Experts warn sting operations may make fraudsters harder to catch in future and drive them offline.
Sting operations by law enforcement agencies could force online criminals to forge closer links with each other offline, and become even more difficult to track down and arrest, according to a leading e-crime expert at Lloyds TSB.
Speaking at the annual RSA Conference Europe event in London today, Mark Stanhope, senior manager of e-crime at the bank, warned that operations such as Dark Market, in which the FBI infiltrated the eponymous internet chat room used by fraudsters, could backfire.
“They are getting more tightly organised – the risk is that we push them offline or into closed groups where they conduct their business dealings,” he argued. “Their language skills are also getting better – at the moment there are a series of small boutiques hired to carry out various functions.”
Marc Cramer, information security consultant for Dutch financial institution ING, explained that online fraudsters tend to practice and hone their attacks in one European country and then move on to another country to carry out the attack. He added that all the phishing attacks he now monitors are blended with malware and Trojans.
To mitigate the risk of being hit, two-factor authentication for customer account access and end-user education are paramount, advised Stanhope. “You can use the best solution in the world but if the customer doesn’t know how to use it, it’s not worth anything,” he added.
“We also need to stress to the customer that it’s a partnership – we’ll continue our education and by inference say if you’re negligent you’ll take some of the burden of loss, but we can’t be prescriptive or it’ll scare the customer away.”
Xavier Serrano Cossio, IT security director of Spanish bank Banco Sabadell, said that monitoring the behaviour of mules – banking customers who sometimes unwittingly launder illegally-obtained funds – can also be a useful tactic for catching criminals.
“The criminals are moving quickly and they have better tools and services,” he added. “They know their market is growing and that more money will be moving online so they will move into other industries.”