A two-part investigation conducted in multiple EU Member States has revealed a criminal network that operates by reintroducing expired food into the supply chain. Altogether, 27 criminals accountable for this relatively new criminal practice, endangering the health and safety of European consumers, have been arrested by law enforcement officials.

Taking advantage of supply chain vulnerabilities initially induced by the COVID-19 pandemic, criminals began acquiring immense quantities of expired food and beverages. They would then chemically erase the expiration date printed on the individual items and make new ones. In other cases, a completely new label was made up and applied, giving the impression that the packaged food or beverage was still fresh and safe for consumption. Repackaged food and beverages may not only be unpleasant, but even dangerous for human consumption, and may pose a serious risk to public health.

This specific modus operandi was discovered and subsequently further investigated within the framework of OPSON, a large-scale investigation of the food industry, coordinated by Europol. Subsequent investigations conducted by the Member States and coordinated by Europol resulted in two specific operations:

• On 23 May 2023, Lithuanian police (Lietuvos policija) and law enforcement agencies from other Member States, coordinated by Europol and Eurojust, successfully dismantled an organised crime group responsible for reintroducing millions of expired food products with counterfeit labels into the market. The criminals, who are under investigation for large-scale VAT fraud, are believed to have made profits of at least EUR 1 million from their food packaging scam. The agents, who carried out 70 searches and inspections of warehouses, among other locations, seized material for altering the expiration dates of the products. This equipment included household solvents, printers and labels. In total, over a million food and beverage containers were intercepted and prevented from entering the market.
• An action day on 11 July 2023 led to the arrest of three other people. Europol coordinated the action day carried out in Italy by the Italian Carabinieri (Nucleo Anticontraffazione e Sanità dell’Arma dei Carabinieri), with the support of the Italian financial police (Guardia di Finanza). Law enforcement conducted 14 searches and seized over 500,000 food and beverages items, as well as equipment used by the criminals. Many of the seized foods were not only out of date, but had already spoiled, highlighting the harm that could have been done to consumers.

The criminal network gathered expired food and beverages at minimal or no expense and replaced the expiry dates with new ones, facilitating their resale.

By reintroducing these items into the supply chain, massive profits were made at the expense of innocent consumers. The scale and spread of this phenomenon are new, reaching across multiple EU Member States. However, there is no involvement of food producers, as intermediate suppliers or other entities working in food disposal are used as facilitators in this particular criminal activity.

Europol recognised the phenomenon as a major emerging threat during the COVID-19 pandemic and informed EU Member States by distributing operational plans. Europol specialists discovered an important link connecting the Lithuanian and Italian investigations, revealing the extensive scope of the trend. Europol agents were deployed during the action days to provide on-site support with mobile offices and forensic analysis.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The dismantling of the encrypted communication tool EncroChat, frequently used by organised crime groups, has thus far given rise to 6,558 arrests worldwide. Of those arrested, 197 were considered “high value targets” by the police. This result is explained in the EncroChat presentation made by the French and Dutch judicial and police authorities in Lille, France.

The successful removal of EncroChat is the result of the efforts of a joint investigation team set up by France and the Netherlands in 2020, with the support of Eurojust and Europol. Since that time, nearly 900 million euros in criminal funds have been seized or frozen.

The dismantling of EncroChat in 2020 helped prevent violent attacks, assassination attempts, corruption and large-scale drug transports, as well as gain valuable information on organised crime.

Criminal groups around the world illegally used this encryption tool for criminal purposes. Since the takedown, investigators were able to intercept, share and analyse more than 115 million criminal conversations, by an approximate number of more than 60,000 users. User access points were prevalent in source and destination countries for the illicit drug trade, as well as money laundering centres.

