Online shopping fraud: Mobile phones being targetted in smishing attacks

The coronavirus pandemic has sparked a sharp rise in online shopping fraud, Europe's policing agency warned on Thursday, saying criminals continued to prey on victims working from home. Fears of catching the virus have driven a sharp increase in online shopping, which in turn has led to a major rise in delivery fraud in the second year of the pandemic, Europol said in its annual cybercrime report. "The extension of lockdowns throughout Europe has brought with it a number of new e-commerce opportunities, which have often proven to be a target for criminals," the Hague-based agency said.

"Criminals offer goods and receive payment without delivery, defraud online shops with weak security measures, or use delivery services as phishing lures," it said.

Mobile phones in particular were being targeted, with criminal gangs posing as delivery services pretending to offer information about a parcel, but in reality hoping to get the victim's account and credit card details.

This included sending messages via SMS on mobile phones, a practice referred to as "smishing."

Meanwhile, the dark web continued to be the main market place for illicit activity, despite recent global police successes in taking down illegal websites such as DarkMarket in January.

Europol said cryptocurrencies like Bitcoin and Monero remained the most popular form of payment for illegal goods and services on the dark web.

Weapons appear to be increasingly traded on the dark web as well as through encrypted chat groups, Europol said.

Novel weapons, such as those made by three-dimensional printers, were also on the rise.

For instance, Spanish police in September last year busted a workshop where these weapons were being made.

There, law officials seized templates for guns downloaded from the dark web and several 3D printers, "one of which was in the process of printing a small firearm," Europol said.

U.S. offers $10 million reward in hunt for DarkSide cybercrime group

(Reuters) - The U.S. State Department on Thursday announced a reward of up to $10 million for information leading to the identification or location of anyone with a key leadership position in DarkSide, a cybercrime organization the FBI has said is based in Russia.

The FBI has said DarkSide was responsible for the May cyber attack targeting the Colonial Pipeline, causing a days-long shutdown that led to a spike in gas prices, panic buying and localized fuel shortages in the U.S. Southeast.

The State Department also said it is offering a reward of up to $5 million for information leading to the arrest or conviction in any country of any person attempting to participate in a DarkSide ransomware incident.

"In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals," the department said in a statement.

Colonial Pipeline has said it paid the hackers nearly $5 million in Bitcoin to regain access to its systems. The U.S. Justice Department in June recovered about $2.3 million of the ransom.

The State Department in July offered a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participated in malicious cyber activities against U.S. critical infrastructure.