Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Cyber criminals 'posing as CEOs to con staff into transferring them money'

Europol's major review of online threats warns fraudsters are emaling or phoning employees with access to company funds

Paul Gallagher
Wednesday 30 September 2015 20:23 BST
Cyber crime is becoming increasingly hostile, the report says
Cyber crime is becoming increasingly hostile, the report says (Rex Features)

Cyber criminals are posing as CEOs of companies and conning lower-ranking staff into transferring large sums of money to them, Europol has warned in a major review of online threats.

The European Union’s law enforcement agency said fraudsters were emailing, or even phoning, employees with access to company funds and instructing them to carry out their urgent demands.

Subsidiaries of multinationals are being targeted in this new area of cyber crime, as staff in regional offices often do not know senior management in holding companies “and may be fearful of losing their job if they do not obey”, the report warns.

€1.44bn

The total exchanged in fradulent transactions in 2013

The Internet Organised Crime Threat Crime Assessment 2015 (iOCTA), a wide-ranging review of developing online criminal threats on issues from child abuse to e‑fraud, also said the rise in non-card transactions had encouraged an “arms race” between cyber criminal entrepreneurs devising new attack methods, and the card industry as it develops counter-measures to protect customers and businesses.

The most recent figures available showed there were €1.44bn in fraudulent transactions in 2013 – a rise of 8 per cent on the previous year. The report also warned that cyber crime is becoming increasingly hostile and that cyber security is lagging behind.

“Instead of subterfuge and covertness, there is a growing trend of aggression in many cyber attacks, and in particular the use of extortion, whether it is through sexual extortion, ransomware or Distributed Denial of Service [DDoS] attacks,” it said.

A DDoS attack is launched from multiple sources and often uses thousands of IP addresses; it is intended to render a machine or network incapable of use. Sites targeted typically include banks or credit card payment gateways; other attacks are motivated by revenge or blackmail.

It was revealed last month that the mobile phone retailer Carphone Warehouse had been hit by a DDoS attack which jeopardised the personal details of 2.4 million customers.

Europol said child sexual exploitation still poses “major concerns”, with the “hidden web” of the Darknet encouraging abusers to widen their net. “The nature of these services drives the abuse of new victims because the production of fresh material is demanded for membership on child abuse forums and it reinforces the status of the contributors,” the Europol report said.

The widespread use of smartphones is the main reason for an increase in self-generated indecent material, which makes adolescents vulnerable to sexual extortion.

The agency said the marked increase in the abuse of hosting services meant it was vital that providers introduced procedures identifying and stopping the spread of child abuse material. It also called on police around Europe to dismantle the online communities and forums where paedophiles congregate, fuelling the demand for more material and putting children at further risk of becoming victims.

A central recommendation of the report was for greater collaboration between police forces and the financial sector, web hosting companies and all other relevant organisations, to combat the “growing threat” of cyber crime.

The EU hosts around 13 per cent of the world’s malicious websites, with the Netherlands accounting for “the most significant proportion”, followed by Germany, the UK and Portugal.

Cyber threats

Ransomware attacks: A form of malware where devices or machines are rendered useless, with payment demanded before access is restored. Information stealers, such as banking Trojans, and the criminal use of Remote Access Tools, feature heavily in malware investigations.

Card Not Present fraud: Increasing with the rise in merchants embracing e-commerce and with effective measures to combat card present fraud. Novel malware attacks on ATMs are also still evolving. Almost 70 per cent of Visa and Mastercard’s losses last year were as a result of CNP fraud.

Bitcoin becoming mainstream: The digital currency is becoming the common currency for EU cyber criminals. It is no longer used preferentially within the Darknet but is increasingly being adopted for widespread cybercrime too.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in