The data acquired by the French and Dutch authorities was shared with their counterparts in EU member states and third countries. According to the cumulative figures of all the authorities involved, this resulted in the following results, three years after law enforcement broke the encryption:

• 6,558 suspects detained, including 197 high-value targets
• 7,134 years of imprisonment of offenders sentenced so far
• 739.7 million euros in seized cash
• 154.1 million euros frozen in assets or bank accounts
• 30.5 million chemical drug pills seized
• 103.5 tonnes of cocaine seized
• 163.4 tonnes of cannabis seized
• 3.3 tonnes of heroin seized
• 971 vehicles seized
• 271 foreclosed properties or homes
• 923 weapons seized, as well as 21,750 ammunition cartridges and 68 explosives
• 83 vessels and 40 planes seized

After discovering that the phones were regularly working during operations against criminal networks, investigations into the alleged criminal behaviour of the company using EncroChat were reopened by the French National Gendarmerie in 2017. Further investigations found that the company behind this tool operated through servers in France. Finally, a technical device could be put in place to go beyond the encryption technique and gain access to users’ correspondence.

EncroChat phones were conveyed as a guarantee of perfect anonymity, discretion and no traceability to users. They also had functions designed to ensure automatic deletion of messages and a specific PIN code to erase all data from the device. This would allow users to quickly delete compromising messages, such as at the time of arrest by the police.

Furthermore, the distributor could erase the device from a distance. EncroChat sold cryptophones internationally for about €1,000 each. It also offered subscriptions with global coverage, at a cost of 1,500 euros for a period of six months, with 24/7 assistance.

The illegal use of encrypted communications continues to receive a great deal of attention from law enforcement and judicial agencies across the EU. Criminals communicating via encryption received another blow in March 2021, following the dismantling of another such tool, SkyECC.

_____

Aquest apunt en català / Esta entrada en español / Post en français

With the support of Europol, law enforcement agencies from Germany, Poland and the United Kingdom have tracked down and arrested the head of a criminal network responsible for defrauding hundreds of senior citizens across Europe. The suspect was arrested near London, from where he ran a network of fraudsters mainly targeting German and Polish nationals. While carrying out the arrest warrant issued by Polish authorities, officers confiscated crucial evidence such as mobile phones from the suspect’s residence. Meanwhile, German police carried out searches at five homes and seized more than 160,000 euros in cash, gold bars and coins, as well as jewellery, telephones and other electronic devices.

The organised criminal network’s speciality was calling elderly people in Germany and Poland, posing as police officers or representatives of other official authorities by means of impersonation. Victims were informed that one of their family members had been involved in a traffic accident or similar incident and had caused serious injury or death to others. The scam caller would hand the phone to an accomplice in the network, who, crying or screaming desperately into the phone, would implore the victim for help. This procedure was intended to shock the victim, allowing the perpetrator to commit the fraudulent act and ask for the delivery of money to avoid the arrest of the false relative.

The criminals instructed the victim on how to deliver the requested money and then sent a person to collect it in cash at the victim’s home. Through online job platforms, the criminal network recruited unsuspecting accomplices for this task to reduce exposure and avoid the risk of arrest.

During the course of the investigation, more than 70 people involved in the scam were arrested, such as while collecting the requested money from the victims’ homes. The overall damage amounts to around 5 million euros and it is estimated that up to a further 1.4 million euros in losses could have been avoided thanks to this successfully completed operation.

Crimes carried out on elderly people through scam calls in which offenders impersonate police or judicial authorities pose a serious danger and have a profound impact on victims. Aside from the economic damage suffered, which is often irrecoverable, they can cause emotional distress and loss of confidence in legitimate authorities.

Apart from impersonating officials, including law enforcement and, in some cases, healthcare personnel, other impersonation scams include the so-called grandchild or nephew trick. In such cases, the attackers pose as close relatives of the targeted victims, most of whom are elderly, and pretend that they are in economic, legal or health difficulties, in order to fraudulently obtain money.

The criminal networks active in these impersonation scams represent a major threat in the European Union and are highly adaptable to all types of contexts. For example, during the COVID-19 pandemic, some criminals adapted their frauds by posing as sick family members in financial need.

It is important to be alert to and protect yourself from scam calls and not share personal or financial information with strangers. Law enforcement and other officials will never ask for money or payment via phone or in person by showing up at your front door.

_____

Aquest apunt en català / Esta entrada en español / Post en français

As Ross Hunter reported a few weeks ago via The National’s website, the homicide rate in Scotland has fallen to its lowest level since modern records began, according to Police Scotland’s own data.

The historical highest rate was recorded in the 2004-2005 period, with 137 homicides. In contrast, from June 2022 to May 2023, a total of 48 homicides were recorded, according to the latest police performance report.

