSC) joined this year’s operation to provide better support to EU Member States and partners for fighting migrant smuggling networks. The GAAD operation was further supported by the Taskforce Travel Intelligence (TFTI).

Wil van Gemert, Europol’s Deputy Executive Director Operations, said “Airline ticket fraud is borderless by nature. This operation was the culmination of many months of meticulous planning between Europol, law enforcement, judiciary and border agencies, airlines and credit card companies, and is a perfect example of how our combined forces can make distinctive contribution in the fight against these criminal syndicates operating across borders”.

Paul Stanfield, INTERPOL’s Director, Organized & Emerging Crime, commented “The Global Airline Action Day operation is an excellent example of how collaboration between the agencies as well as the public and private sectors serves to tackle and prevent crime such as credit card fraud. The operation was underpinned by professional commitment and mutual support across borders between national, regional and international police organizations”.

Cooperation and information exchange between the public and the private sector is the most efficient way of fighting tickets fraud and all other forms of organised crime, such as irregular immigration, trafficking in human beings, drug trafficking.  The EAST Payments Task Force (EPTF) provides a public/private sector platform which focusses on driving down CNP fraud.

Europol publishes Russian language version of ATM Logical Attack Guidelines

ATM Logical Attack GuidelinesEuropol has just published a Russian language version of guidelines to help industry and law enforcement counter the ATM Logical Attack threat.  The English version of the document was officially launched in January 2019 at the 17th Meeting of the EAST Expert Group on All Terminal Fraud (EAST EGAF).  The document is now available in English, French, Spanish and Russian.

The production of this document was coordinated by EAST EGAF.  It has three sections:

  1. Description of Modi Operandi (ОПИСАНИЕ CПОСОБОВ РЕАЛИЗАЦИИ АТАК)
  2. Mitigating the risk of ATM Logical and Malware Attacks, Setting up Lines of Defence (МИНИМИЗАЦИЯ РИСКА ЛОГИЧЕСКИХ АТАК И АТАК С ПРИМЕНЕНИЕМ ВРЕДОНОСНОГО ПО, УСТАНОВКА ЛИНИЙ ЗАЩИТЫ)
  3. Identifying and responding  to Logical and Malware Attacks (ИДЕНТИФИКАЦИЯ И РЕАГИРОВАНИЕ НА ЛОГИЧЕСКИЕ АТАКИ)

The Guidelines were first published in 2015 and this latest version provides clearer definitions and greater clarity of the criminal methods and techniques encountered in these attacks, along with more detailed recommendations on how to mount a robust and effective response to them.  The recent fall in ATM malware and logical attacks, as reported by EAST in the latest European Payment Terminal Crime Report published in October 2019, reflects the work that has been put into preventing such attacks by the industry and law enforcement.

Circulation of the document is restricted to Law Enforcement and to the banking and payments industry, which includes EAST Members (National and Associate).

Europol’s AG-Financial Services meets in The Hague

EAST Development Director Rui Carvalho participated in and presented at a meeting of Europol’s Advisory Group on Financial Services (AG-Financial Services) on 20th November 2019 in The Hague.  The AG-Financial Services advises the Programme Board of the European Cybercrime Centre (EC3) at Europol. Its purpose is to:

  • bring knowledge and expertise to the Programme Board on the impact of cybercrime on financial services and on how this sector and law enforcement can cooperate in the prevention and combating of cybercrime;
  • update and share all relevant information and expertise on developments in the area of cybercrime that affect financial services;
  • assist the Programme Board in defining priorities for the work of EC3 in this area, including by advising on the cooperation with the financial services and on developing concepts for enhanced prevention;
  • advise the Programme Board on increasing the sharing/exchange of information between law enforcement and financial services

Rui Carvalho is also Chair of the EAST Payments Task Force (EPTF) which has great synergy with AG- Financial Services in that its remit, as a public-private sector expert working group, covers the impact of cybercrime on financial services.

EPTF holds Sixth Meeting

EPTFThe Sixth Meeting of the EAST Payments Task Force (EPTF) took place on Wednesday 13th November 2019 at the Banking & Payments Federation Ireland (BPFI) in Dublin.

The EPTF is a specialist task force that discusses security issues affecting the payments industry and that gathers, collates and disseminates related information, trends and general statistics.

