INTERPOL warns of the rising threat posed by cybercrime

369.-baixaIncidences of cybercrime are increasing at an alarming rate as a consequence of the COVID-19 pandemic, and a new report from INTERPOL predicts they will accelerate further.

The report explains how cybercriminals have been exploiting our growing and necessary reliance on digital technology during recent months. This includes a sudden shift to teleworking by many organisations, which has involved the deployment of often unsecured remote systems and networks.

Based on the information provided by its member countries, INTERPOL has concluded that during the pandemic there has been a particularly significant increase in malicious domains (22%), malware and ransomware (36%) and phishing scams (59%).

Threat actors have revised their usual online scams and phishing schemes to commit crimes that feed on people’s financial and health fears during the COVID-19 crisis.

The report has also revealed a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure which offer more substantial financial gains.

INTERPOL believes that cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19. The increased online dependency for people around the world is also creating new opportunities, with many businesses and individuals not ensuring their cyber defences are up to date.

The report concludes that a further increase in cybercrime is highly likely in the near future. This is primarily due to vulnerabilities related to working from home, a continued focus on coronavirus-themed online scams and, when a COVID-19 vaccination becomes available, it is highly probable that there will be another spike in phishing related to these medical products.

According to the INTERPOL report, therefore, the COVID-19 pandemic is providing a wealth of opportunities for cybercriminals. In fact, many organisations could be at a greater risk of cyber attacks after turning to remote access solutions such as VPNs.

These remote access points may not be correctly configured or sufficiently secure because the remote computers may not have the latest technology installed. Furthermore, personnel may have had to use their own personal devices to work from home, which presents challenges from a security standpoint.


Aquest apunt en català / Esta entrada en español / Post en français

Ransomware, the other pandemic

368.-baixaWhile the whole world suffers the ravages of the COVID-19 pandemic, another virus, albeit one of a more technical nature, is wreaking havoc everywhere. Although this virus has been around for years, its cases have risen alarmingly in the past few months, and it can have severe consequences for critical activities and organisations such as hospitals, businesses and governments.

This virus is called ransomware. A scheme called No More Ransom is helping victims fight back without paying the hackers. No More Ransom is the first public-private partnership of its kind to help victims of ransomware recover their encrypted data without having to pay the ransom amount to cybercriminals. The initiative’s partners include Europol, Politie, Kaspersky and McAfee.

Since its launch, the No More Ransom decryption tool repository has registered over 4.2 million visitors from 188 countries and stopped an estimated $ 632 million in ransom demands from ending up in criminals’ pockets.

Powered by the contributions of its 163 partners, the portal has added 28 tools in the past year and can now decrypt 140 different types of ransomware infections. The portal is available in 36 languages.

To use it, simply go to the website and follow the Crypto Sheriff steps to help identify the ransomware strain affecting the device. If a solution is available, a link will be provided to download the decryption tool for free. No More Ransom goes a long way to help people impacted by ransomware, but there are still many types of ransomware out there without a fix.

Just like the coronavirus pandemic, prevention is better than cure, and fortunately, there are some preventative steps you can take to protect yourself:

  • Always keep a copy of your most important files somewhere else: in the cloud, on another offline drive, on a memory stick, or on another computer.
  • Use reliable and up-to-date anti-virus software.
  • Do not download programs from suspicious sources.
  • Do not open attachments in e-mails from unknown senders, even if they look important and credible.
  • And if you fall victim to a ransomware attack, do not pay the ransom.

We now need an innovative solution for those ransomware families not yet covered by the portal to help victims recover their files without giving in to the demands of the criminals.


Aquest apunt en català / Esta entrada en español / Post en français

Sexual offenders have increased their criminal activities during the COVID-19 pandemic

366.-baixaSince the start of the COVID-19 pandemic, the amount of sexual exploitation material shared has increased: online child abuse, sexual coercion and extortion of minors.

And minors were not exempt as we shifted from the real world to the virtual world: video calls to friends and family, interaction with social networks, online games, use of the internet for education and schooling. The more time they spend online, the more offenders are online, and the greater the exchange of material if they find new victims. Often, these victims are unaware they have been targeted through self-generated material; an area that represents a significant threat to children’s safety.

The current situation has provided sex offenders with the perfect opportunity to access a broader group of potential victims. The report published a few weeks ago by Europol analyses the increased sharing of child sexual exploitation images online and how to confront this serious threat to children’s safety.

