We all see and are familiar with the trend towards fraudulent activities in online business. Actually, it has been more than a trend for a long time. It is a business, an illegal business of organisations that are similar in structure and organisation to a well-run company. The leaders in these businesses manage digital identity theft, misuse of personal data, purchasing and reselling of goods, and of course what is more important is the revenue from these resales. After all, they want to become rich from doing it.
Today, the internet is the most popular way to commit fraud and crime. Ever since the introduction of the EMV chip on credit and debit cards, counterfeiting has become too complicated, if not almost impossible. As a result, the business is moving into the digital realm where some personal data and passwords are floating around unprotected, and especially where it is possible to order a lot of goods with relatively little data.
In my opinion, the public authorities are particularly lacking in human resources and technical means to combat fraud quickly and efficiently in online business. Also, operators of online shops are not always immediately aware of account misuse, which is terrible for their reputations.
If misuse of data is noticed, long official channels often make it difficult to trace criminal sources that not only cross international borders digitally, but also cross real borders with stolen goods disguised by delivery and logistics shipments.
But even if we just focus on Germany, where do we turn to, and who has jurisdiction? Is it the main office of the online retailer? Or the defrauded customer’s place of residence? Or where the goods were first delivered?
I think our job is not just to fend off fraudsters and to deny them the opportunity to participate in online business with stolen data and wrong addresses. We send these fraudsters to shops that cannot afford the expense of professional fraud protection, because in addition to the money it costs for service providers and me, the company also has to develop the appropriate expertise.
Our role should go beyond that. My opportunity arose in 2017 with my participation in the E-Commerce Working Group of EC3, Europol’s European Cybercrime Centre. Once a year I go on a 10-day “criminal hunt” in E-commerce with Europol and other private companies participating in what is called the “Retail Week of Action”.
On these 10 secret days, we shorten the usual process and report suspicious activity directly to the authorities, who set up special command posts for this purpose. Online retailers, banks, logistics companies, and financial services providers deliver individual puzzle pieces of data and information that are pieced together to form a revealing picture for exposing fraud in online business and identifying the criminals responsible. Direct action and numerous arrests are evidence of the partnership’s success.
During this time, I go beyond mere fraud prevention and protection together with police authorities and private companies. We go a step further in tracking and identifying organisations from the digital world to the real world, always with the aim of getting closer to fraud-free, fair online business.