Police in Europe Tie Card Fraud to People-Smuggling GangTwo Syrians Accused of Buying Stolen Corporate Card Data to Mask Activities
Coordinated police raids in Germany and Sweden have resulted in the arrest of two individuals suspected of running a cyber fraud gang that used stolen payment card data to book hundreds of airline and train tickets to help smuggle people from the Middle East into Europe.
See Also: 2020 Cyberthreat Defense Report
The EU's law enforcement intelligence agency Europol, which helped coordinate the raids, says they were launched after a private sector tip-off. Europol's European Cybercrime Center subsequently helped police identify suspects, leading to the arrest of two individuals in Malmö and Nörrköping on Monday by Swedish Police.
Europol says the investigation was conducted with support from the EU's Border and Coast Guard Agency, known as Frontex. The crime group had been tracked by the Federal Police of Germany, known as the Bundespolizei. Last October, German police launched Operation Goldring, which led investigators to the crime group "composed of Syrian nationals, which was involved in fraudulently purchasing airline and train tickets," Europol says.
German police conducted house searches in Aachen, Dortmund and Essen, while Swedish police conducted house searches in Nörrköping, Malmö and Helsingborg. Authorities say they collectively recovered $118,000 worth of cash, in euros and U.S. dollars, during the raids.
German police say the gang has been tied to 493 fraudulent bookings.
"In most cases, the tickets were one-way tickets from Beirut to European member states," Europol says. "The tech-savvy smugglers avoided detection by making the bookings using compromised corporate credit cards and credentials purchased online from other criminals offering them for sale."
Cybercrime-as-a-Service Offerings Proliferate
Stolen payment cards remain easy to procure and relatively inexpensive, security experts say (see Why Cybercrime Remains Impossible to Eradicate).
A review of cybercrime-as-a-service offerings published earlier this year by security firm Flashpoint said that payment card data, fake identity documents and access to bank accounts remain easily available and apparently popular products.
Many underground shops, for example, sell stolen payment card data - aka "dumps" - that are "often sourced directly from malware-infected or skimmed point-of-sale terminals," according to Flashpoint. This information can be illicitly converted into cash using money mules and money-transfer services, or used to help mask fraudulent activity online.
Flashpoint said some underground forums also sell illicit passports - and other types of identity documents - in three forms: digital scans, templates and physical versions. Such documents can be useful for money-laundering schemes, she said. But it's unclear if the fake, physical documents would stand up to border agents' scrutiny.
Europol Lauds Private-Public Partnerships
Meanwhile, police continue attempts to crack down on criminals who buy and provide cybercrime-as-a-service offerings. Some of these law enforcement efforts are also sector-specific.
In the case of the Operation Goldring investigation, for example, last week's arrests represent a continuation of Europol's Global Airport Action Day, a public-private partnership that brings together the airline industry, payment card companies and law enforcement agencies to target airline fraud (see Airport Raids Target Fraudsters).
"As part of this operation, Europol and Frontex have jointly identified significant crossovers between payment card fraud and irregular migration and trafficking in human beings, leading to a number of arrests in recent years," Europol says. "The fraudulent bookings were brought to the attention of law enforcement by the private sector, highlighting once again how instrumental public-private partnerships are in fighting this type of fraud."
Story updated on Sept. 18 to add the locations in which the two suspects were arrested.