Police in Belgium and the Netherlands say they have busted an organized crime group responsible for stealing millions of euros from phishing victims.
A day of action on June 21 led to the arrest of nine individuals and 24 house searches in the Netherlands. Police also seized firearms, ammunition, jewelry, electronics, cash and cryptocurrency, according to Europol.
The scheme itself appears to have been quite simple in design and execution.
Unsolicited messages were sent to victims via email, text and instant messaging, with a link to what was claimed to be a legitimate banking site.
After clicking, the victims were taken to a phishing site and tricked into entering their real bank credentials. This allowed the group to hijack accounts and use money mules to transfer funds to other accounts before withdrawing them.
Some members of the group have also been linked to drug trafficking and possibly the firearms trade, Europol said.
The scheme allowed the group to steal several million euros from their victims, or millions of dollars.
Recorded phishing attacks hit an all-time high in the first quarter of 2022, surpassing one million for the first time, according to industry body Anti-Phishing Working Group (APWG).
He said the financial sector was the most affected, with fraudulent messages from banks and similar businesses accounting for 24% of the total.
March was the worst month ever for phishing, with 384,291 attacks detected.
According to a 2020 Europol report, organized crime groups are increasingly using cyber campaigns as a sole means of generating revenue.
“Criminal groups rarely focus on a single criminal activity,” he noted. “They often engage in various activities. For example, drug trafficking is often combined with other activities such as fraud, money laundering and illegal immigration.