The seventh campaign has recently been completed of the European Money Mule Action, or EMMA-7, which was set up in 2016 on the initiative of Europol, Eurojust and the European Banking Federation. The international operation recently completed was the largest of its kind ever held, and is based on the concept that the exchanging of information between the public and private sectors is the key to the combat against complex modern criminal activity.  Around 400 banks and financial institutions gave their support to the campaign, providing information about 7,000 fraudulent transactions and preventing a total loss estimated at nearly 70 million euros.

The investigation highlighted that money mules were laundering the profits of online fraud, by, for example, compromising commercial electronic mail operations or through fraudulent foreign currency transactions.

Some 1,803 arrests were made and over 18,000 suspected money mules were identified. It also showed that money mules were being used to launder cash from a wide range of online scams, such as exchanging SIM cards, fraudulent e-commerce transactions, and phishing (e-mail fraud).

During a period of operations lasting approximately two and a half months, EMMA-7 required police forces, financial institutions and private sector companies such as Western Union and Microsoft to cooperate in a concerted push against money laundering in Europe, Asia, North America, Colombia and Australia.  In addition to cracking down on money laundering through networks of money mules, the investigators also sought out information concerning the origins of these illicit profits, in order to throw more light on the scope and the nature of the criminal activities that employ the services of these money mules.

These were the results of the operation lasting from 15 September to 30 November:

• 18,351 money mules identified

• 324 recruiters identified

• 1,803 individuals arrested

• 2,503 investigations launched

• 7,000 fraudulent transactions reported

• 67.5 million euros of potential theft prevented

EMMA operates through participants from the private sector who report incidents of suspicious or potentially illegal financial conduct to the relevant police authorities. In the same way, the police authorities involved can also ask their partners in the financial sector to investigate suspected money mules. Through this collaboration, the police authorities can build up a profile of the money laundering networks and then decide in each case how to react to the activities of the suspected money mules.

EMMA provides an intermediary channel through which all the partners involved can communicate between themselves, sharing information that will help to identify suspected money mules and potentially lead to their arrest.

The majority of EMMA-7 investigations focused on international operations. The money mules’ activities involve not only the transfer of cash between countries, but also enable them to travel between different countries to open bank accounts in other countries.  The criminals can use these accounts later on so as to conduct the money laundering process. The complexity of these money mule operations and the police response to them reflect the ways in which money laundering networks are created. Money muling differs from many financial crimes in that it is possible for the perpetrators to be recruited without their knowledge. Organised crime groups exploit certain social groups such as students, migrants and persons with economic problems by offering them easy ways to make money through job advertisements and online publications that look legitimate.

Ignorance is not an excuse in legal terms, however, and money mules who launder the illicit earnings of organised crime are clearly breaking the law.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Police have arrested 1,003 people in 20 countries in recent months as part of an operation led by INTERPOL to tackle online financial crime, including “business email compromise” (BEC).

Law enforcement agencies in 20 countries made the arrests between June and September for various forms of online fraud such as romance scams, investment fraud and money laundering associated with online gambling. Some 2,350 bank accounts were blocked as part of INTERPOL’S HAECHI-II operation.

According to sources from the INTERPOL investigation, far from the common notion of online fraud as a relatively low-level type of criminality, the results of Operation HAECHI-II show that transnational organised crime groups have been using the Internet to extract millions of dollars from their victims before funnelling the illicit cash to bank accounts across the globe.

The operation specifically targeted BEC, which involves tricking employees into sending large sums of money to supposed suppliers or contractors, often using emails that appear to be sent by someone in a position of responsibility within the organisation.

The FBI estimates that business email compromise cost US companies USD 1.8 billion in 2020, dwarfing the USD 29 million lost to ransomware scams. The fraudsters have also adopted a part of the ransomware business and switched to a service-based model where the components are rented to different parties.

INTERPOL highlighted a case in Colombia, where a textile company found itself defrauded of more than USD 8 million by a business email compromise scam. The perpetrators impersonated the legal representative of the company, giving the order to transfer more than USD 16 million to two Chinese bank accounts. Half of the money was transferred before the company uncovered the fraud and alerted the Colombian judicial authorities, which in turn quickly contacted INTERPOL’s financial crime unit through their National Central Bureau in Bogotá.

INTERPOL worked through its offices in Beijing, Bogotá and Hong Kong to freeze the transferred funds. Intercepting the illicit proceeds of online financial crimes before they disappear into the pockets of money mules is a race against time.