The exchange of child abuse material is usually not motivated by financial gains, although offenders do pay for some forms of it, such as live distant child abuse. Through live streaming, offenders unable to travel due to corona restrictions can have children abused at their request.

The economic slow-down related to the COVID-19 pandemic may stimulate an increase in child abuse material produced within vulnerable communities for financial gain. And child abuse material content can also be disguised behind advertisements bringing criminals profits with a “pay per click” formula.

Society, including law enforcement, needs to focus even more on educating children and prevent them from becoming victims in the first place. The best weapon against sexual predators is to educate children to prevent the crimes. The harm resulting from being a victim of this crime is severe, and every time a picture or video is shared, this results in repeat victimisation.

Europol is monitoring the threat and provides continuous support to EU Member States and other law enforcement agencies to identify offenders and victims. The Europe-wide #SayNo campaign seeks to raise children’s awareness of the dangers of sharing explicit material online.

Europol coordinated an investigation in Italy involving more than 200 investigators. The operation, which took place in June 2020, was based on intelligence provided by Europol and directed by the Turin Prosecutor’s Office.

The investigation led to the arrest of 3 individuals, alongside the seizure of thousands of files. During the course of the investigation, the officers discovered that one of the suspects identified had been previously arrested for sexual abuse of children. The summary details the discovery of images and videos of sexual violence in which the victims were mainly babies, 6-year-old children and pre-teens.


Aquest apunt en català / Esta entrada en español / Post en français


El Salvador continues its precarious battle against the gangs

362.- baixaIn the midst of the COVID-19 pandemic, images of thousands of gang members stacked together by the government of El Salvador were broadcast around the world.

The country continues to be entrenched in its own war against gang members, especially those from the Mara Salvatrucha and 18 gangs. According to Osiris Luna, Deputy Minister of Security and the Director of Prisons, the State’s decision to integrate and confine members of the different criminal structures to the same cells is intended to create a shock effect among the gangs.

For two decades, incumbent governments have resorted to the prisons in an effort to give the appearance of winning the battle against gang violence. Let’s not forget that, according to official estimates, there are an estimated 60,000 active gang members in a country of fewer than 7 million people.

Furthermore, in 2018, the prisons reported that 44% of the prison population were understood to belong to a gang, accounting for about 17,400 of the 39,300 people being held in the country’s jails.

Previously, the penitentiary system segregated the members of rival gangs, assigning exclusive prisons to each group.

The initiative, seen by the gangs as a victory over the system, was successful in curtailing the number of riots and murders occurring inside prisons. However, it also served to consolidate the power and internal organisation of the criminal structures.

In 2016, the previous government took the first steps towards changing the system, but under the Bukele Administration, the reforms have been accelerated.

The potential consequences of the new prison policies are unpredictable. But it should also be understood that gangs like Mara Salvatrucha or MS-13 are formed by a conglomerate of programs and cliques with operational autonomy and, although a general command does exist, they do not always follow the same orders. In fact, there have been bloody disputes between members of the same gang. Nowadays, in El Salvador, talking about the MS-13 gang as a single homogeneous entity is somewhat misleading.

The other big gang, known as Barrio 18, also suffered internal conflicts in the middle of the last decade and split into two halves: the Sureños and the Revolucionarios.

Other smaller gangs include La Mirada, Locos 13 and Mao-Mao, which currently have about 300 of their active members imprisoned.

Another front to highlight is the so-called retirees; gang members who have left MS-13 or 18, mainly due to internal conflicts.

Although they are no longer considered to be gang members, there are around 3,000 of them in El Salvador’s prisons. And in 2004, they were allocated an exclusive prison facility in the city of Sonsonate.


Aquest apunt en català / Esta entrada en español / Post en français

Women and organised crime in Latin America

358.- baixaOrganised crime is one of the main problems faced by Latin America. This, according to the “Women in Organised Crime in Latin America: Beyond Victims and Victimisers” report commissioned by the Colombian Organised Crime Observatory.

Among its disruptive effects, the high levels of violence seen across the region are especially alarming. Since the 1990s, the opening-up of economies, in combination with the institutional weakness of the states and other social factors such as poverty and inequality, have favoured the growth of transnational criminal activities, including drug trafficking, arms trafficking, and migrant smuggling. As a result, Latin America has become the region with the fastest-growing criminal dynamics in the world.

