eu-europol-org-crime-report
eu-europol-org-crime-report
eu-europol-org-crime-report
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
20<br />
agencies. The data stolen from these sources<br />
can be sold to other criminal groups specialised<br />
in highly personalised scams. Information that<br />
will be useful for this purpose includes personal<br />
interests, social network structure and financial<br />
details. Additionally, increased interconnectivity<br />
will give criminals the opportunity to develop<br />
ransomware for essential products such as<br />
vehicles, refrigeration units or heaters.<br />
Data may also be vulnerable to theft using contactless<br />
bank or credit cards. Radio-frequency<br />
identification (RFID) technology, allowing for<br />
purchases to be made by holding cards up to<br />
an RFID reader, is already used in Europe and<br />
will become common in shops and cafés due<br />
to the ease and speed of payment. This creates<br />
opportunities for a new type of skimming using<br />
RFID readers to copy card data. The card does<br />
not need to be used and can even be ‘skimmed’<br />
through a wallet or clothes. OCGs may travel<br />
to busy locations such as public transportation<br />
hubs or popular stores and use concealed readers<br />
to gather the card information of oblivious<br />
passers-by. This information will then be used<br />
or sold on to other criminal groups. It is expected<br />
that the financial industry will take measures<br />
to prevent this form of skimming, although the<br />
extent of these measures may vary. Should contactless<br />
payment grow in popularity, measures<br />
such as skim-proof card covers or wallets are<br />
expected to be used.<br />
Although current technology does not allow for<br />
mobile wallets to be effectively skimmed, near<br />
field communication technology that enables<br />
financial data to be stolen from mobile phones<br />
may be developed by criminals. It will then be<br />
used in the same way as contactless skimming.<br />
Identity fraud will become more sophisticated<br />
as a result of developments in the collection<br />
of personal and biometric information. As the<br />
use of biometric data becomes widespread, it<br />
is likely that databases holding this information<br />
will be targeted by cybercriminals. The<br />
proliferation of biometric data as a means of<br />
authentication has the potential to make online<br />
services more secure. However, compromised<br />
biometric data may also pose additional risks.<br />
Traditional authentication mechanisms such<br />
as passwords or phrases can be updated by<br />
users if they suspect their accounts have been<br />
compromised. Biometric data are inherently<br />
constant and their exposure to cybercriminals<br />
may have more far reaching consequences<br />
than compromised passwords. Biometric data<br />
is often considered inherently reliable for<br />
authentication. Once compromised, biometric<br />
data could provide criminals access to physical<br />
structures as well as sensitive information.<br />
Skilled cyber<strong>crime</strong> groups already provide full<br />
stolen identities to interested buyers, usually<br />
for use in the commission of various frauds.<br />
In the future, this data package will consist of<br />
even more comprehensive information including<br />
the biographical data, personal details, photos,<br />
credit card information and biometric data<br />
of an individual. It is expected that the trade in<br />
illicitly obtained information will increase as the<br />
utility of the data for criminals becomes higher.<br />
OCGs will benefit from these more comprehensive<br />
stolen identities in various <strong>crime</strong> areas.<br />
OCGs involved in the facilitation of illegal immigration<br />
and the trafficking of human beings can<br />
use this data to provide irregular migrants and<br />
trafficking victims with new identities complete<br />
with all the information necessary to avoid risk<br />
profiling or law enforcement countermeasures<br />
upon entry to the EU or during secondary<br />
movements. Similarly, OCGs involved in the<br />
trafficking of drugs using couriers will be able<br />
to buy and use identities that are unlikely to fall<br />
within risk categories. Some OCGs will provide<br />
specialised identity packages to order, tailored<br />
to specific modi operandi employed by OCGs<br />
in various <strong>crime</strong> areas. For instance, OCGs involved<br />
in the trafficking of endangered species<br />
may order identities linked to research institutions<br />
in order to ship specimens of endangered<br />
species using special permits only issued for<br />
scientific research purposes.<br />
EUROPOL / Exploring tomorrow’s <strong>org</strong>anised <strong>crime</strong> / 2015<br />
© Shutterstock