BEC is an international banking problem that is difficult for law enforcement to deal with in all jurisdictions. The FBI set up the Recovery Asset Team (RAT) in February 2018 to manage communications between banks and FBI field offices in order to freeze funds in cases where victims have transferred money to national accounts. It has also worked with US consulates in foreign territories, such as Hong Kong, to freeze multimillion-dollar transfers to bank accounts in China.

Interpol points out that, in another case, a company in Slovenia was duped into transferring more than USD 800,000 to money mule accounts in China. The transfer was intercepted after the Slovenian Police contacted Interpol and were able to connect with its colleagues in Beijing.

Operation HAECHI-II involved the police forces of Angola, Brunei, Cambodia, Colombia, China, India, Indonesia, Ireland, Japan, Korea, Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Between 8 and 12 November 2021, Europol lent its support to a series of large-scale international action days against human trafficking. The action days were coordinated by Europol and Frontex and involved 29 different countries, led by Austria and Romania.

More than 14,000 police officers took part in the action days, surveilling human trafficking routes on roads and at airports. Some 212 arrests were made and a further 89 people suspected of human trafficking were identified.

The aim of the action days was to combat the trafficking of human beings for the purposes of sexual exploitation, forced criminality and forced begging. Europol coordinated the five action days from its 24-hour operations centre, which provided the participating countries with cross-checking of information, secure communication channels and a range of analytical capabilities throughout the operation. The action days took place under the aegis of the EMPACT security framework.

Results of the action days from 8 to 12 November:

• 212 arrests for offences such as human trafficking, money laundering, pimping and fraud.

• 147,668 people identified and 91,856 vehicles checked.

• 327 additional investigations launched.

The action days were designed to identify and arrest human trafficking suspects while they were travelling in Europe, and to identify and protect the victims of trafficking and prevent associated document fraud.

Europol coordinated the work of the national police forces, passenger information units, border guards and national agencies that combat human trafficking. A net was put in place around the travel routes, with national police and border agents performing roadside checks while the passenger information units checked airline passengers.

As a result, law enforcement agencies identified 593 adults and 57 minors – drawn from countries in four different continents – as potential victims of human trafficking. Police stations at EU airports were able to identify a large number of victims as being susceptible to trafficking and exploitation. The individuals identified were successfully referred to the United Kingdom’s National Referral Mechanism or returned to their countries of origin, and given police assistance or checks upon their return.

There were also seizures of goods, such as fake driving licences, weapons and drugs. The information gathered during these action days has resulted in the opening of 327 new cases, as well as the potential identification of new human trafficking suspects. This enhanced cooperation between EU agencies, national law enforcement and organisations such as the passenger information units will pave the way for similar investigations into these serious criminal activities in the future.

The law enforcement agencies also targeted a wide range of potential locations for human trafficking, such as bars, brothels, nightclubs, massage parlours, nail bars and strip clubs. This diverse selection of targets was the result of investigations showing that traffickers were using a variety of methods to recruit their victims and threatening violence against the victims’ relatives.

_____

Aquest apunt en català / Esta entrada en español / Post en français

A total of eighteen children have been provisionally identified and two suspected offenders have been arrested as a result of Europol’s 10^th Victim Identification Taskforce (VIDTF) operation. Nine of these young victims have already been rescued by the competent authorities, with investigations continuing to safeguard the other victims.

The VIDTF is a Europol initiative that this year brought together specialists from 26 countries and associated agencies to identify victims and offenders in cases of child sexual abuse.

Between 25 October and 5 November 2021, these experts reviewed some 580 sets of images and video files representing unknown victims of child sexual abuse, including in some cases infants only a few days old. They were backed up by Europol specialists and intelligence analysts in relation to the fight against the sexual exploitation of children.

In addition to the identification of the 18 children, in 211 other cases the probable countries at the origin of the crimes were identified, and intelligence studies have been set in motion in the countries concerned in order to investigate them.

Since 2014, Europol has periodically brought together victim identification specialists from all over the world to concentrate on unresolved cases of  child sexual abuse.

The VIDTF is the largest continuous operation of its kind in the world and has inspired a series of similar initiatives on a national or regional scale, including operations carried out in countries such as Italy and Australia.

To date, all the VIDTF operations combined have led to the following results:

• The participation of 290 specialists from over 35 countries.

• The probably country of origin has been identified in 1,726 cases.

As a result of all the VIDTF operations, over 533 children have been protected and 182 suspected offenders have been arrested.

It is possible to collaborate to identify the origin of specific objects as part of Europol’s “Trace an Object” initiative. The details of the images extracted from child sexual abuse cold cases are made public on a regular basis, in the hope that somebody may recognise a detail that will help to find the victim’s location.