It is worth noting that in the period between 2004 and 2005, according to a UN report, Scotland was described as the most violent country in the developed world.

Since the homicide investigation service was formed some ten years ago, Police Scotland’s detection rate has been extraordinarily high. During the 2022-2023 period, there was only one unsolved homicide, and it remains under investigation. Police Scotland deputy chief constable Fiona Taylor welcomed the marked statistical improvement in this area, but noted that further work was needed, as each homicide represents an individual tragedy.

The 2022-2023 police performance report underlines that Scotland is a safe place to live and work and, when a critical situation arises, Police Scotland responds with high levels of operational competence. Each murder is extremely serious, with unique circumstances and investigative challenges. Ensuring justice for families and loved ones is a basic duty for Police Scotland and very important to the “legitimacy of policing”.

The police report also notes that there was a significant reduction in the number of assaults suffered by Police Scotland officers and staff: 438 less (6.2%), with a total of 6,657.

The Scottish police management welcomed the reduction in assaults on officers and working staff, which was the lowest number since 2018-2019. They also highlighted that work would continue to be promoted as part of the Your Safety Matters programme, in order to reduce the impact of violence and abuse on police officers and staff.

Another relevant piece of information from the police document is Police Scotland’s Banking Protocol, which teaches staff working in savings institutions how to spot the signs of a customer who may have been the victim of a scam.

Statistical data indicate that, in the last year, the protocol has foiled frauds of around £3.5 million, with a total of 1,200 incidents reported.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Bosnia and Herzegovina received assistance from Europol in uncovering and dismantling a large-scale criminal network involved in the trafficking of drugs and firearms, money laundering and corrupt practices. The investigation, set in motion by a comprehensive analysis conducted by Europol, engaged the following authorities of Bosnia and Herzegovina: Federal Ministry of Interior, Ministry of Interior of the Republic of Srpska, Border Police and the State Prosecutor’s Office. The investigation also involved law enforcement (Federal Criminal Police Office) and judicial authorities in Germany.

The investigation, launched in 2021, focused on the activities of a criminal network mainly involved in drug production and trafficking in the Western Balkans, the EU and South America. Crucial information that aided in identifying criminal individuals was acquired through operational analysis of encrypted communications. Europol assisted the national authorities by providing essential intelligence gathered from the suspects’ communications through encrypted applications such as ANOM and SkyECC, with the latter being dismantled in 2021. This support facilitated the development of the investigative operations.

The exchange of information between different national authorities revealed a large-scale organization, spread over two continents and with some members holding positions in the national administration of Bosnia and Herzegovina. At the end of June, when the eighth day of action was organised as part of the three-year operation, 6 people were arrested by the national authorities of Bosnia and Herzegovina. These arrests brought the total number of individuals detained for their links to this organised crime group to 38.

Total results of the operation:

– 38 suspects arrested, 8 of whom held positions in the national administration of Bosnia and Herzegovina.

– 1 High Value Target arrested in Germany and extradited to Bosnia and Herzegovina.

– Seizures of over 300 kg of cannabis, as well as real estate and cash with a total value of more than 6 million euros.

From the outset, Europol provided continuous support to the operation by conducting comprehensive analyses of communications, enabling the national authorities to identify the suspects involved and uncover their criminal activities. Europol facilitated the exchange of information and coordinated and financed operational meetings.

Europol’s parallel operational analysis, presented in the form of intelligence reports, clarifies the ramifications and influence of the criminal network. Furthermore, Europol extended its support to the national authorities by dispatching field experts who provided real-time analytical assistance and specialised technical expertise.

As of June 2023, Europol is further strengthening its operational cooperation with Bosnia and Herzegovina. This new development concerns the establishment of a single national point of contact for all Bosnian police authorities with Europol, connecting them to Europol’s Secure Information Exchange Network Application (SIENA) system. The creation of this national contact point, which will coordinate communication between the competent Bosnian authorities and Europol, is accompanied by the deployment of a Bosnian liaison officer to the agency. The Bosnian liaison officer will join the large community of nearly 300 liaison officers, representing more than 45 countries, already housed at Europol headquarters.

