Tag Archives: Online Crime

Mitie unveils online crime reporting partnership with Facewatch

FTSE 250 strategic outsourcing company Mitie has announced a strategic partnership with Facewatch, the online crime reporting and networking service.

Facewatch is a secure, cloud-based platform that enables business users, the public and the police to report low-level crime with CCTV evidence and to share offender images and intelligence with other businesses within secure groups.

Facewatch provides tools to develop intelligence about specific individuals and affords advanced statistics enabling businesses and the police service to drive down crime.

The Facewatch system holds the police approved Secured by Design accreditation and is fully accepted by the Crown Prosecution Service (CPS) as a means of accessing digital case files within UK Courts of Law. Facewatch is accessible from any Internet-connected device.

Mitie has forged an online crime reporting partnership with Facewatch

Mitie has forged an online crime reporting partnership with Facewatch

This new partnership will see Mitie take control of the entire crime reporting process on behalf of its customers.

Using Mitec, Mitie’s hi-tech security hub, analysts will be able to review CCTV footage, prepare incident reports and develop evidential packs in line with police service and CPS guidelines so these can be used to support prosecutions.

Crime reporting and threat analysis

Darren Gamage, managing director of technology services at Mitie’s Total Security Management business, said: “Working with Facewatch gives us an exciting opportunity to enhance our crime reporting and threat analysis service for our customers. Our analysts in Mitec will work with the various police forces in efficient crime reporting, allowing us to better manage risk and document incidents.”

Gamage added: “We will also be able to share data across our clients’ estates where we’re already monitoring their systems or providing a physical security presence.”

Simon Gordon, chairman of Facewatch, commented: “We’re delighted to be working with Mitie on this launch. Delivering an instant and secure reporting solution to offences such as shoplifting, personal theft and vandalism is key to our partnership. We are focused on improving the quality of crime reports sent to the police from businesses, assisting in developing police efficiencies and reducing crime.”

The Facewatch system now contains around 18,000 images and logs over 8,000 business premises. The concept was kick-started back in March 2010.

Advertisements

Leave a comment

Filed under Risk UK News

City of London Police Commissioner calls on financial centres to act now and prevent a major cyber attack

International financial centres, Governments and law enforcement must work closely together to prevent organised criminals and terrorist organisations from bringing global markets to a standstill with a massive cyber attack. This was the message delivered by City of London Police Commissioner Adrian Leppard when he appeared as the keynote speaker at the Financial Crimes and Cyber Security Symposium in New York.

Hosted by the New York County District Attorney’s Office and held in the Federal Reserve Bank, the event was attended by more than 300 delegates from the world of policing, finance and public and private sector cyber security.

Commissioner Leppard, whose UK force is the National Policing Lead for Fraud, highlighted the increasingly sophisticated fraud and cyber threats facing world financial centres, with a particular focus on the City of London and Wall Street. He pinpointed the risks posed by state-sponsored espionage and terrorism using highly complex malware – such as Ransomware and Distributed Denial of Service (DDoS) attacks – to threaten the integrity of trading platforms and major deals.

Commissioner Leppard also stated it’s now vital that law enforcement and financial institutions share information on the current threats. He called for companies to be legally obliged to report to the authorities when they have fallen victim to a cyber attack and thereby ensure steps can be taken to protect other financial institutions and target the offenders.

Adrian Leppard: City of London Police Commissioner

Adrian Leppard: City of London Police Commissioner

In recognition of the rapidly evolving and expanding threats to the global financial districts, including London and New York, the City of London Police and the New York County District Attorney’s Office are to forge a closer alliance. From Spring 2015, there will be a staff exchange programme between the two agencies aimed at developing greater operational collaboration, intelligence sharing and de-briefing of investigative Best Practice.

This development comes hot on the heels of the City of London Police signing an agreement with the Royal Bank of Scotland to have financial experts from the bank providing specialist advice and guidance under the force’s new Corporate Volunteer Consultancy Scheme.

Determination of international criminals

Speaking from New York, Commissioner Leppard said: “We cannot underestimate the determination of international criminals, operating alone or as part of serious organised crime gangs or terrorist organisations, to launch a major strike against our financial centres, particularly in London and New York. It’s therefore crucial we take a proactive approach to this threat by putting in place the technical and legal systems that will keep trading platforms secure from malware and prevent companies from being compromised by a rogue employee or weak IT systems.”

