(Last Updated On: September 6, 2020)

RSN™ Special Report: EuropolEuropol The European Union Agency for Law Enforcement Cooperation, better known under the name Europol, formerly the European Police Office and Europol Drugs Unit, is the law enforcement agency of the European Union (EU) formed in 1998 to handle criminal intelligence and combat serious international organized crime and terrorism through cooperation between competent authorities of EU member states. The Agency has no executive powers, and its officials are not entitled to arrest suspects or act without prior approval from authorities in the member states. Based in The Hague, it comprised 1,065 staff as of 2016. WEBSITE LINK Internet Organised Crime Threat Assessment (IOCTA) 2018

Europol Warns You Could Become A CybercrimeCybercrime Cybercrime is a crime related to technology, computers, and the Internet. Typical cybercrime are performed by a computer against a computer, or by a hacker using software to attack computers or networks. Victim

From ransomwareRansomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies that are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan virus disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction. through to cryptocurrency scamsScams A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost., Europol says it wants to stop criminals from making you a victim.

Europol has warned of 15 ways in which people can fall prey to cybercriminals as it launched a report on the dangers of the web.

The report, the fifth annual Internet Organised Crime Threat Assessment (IOCTA), is being presented at the Interpol cybercrime conference in Singapore.

Europol IOCTA 2018 Summary

For the fifth year in a row, Europol has produced the Internet Organised Crime Threat Assessment (IOCTA). The aim of this Assessment is to provide a comprehensive overview of the current, as well as anticipated future threats and trends of crimes conducted and/or facilitated online. While current events demonstrate how cybercrime continues to evolve, this year’s IOCTA shows us how law enforcement has to battle both innovative as well as persistent forms of cybercrime. Many areas of the report, therefore, build upon previous editions, which emphasizes the longevity of the many facets of cybercrime. It is also a testimony to an established cybercrime business model, where there is no need to change a successful modus operandi. The report also highlights the many challenges associated with the fight against cybercrime, both from a law enforcement and, where applicable, a private sector perspective.

Europol described the report as offering “a unique law enforcement view of the emerging threats and key developments in the field of cybercrime over the last year.”

It added that the assessment “describes anticipated future threats” and “only has one goal in mind – to stop cybercriminals from making you their next victim.”

Crime Priorities

Crime Priority: Cyber-Dependent Crime

Cyber-dependent crime can be defined as any crime that can only be committed using computers, computer networks or other forms of information communication technology (ICT). In essence, without the internet criminals could not commit these crimes. It includes such activity as the creation and spread of malwareMalware Short for "malicious software," this term means computer viruses and other types of programs that cybercriminals use to disrupt or access your computer, typically with the aim of gathering sensitive files and accounts., hacking to steal sensitive personal or industry data and denialDenial Denial is a refusal or unwillingness to accept something or to accept reality. Refusal to admit the truth or reality of something, refusal to acknowledge something unpleasant; And as a term of Psychology: denial is a defense mechanism in which confrontation with a personal problem or with reality is avoided by denying the existence of the problem or reality. of service attacks to cause financial and/or reputational damage.

Key Findings

  • Ransomware remains the key malware threat in both law enforcement and industry reporting.
  • Cryptomining malware is expected to become a regular, low-risk revenue stream for cybercriminals.
  • The use of exploit kits (EKs) as a means of infection continues to decline, with spam, social engineeringSocial Engineering Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. It is used as a type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take any action that may or may not be in their best interests." and newer methods such as RDP brute-forcing coming to the fore.
  • New legislation relating to data breaches will likely lead to greater reporting of breaches to law enforcement and increasing cases of cyber-extortion.

Crime Priority: Child Sexual Exploitation Online

Online child sexual exploitation (CSE) continues to be the worst aspect of cybercrime. Whereas child sexual abuse existed before the advent of the internet, the online dimension of this crime has enabled offenders to interact with each other online and obtain Child Sexual Exploitation Material (CSEM) in volumes that were unimaginable ten years ago. The growing number of increasingly younger children with access to Internet-enabled devices and social media enables offenders to reach out to children in ways that are simply impossible in an offline environment. This trend has considerable implications for the modi operandi in the online sexual exploitation of children.

Key Findings

  • The amount of detected online Child Sexual Exploitation Material continues to grow, creating serious challenges for investigations and victim identification efforts.
  • As technologies are becoming easier to access and use, the use of anonymization and encryption tools by offenders to avoid law enforcement detection is more and more common.
  • Children increasingly have access to the internet and social media platforms at a younger age, resulting in a growing number of cases of online sexual coercion and extortion of minors.
  • Live streaming of child sexual abuse remains a particularly complex crime to investigate. Streaming of self-generated material has significantly increased.