Men have always been dominant in the different illegal economies, and a tendency to see criminal activities as a “man’s activity” has prevailed. Female participation in organised crime has largely been overlooked by academic analysis and public debate.

Due to the scarcity of information and data, investigations into this topic are limited although they have increased in the last decade. The relative invisibility of women in debates about organised crime stems from the general perception that they are appendices to male criminals, typically partners or sexual objects. Stereotypes of women as being dependent and weak reinforce the notion that they are incapable of making independent decisions regarding their participation in illegal activities.

Female participation in organised crime structures is not uniform. The diverse roles that women play in criminal economies allow us to characterise different types of participation forming a spectrum, which ranges from subordinates and victims to protagonists, leaders and perpetrators.

Despite the scarce systematic empirical evidence about the participation of women in organised crime, this investigation allows us to make some recommendations focused on prevention and attention for affected communities:

  • Strengthen statistical information systems related to organised crime and the participation of women in diverse criminal acts, both as victims and perpetrators.
  • Build strategies which account for the varied nature of the participation of women in organised crime economies.
  • Understand the factors that drive women to participate in illegal acts for preventive purposes.
  • Map out the multiple and varied roles women play in organised crime, including their role in other illegal economies like contraband and extortion.
  • Promote the empowerment of women, through collective initiatives which seek to give opportunities to those at risk of being recruited by organised crime.
  • Strengthen cooperation mechanisms, designed to help the victims of organised crime, between local, regional and national governments across Latin America.
  • Urge Latin American police and judicial bodies to apply a gender approach to their investigations.
  • Seek effective collaboration between social, economic and educational policy institutions to reorient those women specialised in certain roles within criminal economies towards legality.


Aquest apunt en català / Esta entrada en español / Post en français


Be careful with your mobile phone SIM

357.- baixaHow do criminals steal thousands of euros by hijacking mobile phone numbers? It’s a common story: the signal bars disappear from your mobile phone, and people call your phone number, but it doesn’t ring. You try to login to your bank account, but the password fails. You have become the newest victim of SIM swap fraud, and your phone number is now in the control of a criminal.

SIM swap fraud is committed when a fraudster dupes the victim’s mobile phone operator into porting the victim’s mobile number to a SIM in their possession. The fraudster then starts receiving any incoming calls and text messages, including the one-time banking passwords which are sent to the victim’s phone number.

The fraudster can then perform transactions, using information gathered through techniques like malware, and when the bank sends a one-time-password via SMS, the criminal receives it and completes the authorisation for the transaction.

Several law enforcement agencies in Europe -Austria, Spain and Romania- have carried out operations against this common denominator, considered by the authorities to be a growing threat. In Spain, the state authorities working in conjunction with Europol and the European Cybercrime Centre (EC3), arrested a group of 12 individuals who had managed to steal amounts of up to €137,000 from the bank accounts of several victims. The suspects were of Italian, Romanian, Colombian and Spanish nationality.

The modus operandi was simple, yet effective. The criminals managed to obtain victims’ online banking credentials with different banks by employing hacking techniques like banking trojans or other types of malware.

If you don’t want to be the next victim, here are some measures you can to take to protect yourself:

  • Keep your devices’ software up to date.
  • Do not click on links or download attachments that come with unexpected emails.
  • Do not reply to suspicious emails.
  • Limit the amount of personal data you share online.
  • Try to use two-factor authentication for your online services, rather than having an authentication code sent over SMS.
  • When possible, do not associate your phone number with sensitive online accounts.
  • Set up your own PIN to restrict access to the SIM card. Do not share this PIN with anyone.

If your phone loses reception suddenly for nor apparent reason:

  • Report the situation to your service provider.
  • If there are suspicious transactions in your bank account, contact the bank.
  • Immediately change all the passwords for your online accounts.
  • Keep all evidence, in case you need to contact the police.


Aquest apunt en català / Esta entrada en español / Post en français

How criminals exploit the COVID-19 crisis

352.- baixaA few weeks ago, Europol published a report on the types of criminal activities being used to exploit the COVID-19 crisis.

The current crisis, unprecedented in the history of the European Union, has seen the Member States enacting various lockdown measures, including travel restrictions and limitations to public life, to combat the spread of the virus. These measures are designed to support public health systems, safeguard the economy and to ensure public order and safety.