The Commissioner continued: “The agreement signed by the City of London Police and the New York County District Attorney is another important step in the right direction, bringing the people who protect the Square Mile and Wall Street closer together and ensuring we’re doing everything we can to thwart what has become a common enemy.”

New York County District Attorney Cyrus R Vance Junior added: “An increasingly close connection between cyber crime and financial crime means that co-operation is more important than ever. Our international partnerships, in particular our ongoing collaboration with Commissioner Leppard and the City of London Police, reflect a changing landscape and the understanding that cyber criminal attacks will not be limited by state or national borders. This is why it’s essential for financial institutions, Governments and law enforcement agencies to work together in protecting the integrity of our markets and financial systems as well as our citizens.”

Leave a comment

Filed under Risk UK News

International law enforcement deals major blow to Dark Web markets

Co-ordinated activity by law enforcement bodies in Europe and the US has targeted marketplaces for illegal commodities on The Dark Web – the ‘hidden’ areas of the Internet.

Working with police forces across the UK, the National Crime Agency (NCA) arrested six people on 6 November in strikes co-ordinated with international partners. Those arrested include suspected administrators for the online drug marketplace Silk Road 2.0 and another drug marketplace, as well as significant vendors of illegal drugs through The Dark Web.

Simultaneously, partners from the European Cybercrime Centre – acting on intelligence developed by US counterparts – took out technical infrastructure which is key to the hosting of illegal marketplaces on The Dark Web. In total, over 400 hidden services were taken down.

The six people arrested on suspicion of being concerned in the supply of controlled drugs were a 20-year-old man from Liverpool city centre, a 19-year-old man from New Waltham in Lincolnshire, a 30-year-old man from Cleethorpes, a 29-year-old man from Aberdovey in Wales, a 58-year-old man from Aberdovey, Wales and a 58-year-old woman (again from Aberdovey in Wales). All six were interviewed and have been bailed pending further enquiries.

Silk Road 2.0 seized notice

Silk Road 2.0 seized notice

A large amount of computer equipment was seized at all the addresses searched and will now be forensically examined.

The action taken by the NCA and its partners across Europe and America is part of continuing operations to target the use of online marketplaces to trade in illegal commodities such as Class A drugs, firearms and false documents. Anyone who tries to access Silk Road 2.0 will now see a notice highlighting the site has been seized.

Roy McComb, deputy director of the National Crime Agency, commented: “Over the months since the original Silk Road was taken down, we have been working with partners in the US and Europe to locate technical infrastructure key to The Dark Web and to investigate individuals suspected of significant involvement in illegal online marketplaces. Those arrested by the NCA in this phase of the operation are suspected of setting up Silk Road 2.0, or of being significant vendors of illegal drugs.”

McComb continued: “The operation is ongoing and more arrests can be expected as we continue to investigate those involved in setting up and profiting from these illegal marketplaces. Criminals like to think that The Dark Web provides a safe, anonymous haven but in reality this is just like any other organised crime network. It may take time and effort to investigate and build a criminal case, but we’re determined to identify and prosecute people caught dealing drugs and committing serious crime using The Dark Web.”

Leave a comment

Filed under Risk UK News

YouGov poll finds millions leave themselves open to scams as banks launch awareness campaign

The British Bankers Association is launching a fraud awareness campaign at a time when YouGov polling reveals that millions of people in Great Britain are unwittingly leaving themselves vulnerable to scams perpetrated by fraudsters posing as their bank.

The YouGov poll assessed customers’ responses to some of the common tactics used by criminals over the telephone, via e-mail or via text. Based on the answers, the British Bankers Association (BBA) calculates that people all over the country could fall foul of the most prevalent frauds around.

*Eight million individuals are vulnerable to ‘vishing’ or voice phishing
*Four million might transfer money into another supposed ‘safe’ account if instructed to do so
*Three million could be willing to carry out ‘test transactions’ online
*1.7 million would pass their bank card over to a courier on their doorstep if that courier were carrying some form of ID card

To counter this situation, the UK retail banks – with the support of law enforcement bodies including the City of London Police and the National Crime Agency – have produced a new leaflet and are launching an awareness drive called ‘Know Fraud, No Fraud’ in order to help their customers spot the difference between a legitimate call and one received from a fraudster.

