Germany’s Million Mask Scam Foiled as Organized Crime Goes Online
17 Apr 2020

By Will Neal, OCCRP, 16 April 2020

OCCRP — With coronavirus cramping the usual activities of gangsters, organized crime is increasingly going online, experts said on Thursday, following the bust of a group attempting to sell millions of non-existent masks to German health authorities.

Europol announced this week that authorities and financial institutions in several countries  cooperated in the sting, which targeted fraudsters who used sham email addresses, as well as fake and cloned websites, in an effort to rob the German government of as much as 2.4 million euros. Two people have been arrested in the ongoing investigation.

The attempted robbery highlights how criminal groups have turned to online scams to make up for revenue losses caused by the pandemic, said Lucia Bird, a senior cybercrime analyst at the Global Initiative Against Transnational Organised Crime.

“If you look at some of the types of crimes that have spiked, phishing is one of them,” she said, referring to a scam in which criminals pose as legitimate institutions to convince people to reveal sensitive information such as credit card numbers.

“You can buy a phishing kit online for around $50, and some marketplaces are even offering discounts on cybercrime kits and software given the boom in opportunity,” Bird said by phone from London.

German health authorities realised they had been targeted only after paying a down payment for the masks. Authorities in Germany, Ireland, The Netherlands and the United Kingdom then sprang into action in an operation coordinated by the transnational law enforcement agencies Europol and Interpol.

Working with financial institutions, investigators managed to prevent the funds from reaching their final destination, Nigeria, Europol said.

“We know that Europol are tracking a number of mask-related scams through Europe, and there have been many reports of similar incidents elsewhere,” Bird said. “In a number of these cases, the funds were transferred and not recalled in time, and it remains to be seen if they can be recovered.”

Since the outbreak of the pandemic, OCCRP has reported how the disease has fueled an explosion in cybercriminal activity around the world, from low-level scams like phishing and deceptive advertising, to fraudsters impersonating governments and international health organisations.

The case announced this week by Europol showed a tech-savvy group working across borders to enmesh German health authorities in a sophisticated scam.

Read more at OCCRP

RiskScreen: Eliminating Financial Crime with Smart Technology

Advance your CPD minutes for this content, by signing up and using the CPD Wallet