The EU has identified several factors which, as a result of the COVID-19 pandemic, have led to changes in crime and terrorism, and impacted on the internal security of the EU. They are as follows:

  • High demand for certain goods, protective gear and pharmaceutical products.
  • Decreased mobility and flow of people across and into the EU.
  • Limitations to public life will make some criminal activities less visible and displace them to home or online settings.
  • Citizens remain at home and are increasingly teleworking, relying on digital solutions.
  • Increased anxiety and fear that may create vulnerability to exploitation.
  • Decreased supply of certain illicit goods in the EU.

The global pandemic of COVID-19 is not only a serious health issue but also a serious cybersecurity risk. Criminals swiftly took advantage of the virus proliferation and are abusing the demand people have for information and supplies.

Criminals have used the COVID-19 crisis to carry out social engineering attacks, namely phishing emails through spam campaigns and more targeted attempts such as business email compromise (BEC).

There is a long list of cyber-attacks against organisations and individuals, including phishing campaigns that distribute malware via malicious links and attachments, and execute malware and ransomware attacks that aim to profit from the global health concern.

Information received from law enforcement partners strongly indicates increased online activity by those seeking child abuse material. Mostly because offenders expect children to be more vulnerable due to isolation, with less supervision and more online exposure.

During the coming months, it’s expected that the potential for financial damage to citizens, businesses and public organisations will increase. Criminals have also adapted investment scams to elicit speculative investments in stocks related to COVID-19 with promises of substantial profits.

And it’s highly likely that criminals will adapt fraud schemes in order to exploit the post-pandemic situation. Once again, the elderly are more likely to be vulnerable to scams. Fraudsters will seek to approach victims at home by pretending to be law enforcement or social/healthcare officials offering testing for COVID-19 in an attempt to enter homes and steal valuables.


Aquest apunt en català / Esta entrada en español / Post en français

The cybercrime virus

351. green-hoodie-thumbnailCybercriminals have been the most adept at trying to exploit the COVID-19 pandemic for the various scams and attacks they carry out. With a record number of potential victims staying at home and using online services across the European Union (EU) during the pandemic, the ways in which cybercriminals can exploit emerging opportunities and vulnerabilities have multiplied.

The document Catching the virus cybercrime, written by Europol in April 2020, summarises the following major threats posed by cybercrime:

  • The impact of the COVID-19 pandemic on cybercrime has been the most visible and striking compared to other criminal activities.
  • Criminals active in cybercrime have been able to adapt quickly and capitalise on the anxieties and fears of their victims.
  • Phishing and ransomware campaigns are being launched to exploit the current crisis and are expected to continue to increase in scope and scale.
  • Activity around the distribution of child sexual exploitation material online appears to be on the increase, based on a number of indicators. The dark web continues to host various platforms such as marketplaces and vendor shops to distribute illicit goods and services.
  • After an initial fluctuation in sales via the dark web at the beginning of the crisis in Europe, the situation stabilised throughout March 2020.
  • Vendors attempt to innovate by offering COVID-19 related products.
  • Demand and supply dynamics for some goods are likely to be affected.
  • Product scarcity occurs via distributors on the surface web.
  • Criminal organisations seek to exploit the public health crisis to make a profit or advance geopolitical interests.
  • Increased disinformation and misinformation around COVID-19 continues to proliferate around the world, with potentially harmful consequences for public health and effective crisis communication.

Ransomware has been the most dominant cybercrime threat over the last several years. The current crisis is unlikely to change that dynamic. The pandemic may multiply the damaging impact of a successful attack against certain institutions, which reinforces the necessity for effective cyber resilience.

The number of phishing attempts exploiting the crisis is expected to continue to increase. However, we also expect a greater number of inexperienced cybercriminals to deploy ransomware-as-a-service. Not all of these campaigns will result in successful attacks due to the lack of experience and technical skills of the criminals.

Offenders are likely to attempt to take advantage of emotionally vulnerable, isolated children through grooming and sexual coercion and extortion.

Children allowed greater unsupervised internet access will be increasingly vulnerable to exposure to offenders through online activity such as online gaming, the use of chat groups in apps, phishing attempts via email, unsolicited contact in social media and other means.


Aquest apunt en català / Esta entrada en español / Post en français

Victims of cybercrime in the United States lost $3.5 billion in 2019

337.- cybercrime

The Federal Bureau of Investigations Internet Crime Complaint Centre (IC3) has published a report on internet crime in the US during 2019. The report reveals that last year’s 467,361 reported incidences of cybercrime were responsible for losses of around $3.5 billion.