The meeting was chaired by Mr Rui Carvalho, EAST Development Director, and was attended by key representatives from Card Issuers, International Banks, Law Enforcement, Payment Processors and Solution Providers.

Presentations or updates were given by EuropolEVRY Norge AS, HSBCPLUSCARD Gmbh, and SIBS.  There was also a detailed discussion on fraud and payment crime reporting, with a focus on how EAST can help national representatives by creating an updated template for this.

The Group, which meets twice a year, adds value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.  EAST National Members represent 35 countries and outputs from the group are presented to National Member Meetings.  There are 213 EAST Associate Member Organisations from 53 countries and territories.

EAST FCS ATM Physical Attacks Seminar 2019

ATM Physical Attacks

ATM Physical AttacksAn EAST FCS ATM Physical Attacks Seminar was held on 9th October 2019 in London, co-located with RBRs ATM & Cyber Security 2019 Conference. The interactive event followed the basic structure of work group meetings held by the EAST Expert Group on ATM & ATS Physical Attacks (EGAP). This group, which meets twice a year, provides a platform for law enforcement and private sector experts to come together and share attack information, trends and statistics in a structured manner.

ATM Physical AttacksThe event was chaired by Sarah Staff of SaferCash.  EAST Executive Director Lachlan Gunn gave an overview of EAST and EGAP, highlighting new definitions produced by the group, before presenting the latest ATM Physical Attack Statistics from the H1 2019 European Payment Terminal Crime Report.

Miguel-Angel Villanueva-Guijarro of Europol then gave a high level view of the ATM physical attack situation across Europe and how Europol is structured to handle cross-border cases.  This was followed by threat assessments from Europe and South Africa:

  • France – Guillaume Bourez – OCLDI
  • Netherlands – Marc Wosten – Dutch National Police
  • Spain – Daniel Zorzo Lopez – Guardia Civil
  • South Africa – Gregory Singh – SABRIC
  • United Kingdom – Neil Smyth – Metropolitan Police Service

These were followed by a presentation on banknote infrared (IR) recognition by David Milner of EURICPA and Niels Riedel of the ECB.  This covered, from the perspective of the ECB, the current position with regard to how banknote sorting machines will detect banknotes with IR markers, as well as a look at the future.

ATM Physical AttacksThe event concluded with a Question and Answer session chaired by Sarah Staff and with Daniel Zorzo Lopez, Miguel-Angel Villanueva-Guijarro, Marc Wosten, Gregory Singh and David Milner on the Panel.

Attendance at the regular EAST EGAP work group meetings is limited and this event enabled active participation and input from a much wider pool of expertise.

More information on the event can be found on the EAST Events Website

2019 EAST FCS ATM Physical Attack Seminar Sponsors




EAST FCS Terminal Fraud Seminar 2019

terminal fraud

An EAST FCS Terminal Fraud Seminar was held on 9th October 2019 in London, co-located with RBRs ATM & Cyber Security 2019 Conference. The interactive event followed the basic structure of work group meetings held by the EAST Expert Group on All Terminal Fraud (EGAF). This group, which meets three times a year, provides a platform for law enforcement and private sector experts to come together and share fraud information, trends and statistics in a structured manner.

terminal fraudAn introduction to EGAF by the Chair, Otto de Jong, was followed by a presentation by EAST Development Director Rui Carvalho, covering the latest EAST terminal fraud statistics from the H1 2019 European Payment Terminal Crime Report.  Tobias Wieloch of Europol then gave a high level view of the terminal fraud attack situation across Europe which was followed by threat assessments from around Europe:

  • NORTH – Nordics – Arnt Olav Rottereng – Evry
  • SOUTH – Italy – Veronica Borgogna – Bancomat SpA
  • EAST – Russia – Nikolai Dosh – Mastercard Members Association (MCMA)
  • WEST – UK – Ben Birtwistle – NatWest Bank Plc

terminal fraudThese were followed by an overview and demonstration of the Checkcard Software by Tobias Heckmann from the University of Applied Sciences in Bingen, Germany. This has been developed as an investigation tool to validate whether or not a smart card is genuine. The check is done off-line, either using software on a desktop or on an android phone.

terminal fraudThe event concluded with an update on logical security – Otto de Jong covered black box attacks and Terence Devereux of Diebold Nixdorf spoke about ATM malware attacks.

