International Effort Brings Down ATM Cash-Out Scheme that Stole $45 Million. 12 Arrested with Police of Many Nations Cooperating and Sharing Info via INTERPOL.

Posted on May 12th, 2014 by Dan Rampe

Interpol

How do you catch cybercriminals who operate globally without regard to national boundaries? Who are able to take advantage of the world’s variety of jurisdictions, currencies, cultures and political systems to avoid punishment? That’s the task facing law enforcement agencies from Austria to Australia.

A piece on darkreading.com details how multiple police agencies cooperating and sharing information with the help of INTERPOL’s global network brought down a criminals network that ripped off some $45 million.

International facilitation through INTERPOL’s global network connected investigators across the globe and resulted in the arrest of more than two dozen people involved in two related cases of payment card fraud where a total of USD 45 million was stolen worldwide.

Following on this successful international collaboration, INTERPOL held a two-day meeting this week (29 and 30 April) bringing together law enforcement and private sector representatives to discuss lessons learned and generate strategies for improving future investigations, as well as to identify and locate any remaining suspects.

Known as an ‘ATM cash-out scheme’, this sophisticated crime occurs when a cybercrime organization hacks into the networks of payment card companies to steal the card numbers, as well as remove any spending or withdrawal limits. The card numbers are then sent out to members of the network around the world, who code them onto blank cards and use them to withdraw massive amounts of cash from bank machines.

In December 2012, hackers stole the card numbers of prepaid debit cards issued by a bank in the Middle East. The card numbers were used to with withdraw some USD 5 million in cash from bank machines across 20 countries.

Soon after, the same cybercriminal network hacked into another payment card processing system and accessed the numbers for cards issued by a second Middle Eastern bank. In this case, the criminals made off with USD 40 million from bank machines in 25 countries.

Between the two cases, the criminals stole money via bank machines in a total of 26 countries worldwide, including Canada, Colombia, Japan, Egypt, Romania, Russia, Sri Lanka, the UK and the US. The money was laundered through purchases of luxury goods such as expensive watches and sports cars.

“The sophisticated cybercrime aspect of these cases illustrates how technology has broken down borders, allowing criminals to access information and coordinate crimes in many locations simultaneously, said Glyn Lewis, INTERPOL’s Director of Specialized Crime and Analysis.

“To match these new technologically savvy criminal organizations, now more than ever police must collaborate with their counterparts globally via INTERPOL to share information and cooperate on transnational investigations,” he concluded.

INTERPOL played an operational support role to connect the countries investigating these cases within their respective jurisdictions. A working meeting organized by INTERPOL in early 2014 brought together investigators to discuss the details of the two thefts and to share information about the perpetrators and their known locations, and the Organization facilitated communication among investigators globally.

Once the suspects were identified and located, INTERPOL issued Red Notices alerting police worldwide that they were wanted in connection with these crimes. To date, some 25 individuals have been arrested in more than five countries.

“The investigative meeting being held this week at INTERPOL is an example of the cooperation between international law enforcement partners that is essential to successfully investigate and apprehend these multinational cybercriminals.

“The professional relationships strengthened here in Lyon will assist in providing clear lines of communication with our trusted international law enforcement partners,” said Scott Sarafian, Supervisor of the US Secret Service New York City Electronic Crimes Task Force.

During the meeting, experts from law enforcement and private sector partners shared information on this type of cybercrime and how to more effectively prevent, investigate and prosecute these crimes.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.