The Spanish National Police have dismantled a cybercriminal organization that carried out a variety of computer scams to steal and monetize the data of over four million people.
Law enforcement in the country conducted 16 targeted searches in Madrid, Malaga, Huelva, Alicante, and Murcia and arrested 34 members of the crime group.
The police raids led to the confiscating of firearms and hand weapons, four high-end cars, 80,000 euros in cash, and computers hosting a database with information on four million people.
The Spanish police explain that the arrested individuals are linked to email and SMS phishing that impersonated delivery firms and electricity suppliers.
Additionally, the scammers performed ‘son in distress’ calls to steal money from parents by making them think their child is in trouble or stranded somewhere.
In other cases, they reportedly took advantage of an insider’s position in an international tech firm to reroute merchandise to addresses under the threat actor’s control.
The threat group generally didn’t have a fixed modus operandi, and their scamming repertoire was wide and varied.
False loan trick
Investigation on the particular group launched in early 2023 following the submission of thousands of complaints describing a common pattern of trickery.
Specifically, the scammers breached the databases of various financial and credit institutions, and apart from stealing customer data, they used their access to credit amounts of money to customer accounts.
Next, they contacted these clients to inform them that they had received a loan due to a computer error, and they were now obliged to repay it by following specific instructions.
The victims were then directed to phishing sites impersonating their banking institutions and entered sensitive details that were sent to the scammers.
The profit from these activities was primarily from reselling the stolen data to other cybercriminals and is estimated to be €3,000,000 ($3.2 million).
The police say the high-ranking threat group members funneled the proceeds into crypto asset investment platforms to obfuscate the trail of the money.
Those identified as leaders of the cybercrime ring are already behind bars, and efforts to identify more perpetrators and victims will persist in the upcoming months.