The IC3 says it has received 4,883,231 complaints since its inception in May 2000, with an average of around 340,000 claims per year and more than 1,200 complaints per day over the last five years.

They calculate that in the five years between 2015 and 2019, victims of cybercrime reported $10.5 billion of stolen funds.

The report concludes that phishing, extortion and similar non-payment or non-delivery scams were the most frequent causes of complaints.

The most costly crimes included business email compromise, romantic fraud and spoofing (propagating or imitating the account of a person or seller known to the victim to collect personal or financial information).

The IC3 also reported that the Recovery Asset Team (RAT), established in February 2018, has been able to assist in the recovery of funds for victims of various internet crimes.

The RAT, an independent task force set up in 2018, ended its first operational year in 2019 having recovered more than 300 million dollars worth of funds stolen by online fraud, accounting for a 79% return of all reported losses that year.

According to the report, these scams often involve a crime committed by imitating a legitimate email address. For example, an individual receives a message appearing to come from one of their company executives or from a company that has had previous dealings with that individual.

The email requests a seemingly legitimate payment by bank transfer or card purchase, but the transaction actually delivers the money directly to the offender.

In 2019, the IC3 observed an increase in the number of BEC (Business Email Compromise) complaints related to the diversion of payroll funds. In this type of scheme, fraudsters pose as employees and send an email requesting to update their direct deposit information to a company’s HR or payroll department.

In 2019, the IC3 received 13,633 complaints related to Tech Support Fraud from victims in 48 countries. The losses amounted to over $54 million, which represents a 40 per cent increase in losses from 2018.

According to the IC3, the vast majority of victims reporting Tech Support Fraud were over 60 years of age.

In 2019, the IC3 also received 2,047 complaints relating to ransomware, with adjusted losses of over $8.9 million.


Aquest apunt en català / Esta entrada en español / Post en français

The number of deaths from terrorism continues to fall, but the threat posed by far-right terrorism and the Taliban increases

335.- Alpini_ISAFThe Institute for Economics & Peace has published the Global Terrorism Index (with data to the end of 2018). It confirms a 52% decrease in terror-related deaths since the number peaked in 2014. In 2018, the total number of deaths fell by 15.2% to 15,952. Between 1970 and 2017, close to 170,000 people have fallen victim to terrorist attacks. By contrast, the number of countries to have recorded at least one fatality has slightly increased, to 71 (two more than the previous year).

The overall decline in deaths primarily corresponds to military defeats inflicted on the Islamic State (ISIL), which in 2018 had only 18,000 fighters left in Iraq and Syria, down from 70,000 in 2014. Military successes against the group have resulted in a 63% reduction in their attacks and a subsequent 69% decrease in fatalities. United States-led airstrikes targeting Al-Shabaab in Somalia, have also contributed. However, despite successes in the fight against Nigeria’s Boko-Haram, the country still ranks third in the world for terrorist incidents, with a total of 8,567 during 2018, and an increase of more than one hundred terror-related deaths compared to the previous year. The activities of extremist Fulanis are thought to be responsible for the increase.

The South Asia region recorded the highest number of deaths, with Afghanistan’s 9,603 attacks and 7,379 deaths in 2018 (a 59% increase), pushing it into first place. Most of those deaths can be attributed to the increasing activity of Taliban groups, far outweighing the decline in deaths caused by ISIL. The notable decrease in fatalities brought about by ISIL’s retreat has seen Iraq move down into second place.

In Europe, the number of deaths from terrorism fell for the second successive year, from over two hundred in 2017 to 62 in 2018. The total number of terrorist incidents also fell by 40%, to 245 in 2018, the lowest figure since 2014.

Another relevant trend revealed by the report is the confirmed surge in far-right political terrorism since 2014. Although the absolute number of far-right attacks remains low when compared to other forms of terrorism, in North America, Western Europe, and Oceania, far-right attacks have increased by 320% over the past five years. In 2018, the number of people killed by far-right attacks rose to 26 (compared to 11 the previous year). This trend continued into 2019, with 77 deaths recorded as of September that year. The upward trend is significant and extremely worrying. This type of attack is more likely to be carried out by individuals unaffiliated with a specific terrorist group (60%).


Aquest apunt en català / Esta entrada en español / Post en français