Europol


A low-risk, high-profit criminal activity, payment card fraud can be split into two distinct types: card-not-present fraud, which occurs largely online, and card-present fraud, which typically occurs at retail outlets and ATMs.

As a form of cybercrime, card payment fraud is one of the  EMPACT priorities, Europol’s priority crime areas, under the 2018-2021 EU Policy Cycle.

Card-not-present fraud involves the unauthorised use of credit or debit data (the card number, billing address, security code and expiry date) to purchase products and services in a non-face-to-face setting, such as via e-commerce websites or over the telephone. In the majority of cases, the victims are unaware of the unauthorised use of their cards, which remain in their possession.

Often referred to as carding, this type of illegal activity has grown steadily, as compromised card details stolen by means of data breaches, social engineering attacks, data-stealing malware and phishing tools become more readily available on forums, marketplaces and automated card shops in the deep web and Darknet.

According to the most recent (2013) data, card-not-present fraud accounted for 66 % of the EUR 1.44 billion in fraudulent card transactions in the 35 countries of the Single Euro Payments Area (SEPA).

Card-not-present fraud is found across all sectors but the purchase of physical goods, airline tickets, car rentals and accommodation with compromised cards have generally seen an increase throughout the EU.

The fraudulent purchase of airline tickets in this way is at the focus of Europol’s successful Global Airline Action Days.

Skimming

The growth in card-not-present fraud is also driven by the effectiveness of measures against the more traditional card-present fraud. Card-present fraud requires an offender to present a physical card at an automated teller machine (ATM), point of sale (POS) or other terminal.

This fraud has two stages: obtaining a card and the use of the card. The cards used are either lost or stolen genuine cards, or counterfeit cards. Counterfeit cards are often the product of skimming, which involves the duplication of a card’s magnetic strip, often through devices hidden within compromised ATMs and point-of-sale terminals.

Cardholders’ confidential data is more secure on a chip-embedded payment card than on a card with a magnetic strip.

Thus, fraud using counterfeit cards is typically committed outside the Single Euro Payments Area (SEPA). As some parts of the world have been slow to embrace EMV, card-present fraud has migrated, chiefly to the Americas and Southeast Asia, Indonesia and the Philippines in particular, where criminals use cards cloned in Europe to cash out counterfeit cards. The rollout of EMV technology in the United States is likely to increase the focus of criminals on card-not-present fraud.

Did you know? Payment card transactions are the most widespread form of non-cash payment in the EU. In 2012, the total value of transactions made by debit and credit cards issued within the Single Euro Payments Area (SEPA) amounted to EUR 3.5 trillion. In the same period, criminals acquired EUR 1.33 billion [2013: 1.44 billion] from payment card fraud. This represents EUR 0.38 lost to fraud for every EUR 1 000 worth of transactions.

Trends

The growing e-commerce industry will result in a parallel growth of card—not-present fraud, especially as industry measures at preventing card-present fraud become more effective. Criminal modus operandi will be shaped by industry measures to counter payment card fraud.

Emerging and alternate payment options such as contactless payment using near field communication (NFC) will drive innovation within organised crime groups to enable them to abuse new technologies. New electronic/card-less payment methods may, however, ultimately result in a downwards trend in card fraud.

International cooperation

In most of the card-not-present fraud investigations Europol has supported, the primary source of illegal data is breaches within private industry, often facilitated by insiders, malicious software, or both.

Europol has organised courses on the forensics of payment card fraud. Topics include the examination of skimming devices, ATM logical attacks and, especially, malware attacks, which are a developing threat.

Europol’s Joint Cybercrime Action Taskforce (J-CAT) has supported several high-profile cybercrime operations, such as in May 2017, when 27 individuals linked to ATM "black box" attacks were arrested across Europe. The operation also involved a number of EU Member States and Norway, supported by Europol’s European Cybercrime Centre (EC3).

In addition, Europol’s Analysis Project Terminal provides support for hundreds of investigations into international electronic and online payment fraud.

Number of items found: 128
Type
Target group
  • 24Oct2017

    Global action against airline fraudsters / October 2017

    Publication/Document
  • 24Oct2017

    195 individuals detained as a result of global crackdown on airline ticket fraud

    News/Press release
  • 26Jul2017

    New EURASEAN Investigative Network on combating Cyber Fraud

    News/Press release
  • 29Jun2017

    Europol organises third edition of training on payment card fraud forensics

    News/Press release
  • 21Jun2017

    76 arrested during second international action on e-Commerce fraud

    News/Press release
  • 20Jun2017

    Worldwide Operation Dragon sees 52 countries teaming up to thwart organised crime

    News/Press release
  • 18Jun2018

    Golden Rules - Safe Online Shopping

    Publication/Document
  • 13Jun2017

    153 detained for ticket fraud following worldwide law enforcement operation

    News/Press release
  • 13Jun2017

    Global Airline Action Day 2017

    Publication/Document
  • 13Jun2017

    Network of payment card fraudsters dismantled: 3 000 victims lost at least EUR 500 000

    News/Press release
  • E-Commerce: Tips And Advice To Avoid Becoming A Fraud Victim

    How-to guide
  • 14Mar2017

    Credit card fraud in 130 000 cases: Organised crime group disrupted in European cross-border action

    News/Press release

Pages

  • « first
  • ‹ previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • …
  • next ›
  • last »

Source URL: https://www.europol.europa.eu/crime-areas-and-trends/crime-areas/forgery-of-money-and-means-of-payment/payment-fraud?page=3