Europol Breaks Open Mafia Cyber Crime Group

Uploaded on 2021-09-28 in GOVERNMENT-Law Enforcement, FREE TO VIEW

An organised crime group with ties to the Italian Mafia, which prospered on violence, intimidation and has made at least $12 million in online fraud profits, has now been taken down by international law enforcement. The group allegedly used phishing attacks to defraud hundreds of victims.

The suspects used various lures to convince victims - mostly Italian nationals but also Spanish, English, German and Irish targets,  to transfer money to bank accounts controlled by the criminal network, according to Europol

“The group, using hackers specialised in latest-generation phishing and in the use of social-engineering techniques, had taken possession of the home banking credentials of victims… arranging bank transfers for thousands of Euro,” according to a statement from the Italian National Police.

The organised crime group linked to the Italian Mafia was  involved in online fraud, money laundering, drug trafficking and property crime. 

The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as SIM swapping and business email compromise before laundering the money through a wide network of money mules and shell companies. Last year alone, the illegal profit is estimated at about € 10 million. The gang also engaged in other types of online fraud such as SIM swapping and business email compromise (BEC), Europol said. In all cases, the attackers laundered the money through a wide network of money mules and shell companies.In total the criminals made  $12 million (€10 million) from their exploits in 2020.

“The stolen sums were later recycled through the purchase of cryptocurrency or reinvested in further criminal activities, such as prostitution, drug production and trafficking, and arms trafficking,” according to the Italian police. 

Spanish and Italian police officers, supported by Europol and Eurojust, made 106 arrests and the law enforcement agencies also froze 118 bank accounts and performed 16 house searches. Officers seized various collateral used in the operations, including electronic devices, 224 credit cards, SIM cards and point-of-sale terminals - as well as an electric shock machine, which speaks to the gang’s ancillary criminal activities.

“This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles...  Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber-fraud; recruiters and organisers of the money muling; and money-laundering experts, including experts in crypto currencies.”according to a statement from Europol. 

The gang members are mostly Italian nationals but ran their operation from the Canary Islands. Some of those arrested were  fugitives, wanted for ties to organised crime groups like the Camorra in Naples, and Apulia’s Sacra Corona Unita. “This group of criminals had managed to settle and enter different levels of society: Business networks, law firms and banking entities, among others,” according to a Spanish Police statement. “This level of settlement not only gave the organisation impunity for money laundering, but also for the different criminal activities of these Mafia groups carried out in Spain.”

Those activities included robberies and assault, as well as the involvement of several of its members in two homicides. On one occasion they kidnapped a woman and took her at gunpoint to an ATM to steal all the money and open 50 online bank accounts for the organisation.  “The extreme violence of this group was also manifested in other criminal actions. They beat up, robbed and extorted both members of the organisation who deviated from internal regulations and other people or companies in Tenerife who, for fear of reprisals, did not report, which gave them a significant degree of impunity.” the Spanish Police said.

The arrests were carried out by traditional law enforcement as well as cyber experts: The Joint Cybercrime Action Taskforce (J-CAT) at Europol is a standing operational team that consists of cyber-liaison officers from different countries. Europol deployed two analysts and one forensic expert to Tenerife, Spain and one analyst to Italy,” according to the Europol statement. 

Europol:      Threatpost:     Polizia.it:     Policia.es:    Oodaloop:   Daily Advent:      @Oooda:      Image: Unsplash

You Might Also Read: 

International Police Sting Operation Disrupts The Dark Web:

 

« Telegram Is Where Cyber Criminals Do Business
Cyber Security Priorities For The New Normal »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

IOTA Foundation

IOTA Foundation

The IOTA Foundation is a non-profit R&D organisation focused on developing the next generation of protocols for the connected world.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

EvoNexus

EvoNexus

EvoNexus is a technology startup incubator with locations in San Diego, Orange County, and Silicon Valley.

CIBR Warriors

CIBR Warriors

CIBR Warriors are a leading cyber security and networking staffing company that provides workforce solutions with businesses nationwide in the USA.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

Automation Workz

Automation Workz

Automation Workz has been ranked as a top 10 Cybersecurity Bootcamp in the US by Career Karma.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.