Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Four Arrested for ATM Skimming, Payment Card Fraud

Law enforcement agencies in Europe this week announced the dismantling of a criminal network responsible for stealing payment card data and performing illegal transactions.

Called “Neptune,” the operation involved the arrest of four key members of the network on November 30, 2017. All four are Bulgarian citizens.

Law enforcement agencies in Europe this week announced the dismantling of a criminal network responsible for stealing payment card data and performing illegal transactions.

Called “Neptune,” the operation involved the arrest of four key members of the network on November 30, 2017. All four are Bulgarian citizens.

The group’s illegal activities included placing cameras and magnetic strip readers (skimmers) on ATMs in central areas of European cities, as well as producing counterfeit credit cards using the stolen data captured by the skimmers. The individuals used the fake cards to subsequently cash out money from ATMs in non-European countries, such as Belize, Indonesia and Jamaica.

As part of the operation, law enforcement agencies in Italy, Bulgaria, and the Czech Republic, supported by Europol, identified dozens of ATMs that have been tampered with by the cybercriminals.

The operation also resulted in the seizure of more than 1,000 counterfeit credit cards and in the collecting of evidence of many fraudulent international transactions worth more than EUR 50,000. The investigation started in late 2015.

“Since most of the illegal transactions with counterfeit cards took place overseas, the cooperation through dedicated investigative networks set up by Europol has been instrumental,” Europol noted in an announcement.

In September, Europol warned that cybercriminals are increasingly focused on accessing ATM machines through the banks’ networks, while having squads of money mules standing by, ready to pick up the stolen cash.

At a cyberconference in Bucharest in early November, Kaspersky Lab security researchers presented the numerous methods cybercriminals use to compromise ATMs and also warned on how easy such machines can be ensnared into botnets.

Earlier this week, Europol announced the results of the European Money Mule Action ‘EMMA3’, a global law enforcement action week against money mulling (20 to 24 November). A joint effort of law enforcement from 26 countries, the operation resulted in 159 arrested, 409 suspects interviewed, and 766 money mules and 59 money mule organizers identified.

Last year, 178 individuals were arrested across Europe for acting as money mules, helping criminals move stolen money out of the country of theft to criminal bank accounts abroad.

Related: Creating ATM Botnets Not Difficult, Researchers Say

Related: Europol Warns Banks ATM Cyber Attacks on the Rise

Related: Europe Cracks Down on Money Mules: 178 Arrested in Global Operation

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.