A total of 27,000 tips have been sent to Europol so far, which have led to the identification of 23 children and to prosecutions being brought against five suspected offenders.

Europol has recently published a new set of images in the hope that they will be identified by the general public.

_____

Aquest apunt en català / Esta entrada en español / Post en français

INTERPOL and the Norwegian police have carried out a three-day exercise to test and evaluate anti-drone measures in a secure air space in the Norwegian capital.

The exercise, carried out in real-life conditions in Oslo in late September, brought together law enforcement, academia and industry experts from Europe, Israel and the United States to test and assess 17 drone countermeasures to ensure the safety of an airport environment through the detection, monitoring and identification of the drones and their pilots.

Such systems are becoming vital to ensure the security of airports and airspace, and also the protection of air exclusion zones above cities, prisons and essential infrastructures.

All measures were evaluated and classified in accordance with specific criteria. The results will be integrated into an INTERPOL framework of anti-drone measures, access to which will be granted to the organisms responsible for policing from the 194 member countries of Interpol, so as to create a worldwide platform for collaboration and the exchange of information. 

The exercise was held at Gardermoen Airport in Oslo while the airport continued to operate normally. Because of the complexity of the exercise, the event required close collaboration between the entity responsible for the management of the airport (Avinor), the Norwegian Communications Authority, the Directorate-General for Civil Aviation, and the organisation for unmanned air systems UAS Norway, in order to guarantee that all the systems and tests complied with the required standard and did not affect the operations of the airport itself.

In addition to the exercises, workshops and presentations concerning the drone incursions were also held with a view to gathering evidence. During these sessions, the participants exchanged best practices and discussed potential future solutions to the problems posed by drone incursions.

Anti-drone measures are essential to protect airspace and will become more and more important as member countries proceed to regulate the use of drones and the management of airspace.

While measures may serve to detect, identify and locate drones within a specific area, in many countries there is no legislation in force to enable the authorities to intercept a drone that is in full flight. This situation constitutes a huge challenge for the organisms responsible for enforcing the law, for public administrations and those responsible for the management of airspace, and points to a clear need to better understand the danger posed by drones and to develop guidelines and mechanisms to transmit the information received.

INTERPOL Innovation Centre is participating in the European-funded Project Courageous, and aims to prepare a European framework for the selection, testing and evaluation of anti-drone measures for policing purposes.

In May 2020 the Innovation Centre published its Intervention framework for incidents involving drones, intended for front-line teams and digital forensic laboratories, and brings together every year key participants from all over the world to form part of Interpol’s drone platform.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The police authorities in the United Kingdom have called for an end to the macho, sexist, misogynist and homophobic “canteen culture” found within the police in order to try to regain the trust of society as a whole.

John Apter, the National Chair of the Police Federation of England and Wales, who represents over 130,000 police officers, has recognised that in the police forces in the United Kingdom, women officers are subjected to sexist nicknames and disparaging remarks, and added that such behaviour had to be brought to an end, according to a report published a few days ago in the British newspaper the Sunday Times.

Apter added that it is essential to maintain public trust in the police, and that it therefore had to be accepted that there was a problem as the only way to deal with it.

After Wayne Couzens was found guilty of the murder of Sarah Everard, aged 33, the country’s police forces were described as institutionally misogynist by a former head of the Nottinghamshire police, Susannah Fish. Fish stated that she had herself been sexually assaulted by colleagues while working as a police officer. Cultural changes are never easy, and this is not true only in the case of the police, but just because a situation is difficult to change does not mean that an attempt should not be made. Taking no action is not an option.

Wayne Couzens was sentenced to life imprisonment for the kidnapping, rape and murder of Sarah Everard, after she had disappeared while she was returning home from a friend’s house in South London. At the time, Couzens was an on-duty police officer and used his police badge and handcuffs to kidnap her.

Apter declared that this terrible murder had damaged society’s trust in the police. Everybody in the police needed to tackle this problem. It was not enough to say that these were the actions of an evil man who deserved to rot in jail.

It had to be shown, not only through words but also through actions, that sexism and misogyny have absolutely no place in any police force.

The Independent Office for Police Conduct announced that five police officers from four different regional police forces were facing disciplinary measures for messages shared on the social networks concerning Everard’s murder.

John Apter added that misogyny was a problem not only for women, but for everyone. Only too often such incidents were passed over in silence, and such inaction meant officers were failing each other and wider society.