Crime Priority: Payment FraudPayment Fraud Payment Fraud (Non-Plastic) The fraud definitions for payment fraud are confusing unless you specify “non-plastic”. Payment Fraud (non-plastic) refers to payments made outside of card networks, via payments rails that send funds from one bank account to another. When making this type of payment, fraud occurs when a payments is sent to an account that the fraudster controls. Payment fraud can be unauthorized, which is commonly executed as an account takeover. Payment fraud can also be authorized, which is commonly executed through authorized push payment fraud (scams).

Payment fraud which are considered well known as they have been reported on in previous editions as well as new developments in the area of payment fraud. New is a relative concept since criminals generally vary their existing modus operandi. Such variations, however, do introduce different threats. Therefore, well-known and new developments are included in a complementary manner, based both on what law enforcement agencies have witnessed in their investigations as well as what private sector parties have observed.

Key Findings

  • The threat from skimmingSkimming The capturing of information from the magnetic stripe on your ATM and credit card by use of portable "skimmer" devices that are secretly installed on card-reading machines. continues and shall do as long as payment cards with magnetic stripes continue to be used.
  • The abuse of PoS terminals is taking on new forms: from manipulation of devices to the fraudulent acquisition of new terminals.
  • Telecommunications fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim. is a well-established crime but a new challenge for law enforcement.

Crime Priority: Online CriminalCriminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues. Markets

Illicitillicit Illicit means something that is not legally permitted or authorized under the law; unlicensed; unlawful. It can also mean disapproved of or not permitted for moral or ethical reasons. online markets, both on the surface web and on the dark webDark Web This is a sub-level of the internet that normal search engines and everyday browsers cannot access. It’s an encrypted network that contains websites – both legal and illegal – that remain hidden from plain sight., provide criminal vendors the opportunity to purvey all manner of illicit commodities, with those of a more serious nature typically found deeper, in the dark web. Many of these illicit goods and services, such as cybercrime toolkits or fake documents, are enablers for further criminality.

Key Findings

  • The Darknet market ecosystem is extremely unstable. While law enforcement shut down three major marketplaces in 2017, at least nine more spontaneously closed or exit scammed.
  • The almost inevitable closure of large, global Darknet marketplaces has led to an increase in the number of smaller vendor shops and secondary markets catering to specific language groups or nationalities.

The Convergence Of Cyber And Terrorism

The Islamic State’s (IS) loss of territory from 2016 to 2017 did not equate to a loss of authority among its followers or a manifest decrease in its ability to inspire attacks. Instead, the group continues to use the internet to promote its doctrine and inspire acts of terrorism. In many ways, military defeat has made the internet even more important for the IS; the difference being that it has since shifted from using it to support its state-building ambitions toward inspiring and attempting to direct terrorist attacks in the West.

Key Findings

  • Islamic State continues to use the internet to spread propaganda and to inspire acts of terrorism.
  • Law enforcement and industry action has pushed IS sympathizers into using encrypted messaging appsApps Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing. which offer private and closed chat groups, the dark web, or other platforms which are less able or willing to disrupt their activity.
  • While IS sympathizers have demonstrated their willingness to buy cyber-attack tools and services from the digital underground, their own internal capability appears limited.

Cross-Cutting Crime Factors

Cross-cutting crime factors are those which impact, facilitate or otherwise contribute to multiple crime areas but are not necessarily inherently criminal themselves. This includes topics such as methods of communication, financing, encryption, IoT and social engineering.

Key Findings

  • West African fraudsters have evolved to adopt emerging fraud techniques, including those with more sophisticated, technical aspects, such as business email compromise.
  • Phishing continues to increase and remains the primary form of social engineering. Although only a small proportion of victims click on the bait, one successful attempt can be enough to compromise a whole organization.
  • Many of the classic scams, such as technical support scams, advanced fee fraud, and romance scams still result in a considerable number of victims.
  • An increase in HTTPS encryption protocol by phishing sites misleads victims into thinking a website is legitimate and secure.
  • Cyber-attacks which historically targeted traditional financial instruments are now targeting businesses and users of cryptocurrencies.
  • While Bitcoin’s share of the cryptocurrency market is shrinking, it still remains the predominant cryptocurrency encountered in cybercrime investigations.
  • A combination of legislative and technological developments, such as 5G and the redaction of WHOIS, will significantly inhibit suspect attribution and location for law enforcement and security researchers.

