CEPOL Strengthens Cybercrime Investigation Skills in the Western Balkans

The Western Balkans Partnership against Crime and Terrorism (WB PaCT) project with support from the Western Balkans Cyber Capacity Centre (WB3C), and experts from Europol and the Romanian Police, recently organised an advanced training course on cybercrime investigations in Montenegro. The event brought together thirteen experienced law enforcement practitioners from Albania, Bosnia and Herzegovina, Kosovo*, Montenegro and North Macedonia. This collaborative initiative aimed to enhance law enforcement capacity in tackling increasingly sophisticated cyber threats.

As part of the Contact Learning Phase, which followed the Independent Learning Phase designed to establish a strong professional foundation, the comprehensive training covered many critical topics for modern cybercrime investigations. Participants gained insights into advanced investigative techniques, emerging cyber threats, and the critical role of cross-sector collaboration in addressing various aspects of cyber-attacks. They explored the modi operandi behind spoofing cases, including tactics such as REAP deals, IMSI catchers, and phone number spoofing. The training covered advanced tools and techniques for spoofing investigations and highlighted the critical role of public-private sector partnerships in addressing such cases.

In the session on cryptocurrency fraud and asset seizure, participants learned how to trace illicit cryptocurrency transactions involving hot and cold wallets, mixers, and tumblers. They also examined techniques for confiscating digital assets and strategies for improving cooperation with cryptocurrency exchanges. The sessions also addressed Distributed Denial of Service (DDoS) attacks where investigative methods tailored for DDoS cases were discussed, along with the importance of national and international cooperation. Additionally, the sessions highlighted the value of engaging the private sector to enhance investigative outcomes and mastering a structured process for DDoS investigations, drawing lessons from past cases.

Open-Source Intelligence (OSINT) was also addressed, focusing on the use of artificial intelligence to optimise the OSINT cycle. This AI-driven approach enables more efficient and accurate intelligence gathering.

Europol experts shared invaluable insights and best practices, emphasising the importance of staying ahead of evolving cyber threats. The training highlighted the critical need for continuous learning and cooperation in the face of increasingly sophisticated cybercriminal activities.

The following critical topics were also discussed during the activity: online scams and phishing attacks; business email compromise and investment fraud; deep and dark web investigations; money laundering involving cryptocurrencies; interagency and international cooperation.

This training initiative reflects the Agency’s ongoing commitment to improving cybersecurity measures and fostering collaboration across Europe and the Western Balkans. By investing in capacity-building efforts, CEPOL aims to facilitate a unified response to cybercrime in order to help prevent digital threats. 

*This designation is without prejudice to positions on status, and it is in line with the UNSCR 1244/1999 and the ICJ Opinion on the Kosovo declaration of independence.