Over One Hundred Arrests In Business Email Compromise Swoop

Uploaded on 2022-08-01 in GOVERNMENT-Law Enforcement, FREE TO VIEW

European police have released details of two major operations against business email compromise (BEC) fraudsters, which resulted in the arrest of 106 suspects, mostly from Spain and Italy. Operation Wine Cellar and Operation Theatre were carried out in November 2021 but are only now being made public due to operational reasons.

The arrests were made following two complex fraud cases in which security forces identified an organised crime group targeting state-owned companies. The scheme defrauded 94 organisations in this way, racking up profits of €2.8m. 

The criminals used a “sophisticated money laundering infrastructure” to obfuscate the flow of proceeds from these crimes and hamper investigator efforts to track it down. Europol, which provided support to the Hungarian authorities during the operations said. “The criminals would impersonate a service company to inform their victims that the service company now had a new bank account to which the payments for the provided services should be sent.” 

This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles. Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organisers of the money muling; and money laundering experts, including experts in crypto currencies. 

Europol money laundering specialists and economic analysts were sent to Hungary to help investigators with house searches and forensic assessment of seized gadgets.

The police campaigns have been named Operation Wine Cellar and Operation Theatre and were carried out by the Anti-Economic Crime Department of the Budapest Metropolitan Police and Europol’s European Financial and Economic Crime Centre assisted in the operations. 

The fraudsters leveraged fake invoices to achieve their financial goals, impersonating a service company to trick victims into thinking that they owed the service money via a new bank account. Using this technique, the scheme was successful in defrauding 94 organisations, resulting in millions of dollars in profit.

BEC has been the highest-earning cyber crime type for threat actors for a number of years and in 2021 the losses for victims were almost $2.5 billion.

Europol:    Scammer Info:     Oodaloop:     Infosecurity Magazine:   Cybersecurity News:    Security Week:

You Might Also Read: 

Online Con Tricks Senior Executives Out of Millions:

 

« Why A Managed Security Service Provider Should Be On Your Cyber Roadmap
For Sale: 5.4m Twitter Users’ Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

HackLabs

HackLabs

HackLabs is a penetration testing company providing services for network security, web application security and social engineering testing.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Axence

Axence

Axence provides professional solutions for the comprehensive management of IT infrastructure for companies and institutions all over the world.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

DeepCyber

DeepCyber

DeepCyber supports its customers, with an “intelligence-driven” approach, to improve their proactive detection and response "capability" of cyber threats.

Absio

Absio

Absio provides the technology you need to build data security directly into your software by default, and the design and development services you need to make it happen.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.

Averlon

Averlon

Averlon offers organizations peerless cloud security through Panoptic Cloud Visibility, Predictive Attack Intelligence and Rapid Remediation.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.

Securafy

Securafy

At Securafy, we understand how important it is to have the right IT partner by your side. For over 30 years, we’ve helped businesses stay secure, connected, and compliant.