Regular CybercrimesCybercrimes Cybercrime is a crime related to technology, computers, and the Internet. Typical cybercrime are performed by a computer against a computer, or by a hacker using software to attack computers or networks.


Ransomware Retains Its Dominance

Ransomware – malicious software that encrypts your computer and demands a ransomRansom A ransom is an amount of money or other assets of value that is paid for blackmail, extortion, or under other threats or coercion. The ransom is usually paid in cash or now in cryptocurrency. Online blackmail, sextortion, and ransomware all demand ransoms to avoid negative outcomes. to make the files accessible – has become a standard attack tool for cybercriminals.

Europol is warning that criminals are moving from random ransomware attacks, such as the WannaCry attack which hit the NHS, to specifically targeting companies and individuals who might be able to pay larger ransomsRansom A ransom is an amount of money or other assets of value that is paid for blackmail, extortion, or under other threats or coercion. The ransom is usually paid in cash or now in cryptocurrency. Online blackmail, sextortion, and ransomware all demand ransoms to avoid negative outcomes..

How to protect yourself?

  • Keep your computer updated
  • Use a reputable anti-virusVirus A computer program that can replicate itself and spread from computer to computer or file to file. It comes to life only when you take a specific action, such as running a particular program. program

Even though the growth of ransomware is beginning to slow, ransomware is still overtaking banking Trojans in financially-motivated malware attacks, a trend anticipated to continue over the following years. In addition to attacks by financially motivated criminals, significant, public reporting increasingly attributes global cyber-attacks to the actions of nation states. Mobile malware has not been extensively reported in 2017, but this has been identified as an anticipated future threat for private and public entities alike.

Illegal acquisition of data following data breaches is a prominent threat. Criminals often use the obtained data to facilitate further criminal activity. In 2017, the biggest data breachData Breach Whenever private information is seen by someone who should not have access, this is known as data exposure. It may also sometimes be referred to as a data leak or data breach. It might happen by accident or be caused by hackers who do it to cause harm to the individual or organization involved. It can be especially damaging to companies that store the credit card details and personal information of their customers. concerned Equifax, affecting more than 100 million credit users worldwide. With the EU GDPR coming into effect in May 2018, the reporting of data breaches is now a legal requirement across the EU, bringing with it hefty fines and new threats and challenges.

Mobile malware

Europol warns that malware for mobile phones is likely to grow as people shift from online to mobile banking.

How to protect yourself?

  • Check apps are legitimate before installing them
  • Use a reputable mobile anti-virus program

PC Malware

Europol warns that cyber attacks have become increasingly stealthy and harder to detect.

Attacks using so-called “fileless” malware are increasingly common. This malware doesn’t write itself onto the victim computer’s hard drive, but only exists in parts of the computer memory, such as the RAM

How to protect yourself?

  • Keep your computer software updated.
  • Be wary of using macros in office programs.

Online Extortion

The EU’s new General Data Protection Regulation (GDPR) introduces severe financial sanctions, up to 4% of global turnover, for companies that fail to protect users’ privacy.

GDPR requires that data breaches are reported within 72 hours, and Europol warns that criminals may try to extort organizations because of this.

“While this is not new, it is possible that hacked companies will prefer to pay a smaller ransom to a hackerHacker A computer hacker is a computer expert who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term hacker has become associated in popular culture with a security hacker – someone who utilizes their technical know-how of bugs or exploits to break into computer systems and access data which would otherwise be unavailable to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques in order to collect evidence on criminals and other malicious actors. This could include using anonymity tools (such as a VPN, or the dark web) to mask their identities online, posing as criminals themselves. Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Oppositely, hacking and cyber-attacks are used extra- and illegally by law enforcement and security agencies (conducting warrantless activities), and employed by State actors as a weapon of both legal and illegal warfare. for non-disclosure than the steep fine that might be imposed by the authorities.”

How to protect yourself?

  • Never pay extortion attempts without contacting the authorities first

Data Theft For Data’s Sake

Europol warns that the motive behind a lot of network intrusions is the illegal acquisition of data.

This data could be used for a variety of purposes, from developing leads for phishing or payment fraud, through to commercial or industrial espionage.

How to protect yourself?

