The phishing gang was not helped by a VPN, nor by the fact that the group was dispersed throughout Spain. 13 people were arrested, seven more are under investigation. In total, the attackers robbed almost 150 people in the amount of half a million dollars.
“Your card has been blocked. Call back…”
The Spanish police announced the defeat of the group engaged in phishing. 13 people were arrested, seven more are under investigation, but so far remain at large. The defendants stole almost half a million euros from 146 victims.
The attackers sent messages to potential victims imitating security alerts on behalf of a specific bank and extorted bank account access details from them. To do this, first of all, fake sites were used that meticulously imitated the pages of a real bank. Unsuspecting victims entered logins and passwords there, thereby making them available to attackers.
Money from them was pumped to dummy accounts for further cashing out using “money mules”. As noted in the material of the publication Bleeping Computer, the people who were used in this capacity did not always act voluntarily.
Phishing gang cracked in Spain
In addition, the attackers transferred funds to Côte d’Ivoire or made large purchases online or took large loans from the bank on behalf of their victims.
Three years of fishing
Law enforcement agencies began investigating in 2018, when the first complaints began to come in, both directly from the victims and from the banks from which the phishers were stealing money. Bank security services found suspicious purchases that were made in foreign online stores, in particular French ones.
In total, the attackers managed to rob nearly one and a half hundred people for a total of 443.6 thousand euros (approximately $466 thousand).
CNews Analytics: Atlas of the Russian Internet of Things Market
Internet of Things
“The catch is relatively modest, but if you calculate the arithmetic mean, it turns out that the attackers robbed each victim for a very significant amount,” says Mikhail Zaitsev, an information security expert at SEQ. – Once again, the thesis that phishing does not lose its effectiveness is confirmed: no matter how many technical measures are taken against it, no matter how many times users are warned not to trust “messages from banks”, there will still be those who fall for the bait. Particularly well-made.”
The investigation revealed that the phishers used the VPN to mask their real location, posing as users from Morocco, France, Germany or the United States.
However, the police managed to find out the real location of the gang members. True, this took three years: a multi-stage operation to identify criminals continued from January 2019 to April 2022. Arrests were made in eight Spanish cities, including Cordoba and the country’s capital, Madrid.