The National Police has dismantled a criminal organization made up of 34 people that committed all types of online scams: smishing, phishing and vishing, the “son in distress” scam, manipulation of delivery notes from companies such as Amazon and vishing campaigns pretending to be employees of service companies. In total they scammed more than 3 million euros
Major blow to a cybercriminal organization that committed all types of crimes on the Internet. According to the authorities, they obtained money through smishing, which is a technique through which, with social engineering, they get the victim to share credentials or download malware through SMS text messages. They also had fake pages that pretended to be from banking entities or public administrations (phishing) and the famous vishing, which consists of making calls pretending to be a banking entity, urging the victim to share their passwords to avoid a false charge on their bank account.
They also had no qualms about sending WhatsApps to parents pretending to be a child in need to ask them for money via bank transfer or even sending Bizums. This organization had a database of four million people who presumably could have acquired it on the famous deep web and in the police operation 80,000 euros in cash, computer equipment valued at thousands of euros and even simulated firearms and a katana.
The leaders of the criminal plot hid their identity through spoofing, which is a technique that consists of usurping another person’s electronic identity using intercepted emails or even falsifying the IP address to pretend to be another user. Likewise, the leaders of the organization invested the swindled money in cryptocurrencies to make it difficult to trace the money.
Arrests in several provinces and thousands of complaints
The investigation began at the beginning of 2023 by specialized agents of the Central Cybercrime Unit, when they identified a criminal network that illegally accessed databases from various banking entities, entering different amounts of money from clients into customer accounts. of the credit institution. Later they contacted the clients telling them that due to a computer error they had entered a loan and they had to return it. This was the hook for victims to fall into the trap and share personal data and even make transfers. They then invested that money in crypto assets.
According to police data, they also accessed other databases of other companies and using the same techniques they obtained a huge amount of data. After the operation, the main leaders of the organization are in provisional prison and more than a thousand complaints filed by those affected have been clarified. The bad news is that many victims probably will not be able to recover their money due to the difficulty of tracking down crypto assets.