  • Keep your computer updated
  • Use a reputable anti-virus program

DDoS – Distributed Denial of Service – Website Attacks

DDoS Continues To Plague Public And Private Organizations

Distributed Denial of Service (DDoS) attacks are very unsophisticated and involve sending so many requests to a network resource that it is overloaded and can’t respond to any of them.

There are tools widely available allowing unskilled individuals to launch these attacks, and there are limited ways to protect against them because of the way the internet is engineered.

Fortunately, DDoS attacks can’t steal data or cause any damage beyond making a website or internet resource unavailable.

Criminals continue to use Distributed-Denial-of-Service (DDoS) attacks as a tool against private business and the public sector. Such attacks are used not only for financial gains but for an ideological, political or purely malicious reason. This type of attack is not only one of the most frequent (only second to malware in 2017); it is also becoming more accessible, low-cost and low-risk.

The “Darknet”

Shutters Close On Major Darknet Markets, But Business Continues

Europol says that offenders are continuously seeking new ways to avoid detection from law enforcement, including by using anonymization and encryption tools – and in some cases even the Bitcoin blockchain.

Almost all of this material is available on the open internet, but the very extreme material can be found on hidden services that can only be accessed on the “Darknet” according to Europol.

How will they catch these criminals?

The widespread use of encryption on the web today has repeatedly been described as an issue for law enforcement, security, and intelligence agencies.
According to a report by Parliament’s Security and Intelligence Committee, in 2016 GCHQ was engaged in a major ongoing project called FOXTROT, which was designed “to increase GCHQ’s ability to operate in an environment of ubiquitous encryption”.

The Darknet will continue to facilitate online criminal markets, where criminals sell illicit products in order to engage in other criminal activity or avoid surface net traceability. In 2017, law enforcement agencies shut down three of the largest Darknet markets: AlphaBay, Hansa and RAMP. These takedowns prompted the migration of users towards existing or newly-established markets, or to other platforms entirely, such as encrypted communications apps.

Although cybercrime continues to be a major threat to the EU, last year again saw some remarkable law enforcement success. Cooperation between law enforcement agencies, private industry, the financial sector, and academia is a key element of this success.

Social Control

Social Engineering

Social Engineering Still The Engine Of Many Cybercrimes

Social engineering describes a form of attack in which someone exploits human traits, such as kindness or compassion, as part of a cyber attack. The famous Nigerian prince scams are a form of social engineering fraud.

Europol warns that West African fraudsters are likely to have a more significant role within the EU in the future, as Africa continues to have the fastest growing internet usage globally.

How to protect yourself?

  • Always remember that if it seems to good to be true, it probably is.

The significance of social engineering for cyber-dependent and cyber-enabled crimeCyber-enabled Crime A Cyber-enabled crime is one where technology facilitates a criminal to commit a crime against an individual or a business. These are where there is a one to one relationship between the criminal and the victim. Romance scams, email fraud, and many other types of scams are considered cyber-enabled crimes. The technology used can be the Internet, a computer, a phone, or other devices. continues to grow. Phishing remains the most frequent form of social engineering, with vishingVishing What is a vishing attack? Vishing is the social engineering approach that leverages voice communication. This technique can be combined with other forms of social engineering that entice a victim to call a certain number and divulge sensitive information. Advanced vishing attacks can take place completely over voice communications by exploiting Voice over Internet Protocol (VoIP) solutions and broadcasting services. VoIP easily allows caller identity (ID) to be spoofed, which can take advantage of the public’s misplaced trust in the security of phone services, especially landline services. Landline communication cannot be intercepted without physical access to the line; however, this trait is not beneficial when communicating directly with a malicious actor. and smishingSmishing What is a smishing attack? Smishing is a form of social engineering that exploits SMS, or text, messages. Text messages can contain links to such things as webpages, email addresses or phone numbers that when clicked may automatically open a browser window or email message or dial a number. This integration of email, voice, text message, and web browser functionality increases the likelihood that users will fall victim to engineered malicious activity. less common. Criminals use social engineering to achieve a range of goals: to obtain personal data, hijack accounts, steal identities, initiate illegitimate payments, or convince the victim to proceed with any other action against their self-interest, such as transferring money or sharing personal data.

Live Streaming

Live streaming of child sexual abuse is a very difficult crime to investigate. Europol states: “It often leaves few forensic traces and the live streamed material does not need to be downloaded or locally stored.”

It has been on the rise for some years as video streaming technology has improved.

This form of abuse “will most likely move to other parts of the world, where legislation and law enforcement are not always able to keep up with the rapid developments in this area,” warns Europol.