Attendance at the regular EAST EGAF work group meetings is limited and this event enabled active participation and input from a much wider pool of expertise.

More information on the event can be found on the EAST Events Website

49th EAST Meeting hosted by LINK in London

The 49th EAST Meeting (National Members) was hosted by the LINK Scheme in London on 8th October 2019. National country crime updates were provided by 20 countries, and a global update by HSBC.  Topics covered included payment fraud and the continuing evolution of payment technology and related threats, terminal related fraud attacks, malware and logical attacks, and ATM related physical attacks.

The European Cybercrime Centre (EC3) at Europol gave a presentation on the ‘Genesis’ dark web marketplace where cyber-criminals are selling digital fingerprints (bots).  This was followed by a presentation from the INTERPOL Financial Crimes unit on ATM and payment crime.

The Gulf Cooperation Council Police (GCCPOL) then shared an update on payment and fraud issues seen by their 6 member countries. In recognition of their first attendance at an EAST Meeting, GCCPOL representative Major Mohammed Khalid Alabsi presented the current Chair of EAST, Ms Veronica Borgogna (BANCOMAT SpA), with a mementoe of the occasion.  EAST Executive Director Lachlan Gunn said: “We are delighted to be strengthening our relationship with the GCC and the Arab States of the Gulf, another step forward in enhancing the global value of our National Member platform.”

Presentations were also given by the EAST Expert Group on All Terminal Fraud (EGAF) and the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).  An update was given by the EAST Payments Task Force (EPTF).

EAST Fraud Update 3-2019 will be produced later this month, based on the national country crime updates provided at the 49th EAST Meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

European Police Chiefs focus on Serious and Organised Crime

Advisory Group on Financial ServicesAt the 2019 European Police Chiefs Convention (EPCC) the main focus was serious and organised crime and its manifestations and infiltration in society.  The event was held on 3-4 October 2019 at Europol in The Hague, and was attended by over 600 police chiefs and senior law enforcement representatives from 50 countries.

There was consensus that the increasingly cross-border nature of organised crime, often associated with violent acts among gangs, flourishing drug trafficking markets and related crimes such as money laundering and corruption pose a major challenge to society.

Serious and organised crime has been evolving over the last 20 years in terms of:

  • the number of criminal organisations;
  • modus operandi, adaptability, sophistication and interconnection;
  • use of technology;
  • and their ability to infiltrate infrastructures, public sector and exploit legislative loopholes.

Meanwhile, new psychoactive substances, record levels of drugs production globally, organised migrant smuggling and the development of online criminality have all had profound effects on the criminal landscape.

Coinciding with the 2019 EPCC, several important developments are at a crucial stage, creating a rare intersection of opportunities and challenges for the European law enforcement community:

  • rapid technological developments (e.g. encryption, 5G, big data, machine learning and cryptocurrencies) present both challenges and opportunities for criminal investigations;
  • record levels of illicit drug cultivation and trafficking, with the EU as a leading consumer market.

Europol and Finland’s Presidency of the Council of the EU concluded that a number of areas require particular attention. Among them are:

  • refocusing attention on serious and organised crime as a grave threat to the internal security of the EU;
  • the need to target the top-tier organised crime groups, developing further successful initiatives like the high-value target concept at Europol ;
  • greater attention to financial and economic crime and criminal asset seizures, making sure crime doesn’t pay; welcoming new developments like the European Financial and Economic Crime Centre (EFECC) at Europol, and the European Public Prosecutor’s Office (EPPO);
  • greater engagement between law enforcement and the private sector, at national and EU (Europol) level;
  • greater investment in crime prevention, requiring a multi-disciplinary approach involving government bodies, non-governmental organisations and the private sector;
  • need for a global EU strategy on organised crime, which might expand on the EU Policy Cycle for International Serious and Organised Crime; and sustainable funding and resources for cross-border crime-fighting, comprising both Europol and EU-level funding and capacity building mechanisms;
  • further development of EU policing solutions, such as Europol’s new decryption platform;
  • greater and more coordinated investment in innovation in the law enforcement community, potential via an innovation platform hosted by Europol.

