Over One Hundred Arrests In Business Email Compromise Swoop

European police have released details of two major operations against business email compromise (BEC) fraudsters, which resulted in the arrest of 106 suspects, mostly from Spain and Italy. Operation Wine Cellar and Operation Theatre were carried out in November 2021 but are only now being made public due to operational reasons.

The arrests were made following two complex fraud cases in which security forces identified an organised crime group targeting state-owned companies. The scheme defrauded 94 organisations in this way, racking up profits of €2.8m. 

The criminals used a “sophisticated money laundering infrastructure” to obfuscate the flow of proceeds from these crimes and hamper investigator efforts to track it down. Europol, which provided support to the Hungarian authorities during the operations said. “The criminals would impersonate a service company to inform their victims that the service company now had a new bank account to which the payments for the provided services should be sent.” 

This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles. Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organisers of the money muling; and money laundering experts, including experts in crypto currencies. 

Europol money laundering specialists and economic analysts were sent to Hungary to help investigators with house searches and forensic assessment of seized gadgets.

The police campaigns have been named Operation Wine Cellar and Operation Theatre and were carried out by the Anti-Economic Crime Department of the Budapest Metropolitan Police and Europol’s European Financial and Economic Crime Centre assisted in the operations. 

The fraudsters leveraged fake invoices to achieve their financial goals, impersonating a service company to trick victims into thinking that they owed the service money via a new bank account. Using this technique, the scheme was successful in defrauding 94 organisations, resulting in millions of dollars in profit.

BEC has been the highest-earning cyber crime type for threat actors for a number of years and in 2021 the losses for victims were almost $2.5 billion.

Europol:    Scammer Info:     Oodaloop:     Infosecurity Magazine:   Cybersecurity News:    Security Week:

You Might Also Read: 

Online Con Tricks Senior Executives Out of Millions:

 

« Why A Managed Security Service Provider Should Be On Your Cyber Roadmap
For Sale: 5.4m Twitter Users’ Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Arista Networks

Arista Networks

Arista Networks is an industry leader in data-driven, client to cloud networking for large data center, campus and routing environments.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Myra Security

Myra Security

The fully automated Myra DDoS Protection reliably protects web applications, websites, DNS servers, and IT infrastructures.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

ISA Security Compliance Institute (ISCI)

ISA Security Compliance Institute (ISCI)

ISCI, a not-for-profit automation controls industry consortium, manages the ISASecure™ conformance certification program for industrial automation and control systems.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

Diligent

Diligent

Diligent's SaaS GRC platform gives leaders a connected view of governance, risk, compliance and ESG across their organization.

Verica

Verica

Verica uses chaos engineering to make systems more secure and less vulnerable to costly incidents.

Incognia

Incognia

Incognia have created a ubiquitous private identity based on location behavior, that enables a personalized frictionless experience with mobile apps and connected devices.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

Cool Waters Cyber

Cool Waters Cyber

Cool Waters Cyber manage cyber security governance, risk and compliance.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.