How to tackle it?

  • Internet businesses currently use the Child Abuse Image Database, which contains 30 million cryptographic hashes (digital fingerprints that can be used to identify files) to automatically detect when someone attempts to upload a known indecent image to their platforms.
  • However, this form of filtering is unable to capture new indecent images that haven’t been reported before – nor can it address child abuse material which is being streamed.

Sajid Javid, the U.K. home secretary, has pledged £250,000 towards the development of technologies which can detect live-streamed abuse.

Cryptocurrency Based


Cryptojacking: A New Cybercrime Trend

There is a range of cryptocurrency crimes taking place, according to Europol, and cyber attacks which historically targeted financial instruments are now targeting cryptocurrency users and businesses.

Cryptomining has been exploited by financially motivated cybercriminals, who for instance hack legitimate websites to cryptojack users visiting those sites – hijacking their CPU power to mine more of the currency.

How to protect yourself?

  • Use a legitimate browser plug-in to avoid running javascriptJavaScript JavaScript is a scripting or programming language that allows you to implement complex features on web pages, in software, and apps — every time a web page does more than just sit there and display static information for you to look at — displaying timely content updates, interactive maps, animated 2D/3D graphics, scrolling video jukeboxes, etc. — you can bet that JavaScript is probably involved. It is the third layer of the layer cake of standard web technologies, the other two are HTML and CSS. on unfamiliar web pages.

Cryptojacking is an emerging cybercrime trend, referring to the exploitation of internet users’ bandwidth and processing power to mine cryptocurrencies. While it is not illegal in some cases, it nonetheless creates additional revenue streams and therefore motivation for attackers to hack legitimate websites to exploit their visitor systems. Actual cryptomining malware works to the same effect but can cripple a victims system by monopolizing their processing power.

Privacy-Oriented Cryptocurrencies

As Criminal Abuse Of Cryptocurrencies Grows, Currency Users And Exchangers Become Targets

Europol states that it expects “a more pronounced shift towards more privacy-oriented currencies” and said “an increase in extortion demands and ransomware in these currencies will exemplify this shift”.

How to protect yourself?

  • Report all extortion attempts to the authorities
  • Keep your software updated to avoid ransomware

Previous reports indicated that criminals increasingly abuse cryptocurrencies for funding criminal activities. While Bitcoin has lost its majority of the overall cryptocurrency market share, it still remains the primary cryptocurrency encountered by law enforcement. In a trend mirroring attacks on banks and their customers, cryptocurrency users and facilitators have become a victim of cybercrimes themselves. Currency exchangers, mining services and other wallet holders are facing hacking attempts as well as extortion of personal data and theft. Money launderers have evolved to use cryptocurrencies in their operations and are increasingly facilitated by new developments such as decentralized exchanges which allow exchanges without any Know Your Customer requirements. It is likely that high-privacy cryptocurrencies will make the current mixing services and tumblers obsolete.

Online Child Abuse

Volume Of Child Abuse Material

Production Of CSEM Continues

The volume of child sexual abuse is growing to levels “that were unimaginable ten years ago” according to Europol, “partly because of the growing number of young children with access to Internet-enabled devices and social media”.

How to react?

  • Seeing images and videos of child sexual abuse can be upsetting, but the right thing to do is report it to the Internet Watch Foundation here.
  • Your report could lead to the rescue of a young victim from further abuse.

The amount of detected online Child Sexual Exploitation Material (CSEM), including Self-Generated Explicit Material (SGEM), continues to increase. Although most CSEM is still shared through P2P platforms, the more extreme material is increasingly found on the Darknet. Meanwhile, Live Distant Child Abuse (LDCA), facilitated by growing internet connectivity worldwide, continues to be a particularly complex form of online CSE to investigate due to the technologies and jurisdictions involved.

As increasing numbers of young children have access to the internet and social media platforms, the risk of online sexual coercion and extortion continues to rise. The popularity of social media applicationsApplications Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing. with embedded streaming possibilities has resulted in a strong increase in the amount of SGEM live streamed on these platforms.

Self-Generated Material

A large amount of child sexual exploitation material is self-generated. These images are often initially produced and shared voluntarily by young people, but end up in the hands of online child sex offenders. Offenders have also obtained images through sexual extortion.

How to protect yourself and others?

  • Educate children about the risks of sharing nude images online and encourage them to report any harassment or extortion attempts to a responsible adult.


