Over One Hundred Arrests In Business Email Compromise Swoop

Uploaded on 2022-08-01 in GOVERNMENT-Law Enforcement, FREE TO VIEW

European police have released details of two major operations against business email compromise (BEC) fraudsters, which resulted in the arrest of 106 suspects, mostly from Spain and Italy. Operation Wine Cellar and Operation Theatre were carried out in November 2021 but are only now being made public due to operational reasons.

The arrests were made following two complex fraud cases in which security forces identified an organised crime group targeting state-owned companies. The scheme defrauded 94 organisations in this way, racking up profits of €2.8m. 

The criminals used a “sophisticated money laundering infrastructure” to obfuscate the flow of proceeds from these crimes and hamper investigator efforts to track it down. Europol, which provided support to the Hungarian authorities during the operations said. “The criminals would impersonate a service company to inform their victims that the service company now had a new bank account to which the payments for the provided services should be sent.” 

This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles. Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organisers of the money muling; and money laundering experts, including experts in crypto currencies. 

Europol money laundering specialists and economic analysts were sent to Hungary to help investigators with house searches and forensic assessment of seized gadgets.

The police campaigns have been named Operation Wine Cellar and Operation Theatre and were carried out by the Anti-Economic Crime Department of the Budapest Metropolitan Police and Europol’s European Financial and Economic Crime Centre assisted in the operations. 

The fraudsters leveraged fake invoices to achieve their financial goals, impersonating a service company to trick victims into thinking that they owed the service money via a new bank account. Using this technique, the scheme was successful in defrauding 94 organisations, resulting in millions of dollars in profit.

BEC has been the highest-earning cyber crime type for threat actors for a number of years and in 2021 the losses for victims were almost $2.5 billion.

Europol:    Scammer Info:     Oodaloop:     Infosecurity Magazine:   Cybersecurity News:    Security Week:

You Might Also Read: 

Online Con Tricks Senior Executives Out of Millions:

 

« Why A Managed Security Service Provider Should Be On Your Cyber Roadmap
For Sale: 5.4m Twitter Users’ Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Cyber Aware

Cyber Aware

Cyber Aware aims to drive behaviour change amongst small businesses and individuals, so that they adopt simple secure online behaviours.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

ShadowDragon

ShadowDragon

ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.

Secure Blockchain Technologies (SBT)

Secure Blockchain Technologies (SBT)

SBT is a team of Enterprise IT Security Professionals weaving security and Blockchain Technology into our customer’s operational fabric.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

TAV Technologies

TAV Technologies

TAV Technologies is a provider of technology services to the aviation industry in areas including airport infrastructure systems, digital transformation and cybersecurity.

Aurora Systems Consulting

Aurora Systems Consulting

Aurora is a Cybersecurity solutions provider with a portfolio consisting of security consulting, products and services that proactively prevent, secure and manage advanced threats and malware.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

HiScout

HiScout

HiScout is your integrated management system for IT governance, risk & compliance.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Seemplicity

Seemplicity

Seemplicity revolutionizes the way security teams work by automating, optimizing and scaling all risk reduction workflows in one workspace.

Nasuni

Nasuni

The Nasuni File Data Platform offers the protection, detection, and recovery of file shares from ransomware attacks or random disasters within minutes.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.