There was a need to consign to the history books this canteen culture where sexist nicknames and derogatory remarks were made. When joking crossed the line to become sexist, derogatory or homophobic it ceased to be joking, and this is when it was necessary to react.

_____

Aquest apunt en català / Esta entrada en español / Post en français

A total of 12 people who wreaked havoc around the world with ransomware attacks against critical infrastructure have been arrested as a result of a law enforcement operation involving at least eight countries.

The attacks are believed to have affected more than 1,800 victims in 71 countries. These cybercriminals are known to specifically target large corporations, making it easier for them to optimise their business.

The arrests took place at the end of October in Ukraine and Switzerland. Most of these suspects are considered high-value targets because they are being investigated in parallel in multiple high-profile cases in different jurisdictions.

As a result of the law enforcement action, more than USD 52,000 in cash was seized, along with 5 luxury vehicles. Computer forensic experts are currently examining various electronic devices to obtain evidence and identify new investigative leads.

All suspects had different roles in these highly organised criminal organisations. Some of these criminals used multiple mechanisms to exploit network vulnerabilities, such as various attacks, SQL injections, stolen credentials and fishing emails with malicious attachments.

Once on the network, some of these cybercriminals would focus on moving with criminal intent, deploying malware like Trickbot, or post-exploitation frameworks like Cobalt Strike  or PowerShell Empire, in order to remain undetected and gain further access.

The criminals would then enter the compromised systems undetected, sometimes for months, and investigate further weaknesses in the networks, before moving on to monetise the infection by deploying ransomware. These criminals have been known to deploy ransomware like LockerGoga, MegaCortex and Dharma, among others.

The effects of the ransomware attacks were devastating, as the criminals had had time to scan computer networks undetected.
 They then presented a ransom note to the victim, demanding that he pay the attackers in bitcoins in exchange for decryption keys.

It is suspected that several of the individuals arrested were responsible for laundering the ransom payments: they would channel the ransom payments in bitcoins through various services, before collecting the illicit proceeds.

_____

Aquest apunt en català / Esta entrada en español / Post en français

In 25 States of the United States, motorists accused of speeding can face either a criminal charge or a traffic offence, and the type of prosecution brought is chosen at the discretion of police officers and the courts.

Using speeding data from 18 counties in Virginia over a period of nine years, researchers found large racial disparities in who was condemned for a criminal offence.

Black motorists stopped for speeding were nearly twice as likely as white drivers to be condemned for a criminal charge when their speed had been in the range qualifying for the most serious charge.

Among the motorists who had been driving at excess speed and who were condemned for a criminal offence, black drivers were likelier than white ones to be accused of a minor crime instead of a traffic offence.

In general, police officers reduced the possible accusation from a charge to a traffic offence when they were on duty in counties in which black motorists represented a larger share of drivers than in other counties.

Among drivers accused of an offence by law officers, black drivers were likelier than white ones to be condemned for a criminal charge by the courts.

So why was this the case?

• Black motorists were less likely than white motorists to attend an obligatory court hearing.
• Black motorists were less likely than white motorists to have a lawyer present in court.
• Black motorists had a higher probability than white motorists of living in areas where drivers were allowed to pay in advance for charges rather than appearing in court (which results in an automatic condemnation for a criminal charge).

These three factors explained approximately four fifths of the racial disparities in the convictions.

The majority of motorists condemned for a traffic charge did not go to prison, but there are other repercussions.

• Applications for jobs, housing and other services involve asking candidates to show whether they have a criminal record.
• A criminal charge can count as part of an individual’s previous record if the person is sentenced for a new offence, a factor that increases the penalty for this charge.
• Apart from this, the average fine and legal costs imposed for a criminal charge in Virginia were up to 120 dollars more than a traffic offence.
• Some states suspend the driving licence of persons who do not pay the fines and associated taxes. (Virginia abandoned this practice in 2019.)
• A criminal condemnation adds negative points to the driving record of an individual and can increase the cost of motor insurance.

Politicians could perhaps find fairer ways of enforcing the speeding laws.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Changes in the perception of the terrorist threat may bring the United States at a turning point. After two decades of an almost exclusive focus on the terrorist threat posed by the world jihadist organization and its supporters, the intelligence effort is now turning towards tackling domestic violent extremism. This may require rethinking the intelligence strategy.

Since September 11, the primary goal of domestic intelligence gathering has been to prevent terrorist attacks. This meant discovering and thwarting terrorist plots before they could be carried out. Fear of further September 11 attacks or even more alarming terrorist scenarios made prevention essential.

