E-commerce has been booming since the pandemic when we had to stay out of shops but so has also online fraud. “Even if payments online are generally very secure, mostly thanks to Secure Customer Authentication (SCA) methods widely implemented in Europe, criminals are continuously altering their techniques to unlock new ways of stealing money”, Europol says after a month-long international campaign against ecommerce fraud.
59 scammers were arrested and new investigative leads triggered all across Europe, Europol says.
The findings of eComm 2022 identified the following key threats to the e-commerce sector:
- Phishing, vishing and smishing fraud: Stolen credit card numbers are often obtained through phishing/vishing/smishing attacks whereby criminals contact people by phone, text messages, messaging apps or email and attempt to convince them to hand over their credit card information. Sometimes these attacks promise a reward, other times they impersonate a trusted business or a government agency.
- Account takeover fraud: This fraud occurs when a criminal gains access to a user’s account on an ecommerce store. This can be achieved through a variety of methods, including purchasing stolen passwords, security codes, or personal information on the dark web or successfully implementing a phishing scheme against a particular customer. Criminals can change the details of a user’s account, make purchases on ecommerce stores, can withdraw funds, and can even gain access to other accounts for this user.
- Triangulation fraud: This type of fraud happens when online criminals set up a fake or replica website and entice buyers with cheap goods. Sometimes these fake websites may appear in ads, or be sent to a user’s email directing to the website through a phishing attempt. The catch is that these goods don’t actually exist, or of course are never shipped.
The action was coordinated by Europol’s European Cybercrime Centre (EC3) and the Merchant Risk Council. After several months of preparation, law enforcement authorities in participating countries raided the locations where illegally purchased goods had been delivered, arresting the suspects and confiscating the fraudulently purchased goods.
Investigations are still ongoing in various countries, with more arrests expected in the coming weeks.
Participating countries are Albania, Austria, Bosnia-Herzegovina, Colombia, Czech Republic, Finland, France, Georgia, Germany, Greece, Hungary, Latvia, Poland, Portugal, Romania, Slovak Republic, Spain, Sweden and United Kingdom
Europol and the Merchant Risk Council have launched a campaign to make e-commerce more secure. The campaign includes tips for online shoppers:
- Never send your card number, PIN or any other card information to anyone by e-mail.
- Never send money to anyone you don’t know.
- Always save all documents related to your online purchases.
- If you are not buying anything, don’t submit your card details.
- Check your online banking service regularly. Notify your bank immediately if you see payments or withdrawals that you have not made yourself.