Over One Hundred Arrests In Business Email Compromise Swoop

Uploaded on 2022-08-01 in GOVERNMENT-Law Enforcement, FREE TO VIEW

European police have released details of two major operations against business email compromise (BEC) fraudsters, which resulted in the arrest of 106 suspects, mostly from Spain and Italy. Operation Wine Cellar and Operation Theatre were carried out in November 2021 but are only now being made public due to operational reasons.

The arrests were made following two complex fraud cases in which security forces identified an organised crime group targeting state-owned companies. The scheme defrauded 94 organisations in this way, racking up profits of €2.8m. 

The criminals used a “sophisticated money laundering infrastructure” to obfuscate the flow of proceeds from these crimes and hamper investigator efforts to track it down. Europol, which provided support to the Hungarian authorities during the operations said. “The criminals would impersonate a service company to inform their victims that the service company now had a new bank account to which the payments for the provided services should be sent.” 

This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles. Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organisers of the money muling; and money laundering experts, including experts in crypto currencies. 

Europol money laundering specialists and economic analysts were sent to Hungary to help investigators with house searches and forensic assessment of seized gadgets.

The police campaigns have been named Operation Wine Cellar and Operation Theatre and were carried out by the Anti-Economic Crime Department of the Budapest Metropolitan Police and Europol’s European Financial and Economic Crime Centre assisted in the operations. 

The fraudsters leveraged fake invoices to achieve their financial goals, impersonating a service company to trick victims into thinking that they owed the service money via a new bank account. Using this technique, the scheme was successful in defrauding 94 organisations, resulting in millions of dollars in profit.

BEC has been the highest-earning cyber crime type for threat actors for a number of years and in 2021 the losses for victims were almost $2.5 billion.

Europol:    Scammer Info:     Oodaloop:     Infosecurity Magazine:   Cybersecurity News:    Security Week:

You Might Also Read: 

Online Con Tricks Senior Executives Out of Millions:

 

« Why A Managed Security Service Provider Should Be On Your Cyber Roadmap
For Sale: 5.4m Twitter Users’ Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TUV Sud

TUV Sud

TÜV SÜD is a leading technical service organisation. We specialize in testing, certification, auditing, training, and advisory services for different industries.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

Cyacomb

Cyacomb

Cyacomb (formerly Cyan Forensics) provides digital forensics software to help police forces find evidence on computers many times faster than before.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Austrian Trust Circle

Austrian Trust Circle

Austrian Trust Circle is an initiative of CERT.at and the Austrian Federal Chancellery and consists of Security Information Exchanges in the areas of the strategic information infrastructure.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Bolster

Bolster

Bolster (formerly RedMarlin) is an AI-based cyber-security platform designed to detect phishing and fraudulent sites in real-time.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

r00tz Asylum

r00tz Asylum

r00tz Asylum is a nonprofit dedicated to teaching kids around the world how to love being white-hat hackers.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Persona

Persona

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.