Police across Belgium and the Netherlands are claiming to have dismantled an organized crime group responsible for stealing millions of euros from phishing victims.
An action day on June 21 led to the arrests of nine individuals and 24 house searches in the Netherlands. Police also seized firearms, ammunition, jewelry, electronic devices, cash and cryptocurrency, according to Europol.
The scheme itself appears to have been pretty simple in its conception and execution.
Unsolicited messages were sent to victims via email, text and IM channels, with a link to what was claimed to be a legitimate banking site.
After clicking through, the victims were taken to a phishing site and tricked into entering their real banking log-ins. This enabled the group to hijack the accounts, and use money mules to transfer funds to other accounts before cashing out.
Some members of the group have also been linked to drug trafficking and possibly trading in firearms, Europol claimed.
The scheme enabled the group to steal several million euros from their victims, amounting to millions of dollars.
Recorded phishing attacks hit an all-time high in the first quarter of 2022, topping one million for the first time, according to industry body the Anti-Phishing Working Group (APWG).
It claimed the financial sector was the worst hit, with spoofed messages coming from banks and similar businesses accounting for 24% of the total.
March was the worst month on record for phishing, with 384,291 attacks detected.
Organized crime groups increasingly use cyber campaigns as just one way to generate revenue, according to a Europol report from 2020.
“Criminal groups seldom concentrate on a single criminal activity,” it noted. “They often engage in various activities. For example, drug trafficking is often combined with other activities such as fraud, money laundering and illegal immigration.”