This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Police smash financial cyber crime gang targeting UK citizens

Share this article:

Pan-European cyber crime fighting agency EC3 has been hailed after Polish police arrested five Bulgarians accused of electronic payment card fraud targeting mainly UK citizens.

Arrests made by PCeU after phishing campaign investigation
Arrests made by PCeU after phishing campaign investigation

European policy body Europol said three of the gang were caught red-handed – two carrying out illegal electronic payment card transactions at automated teller machines (ATMs) and one in the act of receiving compromised card numbers online and encoding counterfeit plastic cards. The other two suspects were arrested in different hotels in Krakow in a series of co-ordinated swoops that took place almost simultaneously on 22 January.

Europol said the financial data involved came mainly from the UK, but a spokesperson told SCMagazineUK.com they could not divulge any more about the UK card holders involved as “the investigation is still ongoing and further arrests in the case are expected as suspects were working with gang members from Eastern Europe”.

The Polish police were helped by Bulgaria's State Agency for National Security and Europol's European Cyber Crime Centre (EC3) which was launched one year ago.

Europol and EC3 help co-ordinate national police forces targeting cyber criminals, on the basis that they operate globally – and Adrian Culley, a cyber threat consultant with Damballa and former detective in the Met Police Computer Crime Unit, hailed their efforts in this case.

“This service makes a real difference and has a real impact on organised crime activity,” he told SCMagazineUK.com.

“One of the challenges of multi-jurisdictional investigations, and indeed a potential weakness that organised crime will seek to exploit, is the wide variety of skills, knowledge, expertise, equipment and tools to be found across each nation state's law enforcement teams. Europol provides 'best of breed' in all these areas to all EU law enforcement, making it much more likely that such complex investigations are successful.”

However Culley added: “It is cause for concern that so much of the compromised account data originated in the UK. I am sure UK law enforcement, intelligence agencies and financial regulators will be examining this case very closely.”

The Polish police seized complete equipment for producing counterfeit bank cards, including magnetic strip readers and writers, computers, phones and flash drives. They also seized dozens of forged payment cards with records of PIN numbers, ready to be used at ATMs, and a vehicle worth over 25,000 Euros.

Culley said the case “highlights the blended nature of the threat posed by organised crime against financial systems”.

“Here we have classic elements of 'white-plastic' fraud – i.e., recoding blank cards with stolen bank card details, coupled with an unsuccessful attempt to operate across multiple sovereign jurisdictions in order to evade arrest and subsequent prosecution”.

EC3 head Troels Oerting added in a statement: “This is another great example of joint efforts between member states and EC3 to protect customers and electronic payments across the European Union. Police forces in the EU are utilising Europol's unique tools to make electronic payment transactions safer. We are continuously investing more resources into this vital support platform, and we can now see the results of this teamwork.”

During the investigation, EC3 provided intelligence analysis and expertise. Europol generally offers forensic analysis tools to help police combat payment card fraud, cybercrime, counterfeiting and illicit drug production, including a Universal Forensic Extraction Device (UFED) which Europol says can extract data from 95 percent of all mobile phones and PDA devices.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

US Nuclear Regulatory Commission successfully hacked three times

US Nuclear Regulatory Commission successfully hacked three times

The US Nuclear Regulatory Commission (NRC), which houses detailed classified records about nuclear reactors, radioactive material storage and uranium processing plants, has been hacked three times over the past three ...

Targeted spear phishing campaign targets governments, law enforcement

Targeted spear phishing campaign targets governments, law enforcement

Kaspersky Lab claims to have identified a highly targeted spear phishing campaign that picks on high profile victims - including government, military, law enforcement agencies and embassies.

Malaysian investigators 'hacked' for confidential MH370 records

Malaysian investigators 'hacked' for confidential MH370 records

Around 30 computers at Malaysian law enforcement agencies looking into the disappearance of the MH370 airplane have reportedly been hacked, with perpetrators making off with confidential data on the aircraft.