Spanish and Italian Police Break Up Phishing Gang
Europol: Illegal Operation Connected to Italian MafiaThe Spanish and Italian national police agencies, in conjunction with Europol have arrested 106 individuals who allegedly are linked to the Italian mafia on a variety of online fraud charges that earned the group at least 10 million euros ($11.7 million) in illegal profits.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
Spanish and Italian law enforcement officers concluded a yearlong operation dubbed "Fontana-Almabahia" that culminated in 16 house searches, froze 118 bank accounts and seized hundreds of credit cards, SIM cards, POS terminals and other electronic devices, Europol announced Monday.
"The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as SIM swapping and business email compromise before laundering the money through a wide network of money mules and shell companies," Europol says. "Last year alone, the illegal profit is estimated at about 10 million [euros]."
In addition to online crime, those arrested allegedly were also involved in money laundering, drug trafficking and property crime. The majority of the arrests were made in Spain, Europol says.
— Policía Nacional (@policia) September 20, 2021
Operaban desde el sur de #Tenerife y blanqueaban dinero para clanes mafiosos italianos
Se han realizado 16 registros en #España e #Italia pic.twitter.com/N7WKFp5yXJ
Organization's Structure
Europol notes that the network taken down by the police was well organized, with individuals having specific areas of responsibility.
"Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organizers of the money muling; and money laundering experts, including experts in cryptocurrencies," Europol says.
The majority of those arrested are Italian nationals, with some having links to mafia organizations, police said. The Spanish Police said most conducted their operations from Tenerife, which is in the Canary Islands off the coast of Spain.
The group's operation contained hackers who specialized in phishing and vishing attacks and in the use of social engineering techniques to take gain access to individual's banking credentials, says the Polizia di Stato (Italian National Police).
The majority of the victims were Italian, but the gang also went after Spanish, English, German and Irish citizens, arranging bank transfers of thousands of euros to Spanish accounts controlled by the gang, the Italian police say.
The stolen money was laundered through the purchase of cryptocurrency or reinvested in other criminal activities, such as prostitution, drug production and trafficking, arms trafficking, Italian police say.
The law enforcement agencies did not identify the individuals or offer details on potential sentences if they are found guilty.
Recent Anti-Cybercrime Operations
Ireland's cybercrime police, the Garda National Cyber Crime Bureau, conducted a "significant disruption operation" earlier this month targeting the IT infrastructure of a cybercrime group. (See: Irish Police 'Significantly Disrupt' Attackers' Operations).
As part of the operation, police seized several domains used in a May ransomware attack against Ireland's national health services provider Health Service Executive, a spokesperson tells Information Security Media Group.
While the GNCCB did not provide the identity of the cybercriminals involved in its most recent operation, HSE had said in May that Conti ransomware was used in the attack.