In an extensive operation, the Spanish National Police arrest 40 individuals. This includes 15 members of a criminal organization and two hackers, for their alleged involvement in a phishing scam. The operation took place in Madrid and Seville, involved the arrest of 23 individuals linked to illegal financial operations. The cybercrime operation was led by phishing campaigns. This is through email and SMS, affecting over 300,000 people, leading to losses of approximately €700,000 ($770,000).
The Method and Execution of the Phishing Campaign
The cybercriminals used hacking tools and business logistics to carry out computer scams, stealing credit card information of unsuspecting victims. The credit card information was helpful to purchase cryptocurrency. Later exchanged for fiat currency into a common box. The cybercriminals systematically used stolen credit card information by encouraging unsuspecting victims to log into phishing websites through SMS messages. These websites was in such a way that they appeared identical to the legitimate bank portal. Once the victim clicks the link and enter their account credentials, the cybercriminals monitor the data in real-time. This is via phishing panels. They use to request loans, link new verification phone numbers to the accounts. After that they link the cards to virtual cryptocurrency wallets under their control.
Parallel Cash-Out Systems
The parallel cash-out systems involve hiring money mules. It is to receive the money through bank transfers, withdrawing it from ATMs, and using Point of Sale (PoS) terminals belonging to shell online e-commerce businesses to make false purchases. The stolen amounts were used to fund the groups’ expenses, including purchasing drugs and arms, financing meetings, paying lawyers, and sending money directly to imprisoned members of the gang. Additionally, the remaining amounts are given to the Dominican Republic. The other group members use the money to purchase real estate.
International Collaboration
The Spanish police are currently working with international partners. It is to locate stolen amounts and recover the assets. Organized crime gangs have turned to cybercrime as a new revenue stream. In the case of Trinitarios, the Spanish police allege that the group did use money through phishing. This was to cover their legal and operational expenses.
In September 2021, Europol conducted coordinated law enforcement operations to dismantle an extensive network of cybercriminals linked to the Italian mafia, making profits of over €10 million ($11.7 million) yearly, through SIM swapping and business email compromise attacks. These operations signal the increasing shift of organized crime to cybercrime in search of new income sources.
Recap of Phishing attack
The Spanish police believe that the arrests are a significant strike against cybercrime and the operations of organized crime groups in Spain. The police operation is still ongoing, and more arrests are expected as investigations continue. Meanwhile, the Spanish National Police urge the public to remain alert and cautious, especially regarding messages and links from unidentified sources.