Some 95 professional fraudsters and members of internet-based criminal networks suspected of online fraud activities were arrested during the 2018 e-Commerce Action (eComm 2018), a joint law enforcement operation supported by 28 countries, from June 4 to 15. Europol, the European Union’s police agency, said that the main goal was to target online fraud through a coordinated action within the EU and beyond, followed by an awareness-raising campaign. This action also marked the start of several investigations with more arrests expected. The activity was inspired by similar UK action, with payment card company Visa.
The suspects arrested were responsible for more than 20 000 fraudulent transactions with compromised credit cards, with an estimated value exceeding eight million euros, said Europol. The action was coordinated by the European Cybercrime Centre (EC3) from Europol’s headquarters in The Hague. It received the direct assistance from merchants, logistic companies, and banks and payment card schemes. Europol also supported national authorities by providing analytical services in their investigations.
Comment
Robert Capps, vice president at NuData Security, a Mastercard company, said “The impact – both on consumers and merchants – of crimes like these is often far greater than victims might first realise. It starts when payment data is initially used for fraudulent transactions, as it’s the case here. NuData has seen a 100 per cent increase in purchase attempts with flagged – suspicious – credit cards.
“Payment information is not the only thing at risk. By purchasing bogus goods, the victims are also providing personal data such as name, last name, address, and sometimes even a username and password to access the fake site. The other risk is that this data can be used for account takeover. NuData Security found account takeover attempts grew up 1000% (tenfold) in 2017; 40% of all login attempts are high risk.
“This type of stolen data is also behind the continuous waves of crime such as synthetic identity fraud, where personally identifiable information such as name, address, date of birth, and governmental identification are traded on the dark web to construct entirely new fraudulent identities for ongoing theft.
“This is why retailers, eCommerce organisations, banks, and financial institutions are using multi-layered security strategies that incorporate passive biometrics and behavioural analytics. Unique behaviour patterns such as device interactions and other hundreds of indicators that help confirm legitimate users with pinpoint accuracy without relying on credentials. These patterns and behaviours cannot be replicated by would-be thieves using stolen credentials or card details – breaking the fraud chain.”