Europol’s Executive Director Catherine De Bolle said: “Crime in the 21st century is highly international and organised, and for law enforcement it is no longer good enough to be reactive. We must strengthen our cooperation and engage in foresight activities to understand emerging challenges and formulate innovative countermeasures. Europol’s strategy 2020+ sets out our ambition to further establish Europol as an innovator in the European law enforcement community. The European Police Chiefs Convention shows that Europol has established itself as the EU criminal information hub. We will continue to enhance the value of our network by providing Member States with access to a growing number of partners and sources of information.”

Europol has organised the EPCC since 2010. This year this significant event had the highest ever turnout with 615 attendees. High-level representatives from all 28 EU Member States, 15 non-EU countries, agencies, and institutions of the EU (Eurojust, FRONTEX, OLAF, EUIPO), as well as international organisations attended the convention. Alongside the EPCC, two more major meetings were held at Europol: the EUROMED meeting and the European Customs DG meeting.

For more information and a related video visit the Europol website

EAST EGAP holds 12th Meeting in The Hague

The twelfth meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Wednesday 4th September 2019 in The Hague.

EAST EGAP is a European specialist expert forum for discussion of ATM and ATS related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The meeting was chaired by Mr Graham Mott of the LINK Scheme and was attended by key representatives from Terminal Deployers, ATM Networks, Security Equipment Vendors and Law Enforcement.  Europol gave a central assessment of the ATM physical attack situation in Europe and National Threat Assessments were shared by representatives from ten countries.

EAST EGAP, which meets twice each year, enables in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

EAST EGAP meetings are restricted to working group members and, to provide a wider platform for sharing/discussion, the Group is holding a half-day open seminar in London on 9th October 2019.  Registration for this is still open and more information can be found on the EAST Events website.

Disruptive technologies – their impact on crime and its prevention

Disruptive TechnologiesEuropol has just published a new report aimed at triggering discussion about ‘disruptive technologies’, and the need for innovation and strategic foresight in EU policing.

Disruptive technologies are fundamentally altering the way we live, work and relate to one another.  They provide criminals with new ways to pursue their illegal goals, but also equip law enforcement with powerful tools in the fight against crime.

To remain relevant and effective, it is necessary for law enforcement authorities to invest in understanding and actively pursuing new, innovative solutions. The new Europol Report, entitled ‘Do criminals dream of electric sheep: how technology shapes the future of crime and law enforcement’ will serve as a basis for future discussions between Europol, EU law enforcement and their stakeholders.

Europol’s Executive Director, Catherine De Bolle, said: “Europol’s strategy sets out our ambition to firmly establish Europol as an innovator in law enforcement at the European level. It is no longer good enough to be reactive. Our ability to predict which emerging technologies criminals will turn to next is instrumental to our mission of keeping EU citizens safe. We hope to start a discussion with law enforcement in the Member States and other stakeholders.”

Some of the emerging technologies include Artificial Intelligence (AI), quantum computing, 5G, alternative decentralised networks and cryptocurrencies, 3D printing and biotech. These are set to have a profound impact on the criminal landscape and the ability of law enforcement authorities to respond to emerging threats. The disruption comes from the convergence between these new technologies, the previously unseen use cases and applications, and the challenges posed by existing legal and regulatory frameworks.

The report aims to identify the security threats associated with this and points to ways for law enforcement to use the opportunities brought by these technologies to combat crime and terrorism. It also highlights the pivotal role of the private sector and the importance of law enforcement to engage more with these actors. Furthermore, it is of paramount importance that the voice of law enforcement is heard when legislative and regulatory frameworks are being discussed and developed, in order to have an opportunity to address their concerns and needs, particularly with regard to the accessibility of date and lawful interception.

in an age of rapid digital technological development Europol can deliver additional value by increasingly engaging in expertise coordination and collective resource management, which avoids unnecessary duplication of resources and expertise at national level. The Europol Strategy 2020+ set out for the organisation to support the Member States by becoming a central point for law enforcement innovation and research.

Download the report here

As a private sector partner of Europol, EAST provides trusted platforms where experts from law enforcement and the private sector can routinely come together to focus on current and evolving criminal threats, and what can be done to counter them.  The platforms are:  EAST National Member meetings; the EAST Payments Task Force (EPTF); the EAST Expert Group on All Terminal Fraud (EGAF); and the EAST Expert Group on ATM & ATS Physical Attacks (EGAP).