The leaflet includes eight things your bank would never ask you (but a fraudster might), advice on how to avoid becoming a victim and instructions on what to do if you are caught out. It will be available across the country in bank branches and police stations and also on the ‘Know Fraud, No Fraud’ website at: http://www.knowfraud.co.uk

The BBA is launching a fraud awareness campaign as YouGov polling reveals that millions of people in Great Britain are unwittingly leaving themselves vulnerable to scams perpetrated by fraudsters posing as their bank

The BBA is launching a fraud awareness campaign as YouGov polling reveals that millions of people in Great Britain are unwittingly leaving themselves vulnerable to scams perpetrated by fraudsters posing as their bank

The leaflet sets out eight things your bank will NEVER ask you to do:

(1) Ask for your full PIN number or any online banking passwords over the phone or via e-mail
(2) Send someone to your home to collect cash, bank cards or anything else
(3) Ask you to e-mail or text personal or banking information
(4) Send an e-mail with a link to a page which asks you to enter your online banking log-in details
(5) Ask you to authorise the transfer of funds to a new account or hand over cash
(6) Call to advise you to buy diamonds, land or other commodities
(7) Ask you to carry out a test transaction online
(8) Provide banking services through any mobile apps other than the bank’s official apps

Tactics used by the scammers

Anthony Browne, CEO of the BBA, said: “Being defrauded is a devastating experience for anyone which is why we are launching this campaign. The more people know about fraud, the less likely they are to become victims. Our ‘Know Fraud, No Fraud’ initiative will help you spot some of the tactics used by scammers. Your bank would never send someone to your home to collect your cash or ask you to transfer funds to a new account.”

Browne added: “If you suspect you’ve become the victim of fraud please contact Action Fraud and your bank as soon as you can. Specially-trained staff will be able to advise on what to do next.”

Anthony Browne: CEO of the BBA

Anthony Browne: CEO of the BBA

City of London Police Commander Steve Head, the Police National Co-ordinator for Economic Crime, explained: “Fraud and cyber crime is costing the UK tens of billions of pounds each year, in turn causing significant damage to big businesses, destroying smaller businesses and ruining many individual lives. Criminals are also exploiting the technological and Internet revolution to target people of all ages and from all walks of life with ever more sophisticated and convincing scams. These scams are increasingly delivered directly into the home via telephone, mobiles, laptops and tablets.”

Head went on to state: “The key to creating a safer society and stopping the fraudsters in their tracks is law enforcement working in close collaboration with Government and the public and private sector to raise awareness of current and future threats and disrupt and dismantle the networks and enablers directly facilitating much of this criminality. The BBA’s campaign to flag up the most prevalent scams against bank customers and to provide advice on how to avoid becoming the next victim is another important step in the right direction and is fully supported by the City of London Police in its role as the National Policing Lead for Fraud.”

City of London Police Commander Steve Head

City of London Police Commander Steve Head

Nigel Kirby, deputy director of the Economic Crime Command, commented: “Prevention is vitally important in the UK’s fight to cut fraud, and the National Crime Agency fully supports this campaign which gives people the information they need to protect themselves. If you’re familiar with the ways in which criminals try to scam you, then you are far less likely to become a victim of the fraudsters.”

Vishing and ‘safe accounts’

In vishing cases, a fraudster will say they are from the bank or police, and that a fraudulent credit card payment has been spotted or a card due to expire needs to be replaced. To convince the intended victim they are genuine, the caller will suggest the customer hangs up and calls the bank back on the number printed on the back of their debit or credit card. However, the fraudster never actually disconnects the line so that when you call the real number you are still speaking to them.

Often, the fraudster will then ask for the customer’s PIN and then send a courier to the victim’s home to collect the bank card, promising to provide a new one. By now the assailant has obtained the victim’s name, address, bank details, card and PIN – enough to make large bogus payments.

If you receive a suspicious call, if possible use another phone or wait at least two minutes for the line to disconnect before picking up and dialling again.

When it comes to ‘safe accounts’, criminals posing as bank officials will instruct a customer that their account is under threat (usually from a corrupt bank employee or cyber criminals). They will be instructed by the ‘bank’ to transfer money into a new ‘safe account’ which is actually the fraudster’s account.

Your bank will NEVER ask you to authorise the transfer of funds to a new account or hand over cash.

Test transactions and courier fraud

In some circumstances, criminals pretending to be from a bank might e-mail a customer asking them to perform a ‘test’ transaction online, sometimes claiming there is some technical issue on their account. Rest assured that your bank will NEVER ask you to carry out a test transaction online.

Often a follow-up to vishing, having posed on the phone as a fake bank employee to extract key security information – such as a customer’s full PIN code – the criminal may also say that they are sending an official courier to your home in order to collect the corresponding card. These couriers will have ‘official’ identification.

