Europol on payment card fraud: „Instant payments may reduce detection and intervention opportunities by banks. This can potentially lead to a higher fraud rate.”

11 ways you could be the next victim of cybercrime – Europol’s latest cybercrime report provides insights into emerging threats and key developments.

Cybercriminals are adopting creative new techniques to target their victims at an unprecedented pace and are constantly seeking methods to avoid law enforcement detection. To stay ahead of them, law enforcement should target cybercriminals offering “off-the-shelf” cyber-attack services or products to make it more difficult for low-level cybercriminals to carry out high-level attacks.

Europol’s fifth annual Internet Organised Crime Threat Assessment (IOCTA), presented today at the INTERPOL-Europol Cybercrime Conference in Singapore, offers a unique law enforcement view of the emerging threats and key developments in the field of cybercrime over the last year. But more than that, it describes anticipated future threats and provides recommendations to law enforcement authorities in Europe to adequately deal with these challenges. The report only has one goal in mind: to stop cybercriminals from making you their next victim.

We’ll shed some light on some of the main trends here. A complete overview can be found in the full report on Europol’s website.

Ransomware, malware, beware!
1. Ransomware has become a standard attack tool for cybercriminals. However, criminals are moving from random attacks to targeting companies or individuals where greater potential benefits lie.

2. Mobile malware may grow as users shift from online to mobile banking.

3. Cyber-attacks have become increasingly stealthy and harder to detect. Attacks using fileless malware have become a standard component of the crime-as-a-service (1) industry.

4. The GDPR legislation requires breaches to be reported within 72 hours. Criminals may try to extort breached organisations. While this is not new, it is possible that hacked companies will prefer to pay a smaller ransom to a hacker for non-disclosure than the steep fine that might be imposed by the authorities.

5. The motive behind network intrusions is the illegal acquisition of data, for a variety of purposes, including phishing or payment fraud.

6. DDoS attacks continue to grow and tools to launch them are easily available as a service, allowing unskilled individuals to launch significant DDoS attacks.

7. Continued growth in the volume of social engineering attacks is expected, but as a key component of more complex cyber-attacks. West African fraudsters are likely to have a more significant role within the EU in the future, as Africa continues to have the fastest growing internet usage globally.

Cryptocurrencies are no safe haven
8. Criminals will continue to abuse cryptocurrencies. Cyber-attacks which historically targeted traditional financial instruments are now targeting businesses and users of cryptocurrencies. Cryptomining has been exploited by financially motivated cybercriminals, who for instance hack legitimate websites to cryptojack (2) users visiting those sites.

Such attacks are much more appealing to cybercriminals wishing to keep a low profile, requiring little or no victim engagement and, at least currently, minimal law enforcement attention (with browser-based mining not actually being illegal). Another emerging threat is ‘true’ cryptomining malware which uses the processing power of infected machines to mine cryptocurrencies.

9. We anticipate a more pronounced shift towards more privacy-oriented currencies. An increase in extortion demands and ransomware in these currencies will exemplify this shift.

Payment card fraud
10. Skimming is still successful as card magnetic stripes continue to be used. Instant payments may reduce detection and intervention opportunities by banks. This can potentially lead to a higher fraud rate.

According to IOCTA 2018 – dedicated page, card-not-present fraud dominates payment but skimming continues.
„Skimming remains a common issue in most of the EU Member States. As in previous years, this continues to decrease as a result of geoblocking measures. Skimmed card data is often sold via the Darknet and cashed out in areas where Europay, MasterCard and Visa (EMV) implementation is either slow or non-existent.

Toll fraud has received a considerable amount of attention this year, with criminal groups using counterfeit fuel and credit/debit cards to avoid paying toll fees. Many Member States also reported an increase in the creation of fake companies to access and abuse Points of Sale (PoS), as well as profit from compromised information. Meanwhile, CNP fraud continues to be a key threat for EU Member States, with the transport and retail sectors highlighted as key targets within the EU.”

11. Telecommunications fraud represents an old but growing trend in fraud involving non-cash payments.

Europol’s Executive Director Catherine De Bolle: “Cybercrime cases are increasingly complex and sophisticated. Law enforcement requires additional training, investigative and forensic resources in order to adequately deal with these challenges. The policing opportunities arising from emerging technologies, such as big data analytics and machine learning, need to be seized. Europol will continue its efforts to enhance cooperation with international law enforcement and government agencies, tech companies, academia and other relevant stakeholders. Only if we do this, can cybercrime be combated effectively.”

––––––––––––––

1) The Crime-as-a-Service (CaaS) model describes a criminal business model that drives the digital underground economy, providing a wide range of commercial services and tools that facilitate crime online and enables a broad base of unskilled, entry-level cybercriminals to commit cybercrime.

2) Cryptojacking refers to any process that uses the processing power or bandwidth of a device to mine cryptocurrencies without the user’s permission.