Rapid overseas action dispersed Al Qaeda’s leadership and intense international intelligence efforts reduced the possibility of new September 11. The United States has not suffered any other large-scale terrorist attacks from abroad. In contrast, self-produced jihadists, inspired by jihadist ideology, carried out low-level, albeit sometimes lethal, attacks. Most of these were isolated incidents. Moreover, most of the plots and almost all the attacks involved a single perpetrator who acted alone with limited capabilities and resources.

The campaign against self-produced jihadists is not a model for dealing with domestic violent extremists.

Authorities discovered and thwarted more than 80% of jihadist plots because local community councils, informant information or Internet data alerted the FBI or local police. Those who appeared to intend to commit violence were the subject of covert operations. In the twenty years after the September 11, U.S. jihadists killed a total of 105 people, including 49 in a single shooting at an Orlando nightclub. While each death is tragic, this was far less than many feared in the immediate aftermath of 9/11.

Unlike jihadists, national political extremists have a potential constituency. Jihadist ideology never gained strength in American Muslim communities. The jihadists were isolated, acting independently. In contrast, the beliefs that motivate American national extremists, especially those on the far right, are rooted deep in Norh-American society. Informants may be more difficult to find and political divisions could limit intelligence operations.

The legal campaign against domestic extremism is not an attack on beliefs, nor a crusade to root out anti-government sentiments or end racism. These are issues of national interest. The goal of intelligence is to prevent group violence.

But it seems that most terrorist threats come from individuals or small conspiracies outside of larger movements. The 1995 Oklahoma City bombing was carried out by one man and an accomplice, neither of whom acted in a larger organization. Most current terrorists in the West are solitary actors motivated by extremist ideologies, seeking recognition by outdoing previous spectacular attacks.

Several programs have been implemented to identify and deter people who appear to be on the road to violence, but the success of retail intervention as a preventive strategy has not yet been demonstrated.

The current circumstances are different. Prevention of violent crime remains a goal, but expectations may need to be moderated. While intelligence could be a critical component of the U.S. counter-terrorism strategy, there are reasons why it may also be prudent to return to a more traditional approach focused on investigating violent crimes and reporting perpetrators to justice.

_____

Aquest apunt en català / Esta entrada en español / Post en français

While the creation of comprehensive police safety and welfare initiatives has clear benefits, many departments do not know where to start or how to expand their welfare programs. This area needs guidance on how to provide effective support to police officers and non-police personnel who have experienced trauma, in order to promote their long-term physical and mental health, to equip officers with emotional survival skills, and to overcome stigma and other cultural and psychological barriers to seeking treatment.

To meet these needs, in 2017 the Police Research Forum (PERF) was selected by the Office of Community Oriented Police Services (COPS Office) of the United States Department of Justice (DOJ) to implement and manage the police safety and welfare technical assistance project. As part of this project, PERF provided practical support and experience to three law enforcement agencies as they developed or expanded their officer security and welfare programs. This report is based primarily on PERF’s experience with these police agencies.

This publication is intended to provide departments across the country with a roadmap for creating their own wellness programs. The information contained in this professional handbook includes strategies for creating and improving wellness programs, encouraging participation in these programs, and normalizing the routine use of mental wellness services.

The purpose of the report is to provide guidance to law enforcement agencies on how to build and strengthen their welfare programs for their employees. Each chapter of this publication presents conclusions and recommendations on a topic that emerged as a common theme during evaluations. The report’s recommendations reflect the common challenges facing project areas and other law enforcement agencies across the United States.

For example, Chapter 1 discusses the basics of a comprehensive wellness program, including how to identify wellness needs and how to create a wellness committee.  Chapter 2 focuses on the development of programming for different types of well-being, including physical, mental, and emotional, financial, and spiritual well-being. These recommendations include, among others:

• Evaluate various methods to encourage participation in fitness programs and determine which are most successful with the workforce.
• Provide training on mental well-being to all new members.
• Eliminate the stigma associated with mental health care and promote searching for help..
• Identify and assist police officers who may be in crisis.
• Create a mentorship program in which veteran officers are assigned to new employees to provide help and serve as a resource during their academic training, field training, and throughout the territory.
• Train supervisors on how to identify the first indicators of acute stress or mental health issues.
• Incorporate well-being and resilience into promotional tests to increase supervisor knowledge.
• Train officers on identifying and resolving ineffective coping behaviours such as alcohol abuse.
• Assess suicide risks among agents, promote healthy forms of stress control, and provide health strategies to prevent disease.
• Provide information on financial well-being (e.g. budgets, retirement benefits, and financial savings).

_____

Aquest apunt en català / Esta entrada en español / Post en français