Phishing attacks: Police make 106 arrests as they break up online fraud group
Police have dismantled an organised crime group linked to the Italian mafia that defrauded hundreds of victims through phishing attacks and other types of online fraud.
The joint operation was led by the Spanish National Police (Policía Nacional), with support from the Italian National Police (Polizia di Stato), Europol and Eurojust and has resulted in 106 arrests across Spain and Italy.
According to Europol, the crime operation used phishing, SIM swapping and business email compromise (BEC) attacks and it's estimated that this led to profits of around €10 million ($11.7 million) during last year alone.
SEE: Don't want to get hacked? Then avoid these three 'exceptionally dangerous' cybersecurity mistakes
Described as "very well organised", the group included a number of experts in computer crime tasked with creating phishing domains and carrying out cyber fraud. Other individuals involved in the criminal network included money mules and money-laundering experts, including experts in cryptocurrency.
Working out of the Canary Islands, Spain, the criminals tricked victims – mostly from Italy – into sending large sums of money to bank accounts they controlled, before laundering the proceeds through money mules and shell companies.
BEC is one of the most lucrative forms of cybercrime, costing businesses billions a year, according to the FBI.
In addition to 106 arrests, 118 bank accounts have been frozen and a number of devices have been seized, including 224 credit cards, SIM cards and point-of-sale terminals.
Police were investigating the group for over a year before making arrests. As part of the operation, Europol deployed two analysts and one forensic expert to Tenerife, Spain and one analyst to Italy. Europol also funded the deployment of three Italian investigators to Tenerife to support the Spanish authorities during the action day.
MORE ON CYBERSECURITY
- Business email compromise: 23 charged over 'sophisticated' fraud ring
- Researchers turn the spotlight on the hidden workers of the cybercrime world
- FBI and European law enforcement shut down VPN used by ransomware groups
- Unsecured servers and cloud services: How remote work has increased the attack surface that hackers can target
- 'High-level' organiser of FIN7 hacking group sentenced to 10 years in prison