A joint law enforcement operation supported by 19 countries led to the arrest of 60 people suspected of fraud. The main aim of the 2019 e-Commerce Action (eComm 2019) is to target criminal networks suspected of online fraud through coordinated law enforcement action within the European Union, followed by an awareness-raising campaign.
The countries involved were Austria, Belgium, Colombia, Croatia, Denmark, France, Germany, Greece, Hungary, Italy, Latvia, Lithuania, Poland, Portugal, Romania, Spain, Sweden, Switzerland, and the United Kingdom.
The operation, carried out nationally, was coordinated by Europol’s European Cybercrime Centre (EC3) and received direct assistance from national law enforcement authorities and the private sector.
E-commerce fraud (electronic commerce fraud) includes illegal or false transactions made on online platforms, apps and services or over the internet: fraudsters simply use stolen card information to purchase goods on webshops.
The suspects arrested during the operation – which ran from 23 September to 4 October 2019 – were responsible for almost 6 500 fraudulent transactions with compromised credit cards, with an estimated value exceeding €5 million.
Europol supported national competent authorities during the operations in their respective countries with analytical support and information exchange. In order to protect customers from fraudulent payments and assure a safe online environment, Europol also collaborated with banks, payment card schemes European retailers and logistics companies. The private sector supported the action cooperating with national law enforcement authorities, by reporting fraudulent activity. This collaboration between law enforcement and the private sector has proven beneficial and led to the development of best practices.
The investigative measures revealed that individual fraudsters are connected to organised crime groups and have been involved in other forms of crime, such as phishing, malware attacks, using stolen passports, money laundering, creating fake websites and using social media platforms to carry out fraud.
Some investigations showed fraudulently booked railway tickets (with compromised credit card data) are sold onwards to third parties who might then use them to commit other crimes and offences. In this case, more than 1 000 fraudulent bookings were noted, with a financial loss of around €70 000. Another modus operandi is to buy vouchers with compromised credit cards and get them reimbursed with a different payment method afterwards.
Many cross-border cases followed the ‘advance fee fraud’ modus operandi: often when a fraudulent purchase is made, bank accounts receiving the funds are located in different EU countries or overseas. Where banks were located outside the EU, international card schemes supported the investigations.
Many websites and social media accounts were used to create online shops fraudulently or purchase electronic goods. The turnover for the suspects can be up to billions of euros worldwide every year. The fraudsters use stolen credit card data, obtained on the darknet or through malware or phishing attacks, to buy products. Consumers sometimes do not realise that their card data is also being stolen or compromised when they make purchases. Industries, banks and the merchants are the ones to be penalised and the ones that registered the higher losses.