Cracking down on online fraud: what law enforcement is doing to stop fraudsters

It’s no secret that the size and scale of online fraud in ecommerce continues to grow each year - read more about this here. In fact, the numbers are so staggering that we’re often asked what law enforcement are doing to combat this growing crime. We decided to head over to the offices of the DCPCU, or Dedicated Card and Payments Crime Unit, here in London to learn more.

The DCPCU is made up of both London Metropolitan and City police officers and is sponsored by the UK banking industry. They investigate with an aim to prosecute offenders of 3 types of fraud: card not present (CNP), social engineering and staff insiders. CNP fraud is online payment fraud, while social engineering is defined as, “an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.” This includes phishing scams, romance fraud and baiting. Staff insiders is when staff working for banks target customer accounts to use for organised criminal activity.

Since online fraud takes many forms and is happening on a huge scale, the DCPCU focuses on investigating and prosecuting large scale operations; or organised fraud rings. They receive data from partner banks, merchants and other law enforcement agencies around the country and globe in order to investigate and prosecute prolific offenders. The biggest trend they’re seeing is brokerage, or “fraud as a service”. Brokerage is when fraudsters carry out fraud on behalf of others. For example, they might advertise an iPhone X for £750 on Facebook when the actual retail price is £999, use compromised to card details to purchase the phone on behalf of the consumer and pocket the difference. Often the consumer has no idea that there’s a fraudster playing middle man due to the sophisticated scale of operations and marketing tactics they use.

When it comes to CNP fraud, the DCPCU understands that they aren’t able to arrest their way out of the problem. Instead, they hope that by shutting down the big offenders and organised crime rings, they will send a message to low-level offenders that this behaviour won’t be tolerated. They also take any data they have that could be useful to their partner banks, merchants and law enforcement agencies and share it when and how appropriate. They have connections with European law enforcement agencies because of Europol and they also work with US law enforcement to stop any cross-border criminal activity.

To end the podcast, I asked them what they wished merchants would do more of. Sean replied that he would like to see merchants sharing data between themselves and where possible and necessary, include law enforcement. At Ravelin, we also believe collaboration is one of the best ways to defeat fraud on a larger scale.

To learn more about online payment fraud visit our insights page.