In the year ending March 2014, 211,344 fraud offences were recorded in England and Wales

In the year ending March 2014, 211,344 fraud offences were recorded in England and Wales

Another courier fraud ruse is for the criminal to pose as the bank in order to ask the victim to participate in a fake police investigation, usually involving a corrupt bank employee who has been stealing from customer accounts. Typically, the customer will be asked to withdraw substantial sums of money over the counter at their bank without arousing the suspicion of the staff. They are then told to wait at home for it to be collected by a courier for safe keeping.

Your bank will NEVER send someone to your home to collect cash, bank cards or anything else.

Top line facts about fraud

In the year ending March 2014, 211,344 fraud offences were recorded in England and Wales. This is equivalent to four offences recorded per 1,000 members of the population. This represents a volume increase of 17% compared with the previous year.

In 2012, the UK Government fraud indicator suggested that fraud against UK individuals costs £6.1 billion per annum. This total is based upon estimates on the scale of mass marketing fraud, identity fraud, online ticket fraud, private rental property fraud and electricity scams.

Leave a comment

Filed under Risk UK News

“Nearly half of all frauds are identity crimes” reveals CIFAS

Data-driven identity crimes – ie frauds carried out using a victim’s identity details to obtain new accounts or take over existing ones – accounted for over 45% of all the confirmed frauds identified in the first three quarters of 2014. These figures issued by CIFAS continue the pattern seen in recent years, underlining the severity of the challenge facing consumers and businesses.

While identity fraud existed before the proliferation of online services, the use by online crooks of data such as passwords and e-mails or personal data harvested through hacking attacks and social engineering can now be considered the ‘norm’ in terms of fraud.

The 45% figure may represent a small decrease from some of the proportions recorded in previous years, but identity crimes represent as strong a challenge as ever to the financial well-being of organisations and consumers.

CIFAS’ communications manager Richard Hurley commented: “For the modern fraudster, knowing somebody’s personal or financial details is a licence to print money and the continuing preponderance of such data-driven financial crime must serve as a warning. Defeating it means we have to demand that organisations do more to handle our data securely, and ramp up their fraud prevention efforts accordingly. Individually, however, we also have a responsibility to look after our own details. Without doing so, we are effectively handing access to our bank accounts to a complete stranger.”

Data-driven identity crimes - ie frauds carried out using a victim’s identity details to obtain new accounts or take over existing ones - accounted for over 45% of all the confirmed frauds identified in the first three quarters of 2014

Data-driven identity crimes – ie frauds carried out using a victim’s identity details to obtain new accounts or take over existing ones – accounted for over 45% of all the confirmed frauds identified in the first three quarters of 2014

Victims of fraud must not be forgotten

Since 2010, there have consistently been over 100,000 instances of victimisation each year. The figures for 2014 to date indicate that this year will repeat the pattern, with almost 90,000 victims of identity crime already pinpointed by the organisations using the CIFAS National Fraud Database.

“Fraud is far from a victimless crime,” noted Hurley. “Not only do the victims suffer an immediate financial cost but they also have to contend with the time taken to sort out the mess left behind and the worry caused by not knowing how the fraudster managed to steal their details. While it’s understandable that a financial cost is always asked for in relation to fraud, it must be remembered that fraud has a far more lasting and personal impact upon victims. It’s one that cannot be summed up in terms of monetary value alone.”

While fraud may never be eliminated, figures such as these – and the patterns of recent years – prove that UK plc must become more aggressive in its approach to fraud prevention.

CIFAS CEO Simon Dukes explained: “While many organisations have put in place robust and comprehensive strategies designed to combat online crooks, and have empowered their customers to do the same, that doesn’t mean all organisations have done so.”

Dukes concluded: “Surely now every organisation and individual must recognise that if they don’t co-operate with others in terms of identifying and implementing good practice, data sharing and responsible online behaviour then they instantly become the weakest link in the chain. This means that they encourage fraudsters to continue their crimes, in turn damaging us all individually and collectively.”

Leave a comment

Filed under Risk UK News

Growing risk of online crime threatens London’s business reputation

The capital’s reputation as a safe place in which to do business is under threat unless firms are better prepared against the rising threat of online crime.

A new report from the London Chamber of Commerce and Industry (LCCI) argues that, despite efforts from Government and law enforcement, London firms – particularly small and medium-sized enterprises (SMEs) – are still largely oblivious to the ever-more sophisticated methods cyber criminals are using to steal valuable information.