Money Fraud

Credit / Debit Card Skimming

Card-Not-Present Fraud Dominates Payment But Skimming Continues

Credit card skimming is still successful as magnetic stripes on cards continue to be used. The presence of cameras alongside chip and pin skimmers can also allow criminals to capture the PIN alongside their attempts to clone the chip.

How to protect yourself?

  • Check instant payments on your banking app to be aware of fraud attempts
  • Make sure you cover your PIN when at an ATM

Skimming remains a common issue in most of the EU Member States. As in previous years, this continues to decrease as a result of geoblocking measures. Skimmed card data is often sold via the Darknet and cashed out in areas where Europay, MasterCard, and Visa (EMV) implementation is either slow or non-existent.

Toll fraud has received a considerable amount of attention this year, with criminal groups using counterfeit fuel and credit/debit cards to avoid paying toll fees. Many Member States also reported an increase in the creation of fake companies to access and abuse Points of Sale (PoS), as well as profit from the compromised information. Meanwhile, CNP fraud continues to be a key threat for EU Member States, with the transport and retail sectors highlighted as key targets within the EU.

Phone Scams

Telecommunications Fraud

Fraudsters on the phone is an old but growing trend in fraud involving non-cash payments. Fraudsters can pretend to be from financial institutions or banks when attempting to collect details from you.

How to protect yourself?

  • Never hand out financial information, including card details, over the phone
  • Always double-check that someone claiming to be a representative from your bank is a real person, and call them back on a publicly listed number


Europol’s executive director Catherine De Bolle said: “Cybercrime cases are increasingly complex and sophisticated.

  • “Law enforcement requires additional training, investigative and forensic resources in order to adequately deal with these challenges.
  • “The policing opportunities arising from emerging technologies, such as big data analytics and machine learningMachine learning Machine learning is a subset of artificial intelligence. Machine learning has the capacity to learn over time without being explicitly programmed. It can ingest a large amount of data and detect patterns and anomalies at scale. Supervised machine learning models are trained on a set of labels, while unsupervised machine learning does not require labeled data., need to be seized.
  • “Europol will continue its efforts to enhance cooperation with international law enforcement and government agencies, tech companies, academia, and other relevant stakeholders. Only if we do this, can cybercrime be combated effectively.”
  • The European commissioner for the security union, Sir Julian King, concluded: “As the report shows, Europe is still faced with a range of security threats from terrorism and cyber.
  • “We will continue to take decisive action, with the support of Europol, to tackle these threats, through our proposals on terrorist content online, electronic evidence and on election security, and through our cybersecurity strategy.”

Full IOCTA 2018 Report

Click Here For The Full IOCTA 2018 Report PDF File »




More Information From RomanceScamsNow.com



– – –

Tell us about your experiences with Romance Scammers in our Scams Discussion Forum on Facebook »

FAQ: How Do You Properly Report Scammers?

It is essential that law enforcement knows about scams & scammers, even though there is nothing (in most cases) that they can do.

Always report scams involving money lost or where you received money to:

  1. Local Police – ask them to take an “informational” police report – say you need it for your insurance
  2. Your National Police or FBIFBI FBI - Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, the FBI is also a member of the U.S. Intelligence Community and reports to both the Attorney General and the Director of National Intelligence. A leading U.S. counter-terrorism, counterintelligence, and criminal investigative organization, the FBI has jurisdiction over violations of more than 200 categories of federal crimes, including financial fraud. (www.IC3.gov)
  3. The ScarsSCARS SCARS - Society of Citizens Against Relationship Scams Inc. A government registered crime victims' assistance & crime prevention nonprofit organization based in Miami, Florida, U.S.A. SCARS supports the victims of scams worldwide and through its partners in more than 60 countries around the world. Incorporated in 2015, its team has 30 years of continuous experience educating and supporting scam victims. Visit www.AgainstScams.org to learn more about SCARS. Worldwide Reporting Network HERE or on www.Anyscam.com

This helps your government understand the problem, and allows law enforcement to add scammers on watch lists worldwide.

Visit our NEW Main SCARS™ News & Information Facebook page for much more information about scams and online crime: www.facebook.com/SCARS.News.And.Information


To learn more about SCARS visit www.AgainstScams.org

Please be sure to report all scammers HERE or on www.Anyscam.com

All original content is Copyright © 1991 – 2018 SCARS All Rights Reserved Worldwide & Webwide – RSN/Romance Scams Now & SCARS/Society of Citizens Against Romance Scams are all trademarks of Society of Citizens Against Romance Scams Inc.