_____

Aquest apunt en català / Esta entrada en español / Post en français

According to the latest TE-SAT report on the terrorism situation and trends in the European Union in 2023 by Europol, jihadist terrorism remains the main concern of EU member states.

This report is based on data provided by EU member states to Europol on terrorist attacks and arrests related to terrorism in the European Union.

Among the main conclusions of the document for the year 2022, it is worth highlighting the following:

• Terrorism remains a serious threat. In 2022, 28 completed, failed or thwarted attacks were recorded in the Union. Sixteen attacks were completed and four people tragically lost their lives, two as a result of jihadist attacks and two as a result of a terrorist attack from extreme right-wing sectors.

• EU Member States continue to consider jihadist terrorism as the most prominent threat to the EU. Of the 380 people arrested by Member States in 2022 for terrorism-related offences, 266 were carried out for jihadist-related offences.

• The lone actors remain a key threat. Most of the 2022 attacks were carried out by suspects acting alone. This can be seen across the spectrum, from jihadist to right and left-wing extremism.

• Internet and technologies remained a key factor in the dissemination of extremist propaganda, as well as the radicalisation and recruitment of individuals vulnerable to terrorism and violent extremism. In addition to social networking platforms, messaging applications, online forums and video game platforms, it appears that decentralised platforms have gained popularity in terrorist and violent extremist circles.

• Other advanced technologies that have become increasingly visible include the manufacture and use of 3D printed weapons, especially in the far-right scene, and the use of virtual assets by terrorist groups, especially cryptocurrencies, to finance their terrorist activities.

• Although rooted in different ideologies and backgrounds, terrorists and violent extremists increasingly share common aspects, such as similar narratives about the same issues, the selection of similar targets for attacks and the use of tactical methods. Opposition to the establishment, conspiracy theories and opposition to technological advances seem to increasingly fill the space between ideologies, providing motivations for violent actions.

• The most visible reactions to the Russian war of aggression against Ukraine emerged during the first months of the conflict, largely on the far-right scene, and materialised in online publications and a limited number of far-right affiliates travelling to join the battlefield. Although interest in the war in this environment appears to have gradually diminished during the remainder of 2022, conflict-related misinformation is likely to continue to fuel terrorist and extremist narratives.

The report is based on qualitative and quantitative data provided by member states on terrorist attacks, arrests and court decisions handed down for terrorist offences. Europol’s partners also provided qualitative information and valuable assessments that enrich the report’s conclusions, in order to reflect on developments beyond the EU that affect the security of Europe and its citizens.

As a complement to the report there is information on convictions and acquittals for terrorist offences, as well as on amendments to national legislation on terrorism provided by Eurojust and based on data shared by the Member States.

Member States’ definitions of terrorist offences according to national legislation are reflected in the quantitative analysis presented in the TE-SAT document.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Between March and December 2022, Europol organised the first EU-wide operation against the illegal trade of counterfeit clothing, footwear and accessories, resulting in 378 arrests and nearly 2 million counterfeit items seized.

Operation Fake Star, which involved seventeen countries in total, was also supported by the European Union Intellectual Property Office (EUIPO) and led by the Spanish National Police and the Hellenic Police (Ελλληνική Αστυνομία).

During the operation, the various authorities searched commercial and industrial zones, markets, tourist areas, warehouses, shops and other similar places where counterfeit products can be sold. The police involved also carried out operational activities in ports, various shops and small e-commerce parcel distribution companies:

• 1,956,607 counterfeit garments, shoes and accessories
• An estimated total value of approximately 87 million euros of counterfeit goods seized
• 258 trademarks infringed
• 3,921 inspections carried out
• 646 open court cases
• 1,311 administrative cases opened
• 378 people arrested

The operation yielded significant outcomes, with notable seizures of counterfeit sports and luxury goods. Millions of these counterfeit items, destined for the European market, were seized during the operational activities. Investigations confirmed expectations that criminals are using social media to advertise all kinds of counterfeit products. Different retailers have been seen posting images of available counterfeit items, mainly clothing and footwear, on their companies’ social media pages and profiles.

However, this is not a new trend: the online trade in counterfeit goods has significantly increased in recent years. The market share of e-commerce platforms has increased in recent years, which also applies to counterfeit product advertisements on social media platforms.

