So much has changed since Europol published last year’s Internet Organised Crime Threat Assessment (IOCTA). The global COVID-19 pandemic that hit every corner of the world forced us to reimagine our societies and reinvent the way we work and live. During the lockdown, we turned to the internet for a sense of normality: shopping, working, and learning online at a scale never seen before.  It is in this new normal that Europol publishes its 7th annual IOCTA. The IOCTA seeks to map the cybercrime threat landscape and understand how law enforcement responds to it. Although the COVID-19 crisis showed us how criminals actively take advantage of society at its most vulnerable, this opportunistic behaviorBehavior   Behavior / Behavioral Actions Otherwise known as habits, behavior or behavioral actions are strategies to help prevent online exploitation that target behavior, such as social engineering of victims. Changing your behavior is the ONLY effective means to reduce or prevent scams. of criminals should not overshadow the overall threat landscape. In many cases, COVID-19 has enhanced existing problems.

CROSS-CUTTING CRIME

Social engineeringSocial Engineering Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. It is used as a type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take any action that may or may not be in their best interests." and phishing remain an effective threat to enable other types of cybercrime. Criminals use innovative methods to increase the volume and sophistication of their attacks, and inexperienced cybercriminals can carry out phishing campaigns more easily through crime as-a-service. Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scamsScams A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost. and the spread of fake newsFake news Fake news is false or misleading information presented as news. It often has the aim of damaging the reputation of a person or entity, or making money through advertising revenue. However, the term does not have a fixed definition and has been applied more broadly to include any type of false information, including unintentional and unconscious mechanisms, and also by high-profile individuals to apply to any news unfavourable to his/her personal perspectives. became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19.

Encryption continues to be a clear feature of an increasing number of services and tools. One of the principal challenges for law enforcement is how to access and gather relevant data for criminalCriminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues. investigations. The value of being able to access data of criminal communication on an encrypted network is perhaps the most effective illustration of how encrypted data can provide law enforcement with crucial leads beyond the area of cybercrime.

MALWAREMalware Short for "malicious software," this term means computer viruses and other types of programs that cybercriminals use to disrupt or access your computer, typically with the aim of gathering sensitive files and accounts. REIGNS SUPREME

RansomwareRansomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies that are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan virus disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction. attacks have become more sophisticated, targeting specific organizations in the public and private sectors through victim reconnaissance. While the COVID-19 pandemic has triggered an increase in cybercrime, ransomware attacks were targeting the healthcare industry long before the crisis. Moreover, criminals have included another layer to their ransomware attacks by threatening to auction off the comprised data, increasing the pressure on the victims to pay the ransomRansom A ransom is an amount of money or other assets of value that is paid for blackmail, extortion, or under other threats or coercion. The ransom is usually paid in cash or now in cryptocurrency. Online blackmail, sextortion, and ransomware all demand ransoms to avoid negative outcomes.. Advanced forms of malware are a top threat in the EU: criminals have transformed some traditional banking Trojans into modular malware to cover more PC digital fingerprints, which are later sold for different needs.

CHILD SEXUAL ABUSE MATERIAL CONTINUES TO INCREASE

The main threats related to online child abuse exploitation have remained stable in recent years, however, detection of online child sexual abuse material saw a sharp spike at the peak of the COVID-19 crisis. Offenders keep using a number of ways to hide this horrifying crime, such as P2P networks, social networking platforms, and using encrypted communications applicationsApplications Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing.. Dark webDark Web This is a sub-level of the internet that normal search engines and everyday browsers cannot access. It’s an encrypted network that contains websites – both legal and illegal – that remain hidden from plain sight. communities and forums are meeting places where participation is structured with affiliation rules to promote individuals based on their contribution to the community, which they do by recording and posting their abuse of children, encouraging others to do the same. Livestream of child abuse continues to increase, becoming even more popular than usual during the COVID-19 crisis when travel restrictions prevented offenders from physically abusing children. In some cases, video chat applications in payment systems are used which becomes one of the key challenges for law enforcement as this material is not recorded.

PAYMENT FRAUDPayment Fraud Payment Fraud (Non-Plastic) The fraud definitions for payment fraud are confusing unless you specify “non-plastic”. Payment Fraud (non-plastic) refers to payments made outside of card networks, via payments rails that send funds from one bank account to another. When making this type of payment, fraud occurs when a payments is sent to an account that the fraudster controls. Payment fraud can be unauthorized, which is commonly executed as an account takeover. Payment fraud can also be authorized, which is commonly executed through authorized push payment fraud (scams).: SIM SWAPPING A NEW TREND

SIM swapping, which allows perpetrators to take over accounts, is one of the new trends in this year’s IOCTA. As a type of account takeoverAccount Takeover Account Takeover (ATO) are the unauthorized access of a user’s account in order to steal identity credentials, execute a fraudulent transaction or engage in varying types of abuse., SIM swapping provides criminals access to sensitive user accounts. Criminals fraudulently swap or port victims’ SIMs to one in the criminals’ possession in order to intercept the one-time password step of the authentication process.

CRIMINAL ABUSE OF THE DARK WEB

In 2019 and early 2020 there was a high level of volatility on the dark web. The lifecycle of dark web marketplaces has shortened and there is no clear dominant market that has risen over the past year. Tor remains the preferred infrastructure, however, criminals have started to use other privacy-focused, decentralized marketplace platforms to sell their illegal goods. Although this is not a new phenomenon, these sorts of platforms have started to increase over the last year. OpenBazaar is noteworthy, as certain threats have emerged on the platform over the past year such as COVID-19-related items during the pandemic.

Catherine De Bolle, Europol’s Executive Director commented: “Cybercrime affects citizens, businesses and organisations across the EU. Europol plays a key role in countering cybercrime by working with our many partners in law enforcement and the private sector and by offering innovative solutions and effective, comprehensive support to investigations. I hope this analysis can inform effective responses to these evolving threats and make Europe safer”.

Vice-President for Promoting our European Way of Life, Margaritis Schinas, who is leading the European Commission’s work on the European Security Union, said: «Cybercrime is a hard reality. While the digital transformation of our societies evolves, so does cybercrime which is becoming more present and sophisticated.  We will spare no efforts to further enhance our cybersecurity and step up law enforcement capabilities to fight against these evolving threats. Europol has a major role to play».

EU Commissioner for Home Affairs, Ylva Johansson, said: “The Coronavirus Pandemic has slowed many aspects of our normal lives. But it has unfortunately accelerated online criminal activity. Organised Crime exploits the vulnerable, be it the newly unemployed, exposed businesses, or, worst of all, children. This report shows the urgent need for the EU to step up the fight against organised crime [online] and confirms the essential role of Europol in that fight”.

Edvardas Šileris, Head of European Cybercrime Centre said: “I am pleased to welcome the 2020 edition of the IOCTA – our flagship document, an essential resource for EU’s law enforcement and policy makers. I am very thankful to all the partners who have contributed to this year’s assessment and have helped us identify the key theme defining the current landscape: cybercrime is an evolution, not a revolution”.

The 2020 IOCTA contributes to setting priorities for the 2021 EMPACT operational plans, which follow the priorities defined as: disruption criminal activities, combating child sexual abuse and child sexual exploitation, and targeting criminals involved in fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim. and counterfeitingCounterfeiting Counterfeiting is defined as the planned attempt to duplicate a real and authentic article such as a symbol, trademark or even money with the purpose to distort and convince the purchaser or the recipient to believe that he or she is really purchasing or receiving the real article itself. In the ecommerce and financial services industry, this often refers to counterfeit cards and checks. of non-cash means of payment.