This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Police smash financial cyber crime gang targeting UK citizens

Share this article:

Pan-European cyber crime fighting agency EC3 has been hailed after Polish police arrested five Bulgarians accused of electronic payment card fraud targeting mainly UK citizens.

Arrests made by PCeU after phishing campaign investigation
Arrests made by PCeU after phishing campaign investigation

European policy body Europol said three of the gang were caught red-handed – two carrying out illegal electronic payment card transactions at automated teller machines (ATMs) and one in the act of receiving compromised card numbers online and encoding counterfeit plastic cards. The other two suspects were arrested in different hotels in Krakow in a series of co-ordinated swoops that took place almost simultaneously on 22 January.

Europol said the financial data involved came mainly from the UK, but a spokesperson told they could not divulge any more about the UK card holders involved as “the investigation is still ongoing and further arrests in the case are expected as suspects were working with gang members from Eastern Europe”.

The Polish police were helped by Bulgaria's State Agency for National Security and Europol's European Cyber Crime Centre (EC3) which was launched one year ago.

Europol and EC3 help co-ordinate national police forces targeting cyber criminals, on the basis that they operate globally – and Adrian Culley, a cyber threat consultant with Damballa and former detective in the Met Police Computer Crime Unit, hailed their efforts in this case.

“This service makes a real difference and has a real impact on organised crime activity,” he told

“One of the challenges of multi-jurisdictional investigations, and indeed a potential weakness that organised crime will seek to exploit, is the wide variety of skills, knowledge, expertise, equipment and tools to be found across each nation state's law enforcement teams. Europol provides 'best of breed' in all these areas to all EU law enforcement, making it much more likely that such complex investigations are successful.”

However Culley added: “It is cause for concern that so much of the compromised account data originated in the UK. I am sure UK law enforcement, intelligence agencies and financial regulators will be examining this case very closely.”

The Polish police seized complete equipment for producing counterfeit bank cards, including magnetic strip readers and writers, computers, phones and flash drives. They also seized dozens of forged payment cards with records of PIN numbers, ready to be used at ATMs, and a vehicle worth over 25,000 Euros.

Culley said the case “highlights the blended nature of the threat posed by organised crime against financial systems”.

“Here we have classic elements of 'white-plastic' fraud – i.e., recoding blank cards with stolen bank card details, coupled with an unsuccessful attempt to operate across multiple sovereign jurisdictions in order to evade arrest and subsequent prosecution”.

EC3 head Troels Oerting added in a statement: “This is another great example of joint efforts between member states and EC3 to protect customers and electronic payments across the European Union. Police forces in the EU are utilising Europol's unique tools to make electronic payment transactions safer. We are continuously investing more resources into this vital support platform, and we can now see the results of this teamwork.”

During the investigation, EC3 provided intelligence analysis and expertise. Europol generally offers forensic analysis tools to help police combat payment card fraud, cybercrime, counterfeiting and illicit drug production, including a Universal Forensic Extraction Device (UFED) which Europol says can extract data from 95 percent of all mobile phones and PDA devices.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Sandworm vulnerability seen targeting SCADA-based systems

Sandworm vulnerability seen targeting SCADA-based systems

Hard on the heels of the `Sandworm' spy group revealed by iSIGHT Partners earlier in the week, Trend Micro says its has spotted the zero-day vulnerability of the same name ...

Russian-speaking criminals account for £420m of card fraud annually

Russian-speaking criminals account for £420m of card fraud ...

New research claims to quantify the scale of card fraud in Russian speaking circles. And according to Group-IB's analysis over the last year, that fraud clocks in at a hefty ...

Light-based printer attack overcomes air-gapped computer security

Light-based printer attack overcomes air-gapped computer security

Multi-function printers - a route to bypass air-gapped computer security.