Conversely, the operational findings indicate that traditional offline marketplaces continue to be a significant presence and require law enforcement’s attention.

The counterfeit products seized came mainly from outside Europe, with China, Hong Kong, Turkey and Vietnam being the predominant places of origin. As for transportation, the counterfeits entered the European Union by land or sea. Aside from the trafficking of counterfeit goods, authorities identified additional criminal activities being conducted by the identified criminal networks.

Europol facilitated the exchange of information and provided operational coordination and analytical support throughout the process. During several days of action, Europol deployed analysts to enable real-time information exchange and cross-check operational information against Europol databases to provide leads to investigators on the ground.

Europol’s IPC3 (Intellectual Property Crime Coordinated Coalition), which supported the research, is a project to combat intellectual property crime co-funded by the EUIPO.

_____

Aquest apunt en català / Esta entrada en español / Post en français

In an operation coordinated by Europol and involving nine countries, law enforcement agencies seized the illegal dark web marketplace called Monopoly Market and arrested 288 suspects involved in buying or selling drugs. Police seized more than €50.8 million ($53.4 million) in cash and virtual currencies, 850 kg of drugs and 117 firearms. The drugs seized included more than 258 kg of amphetamines, 43 kg of cocaine, 43 kg of MDMA and more than 10 kg of LSD and ecstasy pills.

This operation, codenamed SpecTor, comprised a series of separate complementary actions in Austria, France, Germany, the Netherlands, Poland, Brazil, the United Kingdom, the United States and Switzerland.

Europol has been compiling reports and documents based on the evidence provided by the German authorities, who lead a successful operation to seize the market’s criminal infrastructure in December 2021. These target documents, created through cross-comparison and analysis of the data and evidence collected, served as the basis for investigating hundreds of people.

The dealers arrested as a result of the police action against Monopoly Market were also active in other illicit markets, thus preventing the spread of drug and illicit goods trading on the dark web. Therefore, 288 sellers and buyers involved in tens of thousands of sales of illicit goods were arrested throughout Europe, the United States and Brazil. Europol considered some of these suspects high-value targets.

Arrests were made in the United States (153), the United Kingdom (55), Germany (52), the Netherlands (10), Austria (9), France (5), Switzerland (2), Poland (1) and Brazil (1). A series of investigations to identify additional individuals behind the dark web accounts remain ongoing. As law enforcement authorities gained access to the extensive lists of buyers and sellers, thousands of customers around the world are also at risk of prosecution.

In the period running up to this coordinated operation, German and US authorities also shut down Hydra, which was the highest-grossing dark web marketplace, with estimated revenues of €1.23 billion, in April 2022. Hydra’s dismantling led to the seizure of €23 million in cryptocurrencies by German authorities.

The operation was particularly successful in terms of arrests, almost doubling previous operations codenamed DisrupTor (2020), with 179 arrests, and Dark HunTor (2021), with 150. This shows once again that international collaboration between law enforcement authorities is key for combating crime on the dark web.

Europol’s European Cybercrime Centre facilitated the exchange of information within the framework of the Joint Cybercrime Action Taskforce (J-CAT), hosted at Europol’s headquarters in The Hague, the Netherlands. After cross-checking evidence through Europol’s databases, its analysts prepared targeting documents and cross-reports containing valuable data to identify vendors on the dark web. Europol also coordinated international police action.

Europol supports the 27 member states of the European Union in their fight against terrorism, cybercrime and other serious and organised crime. It also works with many non-EU partner states and international organisations. From its various threat assessments to its operational and intelligence gathering activities, Europol has the tools and resources it needs to make Europe a safer place.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The advent of blockchain-based technologies has opened a new frontier for people who want to conduct financial and other transactions remotely, anonymously and without the need for a third party such as a bank. Cryptocurrency is increasingly an accepted form of payment in many legitimate business transactions, but it is also used to enable many illegal activities, which to a large extent is precisely because of its ability to facilitate mostly anonymous transactions remotely.

In the United States, with support from the National Institute of Justice (NIJ), researchers from RAND Corporation and the Police Executive Research Forum identified, at a conference, the main needs for improving police policies and procedures on cryptocurrencies. These needs relate to policies for digital key management, resources for law enforcement training on blockchain and cryptocurrency and tools to investigate these types of currencies.