Cyber crime costs UK companies alone at least £21 billion per year. The costs of a security breach experienced by smaller organisations are rising, with the average cost of the worst attacks now between £65,000 and £115,000 (up from £35,000 to £65,000 a year ago).

The LCCI report – entitled: ‘Cyber Secure: Making London Business Safe Against Online Crime’ – finds that:

*Over 50% of London firms had experienced a cyber breach
*Cyber crime numbers and costs could be far higher due to widespread under-reporting of online fraud to Action Fraud
*A lack of awareness of cyber threats and the high costs of protection remain significant barriers to firms implementing stronger security measures
*Smaller firms are becoming increasingly targeted by cyber criminals as their systems are generally easier to access and they provide an open door to larger companies via supply chains
*Government initiatives to improve awareness and resilience (and to reduce the costs of security) are welcome, but often use overly complex and technical language which renders them inaccessible to the average SME

The capital’s reputation as a safe place to do business is under threat unless firms becomes more prepared against the rising threat of online crime

The capital’s reputation as a safe place to do business is under threat unless firms becomes more prepared against the rising threat of online crime

Creating a single ‘landing pad’ of resources

The LCCI calls on the Government to create a single ‘landing pad’ of cyber security resources aimed at business, making it simpler for companies to know where to go for advice. The Mayor of London can complement this resource for the capital’s firms through the proposed London Business Resilience Centre.

Despite the Government’s designation of Action Fraud as the first point of contact for cyber crime victims, many businesses are not aware of the service’s existence. Minimising the information required from companies and better promotion would help increase reporting rates for vital intelligence.

More also needs to be done to make it easier for firms to recover the costs of cyber crime, and in particular those acts of criminality perpetrated in the UK.

The Government should encourage Internet Service Providers (ISPs) and banks to use the cover of existing laws to release data that could result in faster and more decisive action being taken against criminals.

Some simple guidance to help firms navigate the civil or criminal legal system would also be of valuable assistance.

Growing menace of cyber crime

Colin Stanbridge, CEO of the LCCI, said: “The growing menace of cyber crime is costing business dear in financial, data and intellectual property loss terms. SMEs often have very limited resources they can allocate to cyber security so the Government and Mayor of London must be more targeted in their approach to reaching smaller firms with helpful information, and focus on providing easy–to-adopt online security solutions.”

Stanbridge continued: “Unless more is done to help smaller firms understand and put in place at least basic security measures, the reputation of London as a major global centre for business is vulnerable. The authorities need to work together to make the process of online protection simpler, quicker, easier and cheaper for the smaller firm such that the health of the economy and the reputation of the capital is not undermined.”

Stephen Greenhalgh (Deputy Mayor of London for Policing and Crime) added: “The advance of technology has shifted criminal activity from the streets to the PC. The LCCI cyber security report paints a determined picture of a strong will from Government and law enforcement to protect businesses, but a confused landscape in terms of fragmented initiatives and policy responses. This report should galvanise the effort and make this confusing landscape easier for the business owner to navigate, from the online SME right through to the multinational. MOPAC looks forward to working with the LCCI to raise awareness and simplify the plethora of initiatives out there, particularly for SMEs, through single hubs like the London Business Crime Resilience Centre.”

City of London Police Commander Steve Head, who is also the Police National Co-ordinator for Economic Crime, explained: “Cyber crime is estimated to be costing UK companies at least £21 billion every year, but the reality of the situation is that this huge figure would be even higher if all businesses reported to the authorities when they had fallen victim to an offence committed through the Internet or via other emerging technologies.”

Head also stated: “It’s therefore vitally important that SMEs who fall victim to an online crime contact Action Fraud which, in May, became part of the City of London Police and now sits directly alongside the force’s National Fraud Intelligence Bureau. Working together, they are improving the service provided to small companies whose security has been breached by cyber criminals with, most importantly, the arrival of bulk reporting for industry just around the corner.”

City of London Police Commander Steve Head

City of London Police Commander Steve Head

In conclusion, Head opined: “The past year has also seen a significant rise in crime disseminations to UK forces for investigation and a huge rise in the disruption of criminal enablers. However, it’s only by having the full picture of how cyber crime is targeting industry to hand that law enforcement and Government can put in place the resources and measures required to combat what has very quickly become a massive threat to the sustainability and profitability of companies operating the length and breadth of the land.”

Leave a comment

Filed under Risk UK News