European Cybercrime Centre – first year report – Romania is mentioned as a place of fraudulent activity

The year 2013 saw ECC support investigations for almost 50 major cybercrime operations that resulted in the dismantling of international networks who had made more than 10 mil. Euro profit by compromising the payment credentials of the card holders or by accessing the victims’ computers, according to the first year report.

Just over a year ago, on 11 January 2013, the European Cybercrime Centre (EC3) at Europol opened its doors for business. Created to strengthen the European Union’s law enforcement community response to cybercrime, EC3’s brief was to help protect European citizens and businesses against existing and future cyber threats.

In the first year since its inception, EC3 has been called upon to support many large-scale cross-border cybercrime investigations. In terms of payment fraud, Focal Point Terminal (FPT) provided operational and analytical support to 29 major operations in 2013.

The year 2013 saw FPT support investigations that resulted in the dismantling of three different international networks of credit card fraudsters. One operation led to the arrest of 29 suspects who had made euro 9 mil. profit by compromising the payment credentials of 30.000 credit card holders.

The second network that was tackled resulted in 44 arrests during the operation and two illegal workshops for producing devices an software to manipulate point of sale terminals were dismantled.

Illegal electronic equipment, financial data, cloned cards, and cash were seized during 82 hours searches in Romania and the UK. More than 400 police officers were involved in this international operation. The organised crime group had affected approximately 36000 bank/credit card holders in 16 European countries.

The third operation targeted an Asian criminal network responsible for illegal internet transactions and the prutchasing of airline tickets on compromised credit card credentials. The operation was coordinated in 38 airports in 16 European countries. During the operation more than 200 suspicious transactions were reported by the industry and 43 individuals were arrested (followed by another 74 arrests after the action day).

Two members of the criminal gang were arrested al Helsinki airport. Around 15000 compromised credit card numbers were found on the criminals’ seized computers. The criminal network had been misusing credit card details stolen from cardholders worldwide. In Europe alone, over 70.000 Euros in losses were suffered by payment cardholders and banks.

In terms of cyber-attacks & malware, Focal Point Cyborg (FPC) assisted in the coordination of 19 major cybercrime operations in this first year. Two major international investigations that were concluded related to ransomware. “Police” ransomware is a type of malware that blocks a victim’s computer, accusing the victim of having visited illegal websites containing child abuse material or other illegal activity.

Criminals request the payment of a “fine” to unblock the victim’s computer by displaying a splash-screen on their computer making the ransomware look as if it comes from a legitimate law enforcement agency investigating the illegal activities of the victim. Cybercriminals convince the victim to pay the “fine” of euro 100 through two types of payment gateways – virtual and anonymous – as a penalty for the alleged offense.

It is estimated that the criminals infected tens of thousands of computers worldwide, bringing in profits in excess of euro 1 million per year. The first investigation led to 11 arrests and the second one to two arrests and the seizure of euro 50000. More recent versions of the ransomware malware have been more aggressive, encrypting victims’ data and making victims more likely to pay the ransom in the hope of retrieving their data.

Having led the European Cybercrime Centre for the last 12 months, Troels Oerting, Head of EC3, said: “Today we mark the 1st anniversary of the establishment of EC3. Since its opening we have been extremely busy in assisting EU Member States to prevent and combat cybercrime in many areas. The threat to a safe, secure and free Internet will increase as the Internet – and the Internet of Things – develops, and more of the global population comes online.”

“We have only seen the tip of the iceberg and we are facing huge challenges in the future when this type of crime will impact us from all parts of the world, through advanced tools and the criminals’ ability to hide. This task requires ‘heavy lifting’ from all stakeholders, and not just law enforcement.”