Participants prioritised needs associated with increasing the level of knowledge of officials and investigators, training or hiring experts who can assist with investigations and adapting existing policies and procedures to ensure that cryptocurrencies are managed responsibly.

Among the recommendations made at the conference were:

• Identify best-practice policies and procedures to quickly secure cryptocurrency assets in investigations.
• Develop best-practice policies and procedures to minimise opportunities for mishandling of cryptocurrency.
• Identify best-practice policies and procedures for storing, transferring and writing digital cryptocurrency keys in record-management systems.
• Catalogue and publicise the training resources already available, including training that is not adapted to legal professionals.
• Develop regional or national exchange systems that facilitate the exchange of training materials and intelligence for ongoing cases.
• Develop model materials that can be easily adapted for the training of trainees, investigators, forensic experts, prosecutors, judges and others.
• Conduct research to examine the balance of skills and knowledge that law enforcement agencies look for when hiring and assess whether they are likely to meet current and future needs.
• Convene a permanent group of professionals and experts who can review and generate requirements for research and development organisations.
• Work with federal, state, local and private entities (e.g., the Regional Computer Forensics Laboratory or Lawyers Without Borders) to make appropriate cryptocurrency-tracking resources available so that costs can be more easily shared.
• Evaluate the costs and benefits of developing a private-sector information centre that would enable the public sector and the verified private-sector entities to coordinate (in the same way that the National Center for Missing & Exploited Children examines potentially abusive materials).

_____

Aquest apunt en català / Esta entrada en español / Post en français

As recently published by The Conversation, Rutgers University professor Alexander Hinton believes that the term ‘lone wolf’ is misleading, since violent extremists are almost always part of a group, and repeated use of this term could prevent efforts to combat violence from the far right from bearing fruit. In any case, this may have been true long before the age of social media.

After decades of research into numerous attacks that have left many dead, it is now documented that extremists are almost always part of a pack, not lone wolves. However, the myth of the lone-wolf shooter remains persistent and reappears in media coverage after almost every mass shooting or act of right-wing extremist violence.

Hinton believes that this myth diverts people from the real causes of extremist violence, which puts obstacles in the way of society’s ability to prevent attacks.

The threat of domestic terrorism is still high in the United States, particularly the danger posed by white power extremists, many of whom believe that whites are being “replaced” by people of colour.

Far-right extremists may carry out an attack alone physically or as part of a small group of people, but they are almost always connected and identify with larger groups and causes.

The vast majority of far-right extremists are actually ordinary men and women. They live in rural areas, suburbs and cities. They are students and working professionals. And they believe their cause is justified.

There are many examples of killings of people of colour committed by white men such as Patrick Crusius or Gendron, or the case of Timothy McVeigh, often portrayed as the archetypal lone wolf madman who blew up the Oklahoma City federal building in 1995.

In fact, McVeigh was part of a group. He had accomplices and was connected across the far-right extremist landscape. The same goes for Gendron and Crusius, who were also characterised in the media coverage as lone wolves. Both were active on far-right social media platforms and had published manifestos prior to their attacks. Gendron’s manifesto talks about how he became radicalised on the dark web and how he was inspired to attack after watching videos of Brenton Tarrant’s 2019 massacre of 51 people at two mosques in Christchurch, New Zealand.

Almost a quarter of Gendron’s manifesto is taken directly from Tarrant’s, which was entitled ‘The Great Replacement’. This fear of white replacement, centred around the perception of their demographic decline, was also a motive for Crusius. His manifesto pays tribute to Tarrant, before explaining that his attack was “a response to the Hispanic invasion of Texas”. The lone wolf myth also implies that extremists are abnormal deviants with antisocial personalities.

By using this term, which individualises extremism, Hinton believes that law enforcement officials may also depoliticise their work. Instead of focusing on movements such as white nationalism which have sympathisers at various levels of government, from sheriffs to senators, they focus on individuals.

This understanding provides a foundation for developing long-term strategies to prevent extremists like Gendron and Crusius from carrying out more violent attacks.

_____

Aquest apunt en català / Esta entrada en español / Post en français