The Digital Police Officer using linguistic analysis to identify cybercriminals

The aim of the Digital Police Officer project (DPO) is to identify cybercriminals based on their writing style. When a criminal underground forum is closed down, cybercriminals move to another one to further their illicit business. These users do not necessarily return with the same uername. We are producing a demo that can still identify such cybercriminals. We look at the way they communicate, analysing the characteristics of forum users (i.e. based on their vocabulary and grammar) to build a linguistic fingerprin

Deviating from the cybercriminal script: Exploring the contextual factors and cognitive biases involved in carding

This thesis explores the contextual factors and cognitive biases involved in the decision-making of carders. Carders engage in carding, the obtaining and cashing out of stolen payment card details. This works examines what operational security carders employ to stay secure and how they can make mistakes in these processes. It also analyses what mechanisms are in place to create bonds of trust in pseudonymous environments on the Web and how this complicates investigations into such illicit activities. Tutorials, created by carders, are analysed with crime script analysis to create insights into ‘optimal’ decision-making and to design situational crime prevention measures. An analysis of the organisation and tasks involved in carding with the CommonKADS method, however, will show that more extensive mapping of the carding process is required to understand decision-making. Cognitive biases will be explored to better understand the psychological reality of online crime commission. Expert interviews with law enforcement officers, bankers and card issuers will provide some evidence for the existence of such biases in carders. These interviews will also create novel insights into tactics against carding and common issues encountered in policing such international online crimes

Discovering credit card fraud methods in online tutorials

Online underground forums allow for the sharing of up-to-date knowledge on how to optimally commit an online crime. Tutorials focusing on specific online crimes are commonplace and provide members of underground communities with all the information needed to engage in illicit transactions. In this article, tutorials that focus on the online process of cashing out stolen credit card details, i.e. carding, will be analysed. A crime script analysis will reveal the most common ways in which carding is executed. We found that if these paths are meticulously followed, interceptive opportunities are limited for law enforcement. Cases of deviation from these paths are not uncommon, which renders situational crime prevention measures less effective. As a potential solution, we propose the uptake of prospect theory as an analytical tool to account for deviations from the criminal optimal norm. In future work, such a method could better account for all the various ways in which fraudulent activity is committed and contribute to thinking about new preventive measures

Deviating from the cybercriminal script: exploring tools of anonymity (mis)used by carders on cryptomarkets

This work presents an overview of some of the tools that cybercriminals employ to trade securely. It will look at the weaknesses of these tools and how the behavior of cybercriminals will sometimes lead them to use tools in a nonoptimal manner, creating opportunities for law enforcement to identify and apprehend them. The criminal domain this article focuses on is carding, the online trade in stolen payment card details and the consequent criminal misuse of such data. However, these findings could be applied more broadly, as many of the analyzed tools are used across (cyber) criminal domains. This article is a continuation of earlier work, in which a crime script analysis of 25 carding tutorials presented the tools that cybercriminals use to cash-out stolen payment card details while remaining anonymous. We use these tutorials and an analysis of the literature to identify how they can be used incorrectly and create a typology of potential behavioral and technological pitfalls in these tools. Finally, we conclude that finding pitfalls in the usage of tools by cybercriminals has the potential to increase the efficiency of disruption, interception, and prevention approaches. However, in future work, interviews with law enforcement experts and convicted cybercriminals or still active users should be used to analyze the operational security of cybercriminals in more depth

HBO-i domeinbeschrijving 2018: Hoger Beroepsonderwijs ICT-opleidingen

De HBO-i-domeinbeschrijving dient als functioneel kwalificatiekader voor hogescholen, gericht op de startbekwaamheid van ICT-professionals van de toekomst. In vrijwel elk facet van het maatschappelijke, zakelijke, sociale en persoonlijke leven speelt ICT een grote rol. ICT is niet alleen zelf een belangrijke sector van economische bedrijvigheid, het is ook een onmisbare motor voor innovatie in alle kennisintensieve domeinen in onze samenleving. Nederland heeft grote behoefte aan kwalitatief goed opgeleide ICT’ers. Het ICT-domein verbreedt en verdiept zich. Behalve dat de vraag naar ICT'ers toeneemt, neemt ook de specialisatie naar ICT-subdomeinen toe. Om in te kunnen spelen op nieuwe toepassingen, arbeidsmarktvragen, wensen en innovaties is regelmatige actualisering van de HBO-i-domeinbeschrijving noodzakelijk. Naast de ontwikkelingen in het ICT-domein, ontwikkelt ook het onderwijsveld zich. Zo is er in toenemende mate aandacht voor Associate Degree en Professional Master programma's en leidt focus op de match tussen werkveld en opleidingsdoelen tot extra aandacht voor professional skills