Skip links

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday.

Most of those detained were cuffed in Spain, and the rest in Italy, by Spanish National Police, Italian National Police, Europol, and Eurojust, we’re told.

It’s claimed the suspects scammed hundreds of victims using phishing; SIM swapping attacks, in which crooks typically take control of people’s cellphone numbers to get account login tokens texted to them; and so-called business email compromise, in which fraudsters typically use bogus invoices and the like to trick company staff into transferring money to the thieves.

According to the Euro plod, the alleged criminals were essentially based in Tenerife, one of Spain’s Canary Islands, and targeted mainly Italian nationals – plus Spanish, English, German, and Irish folks. Money extracted via phishing, social engineering, and hijacked online bank accounts was then laundered via money mules and shell companies. All in all, the enterprise made about €10m (£8.6m, $11.7m) profit, it is claimed.

“This large criminal network was very well organised in a pyramid structure, which included different specialised areas and roles,” said Europol in a canned statement.

Within this crime syndicate, Europol said, some members were computer experts who created phishing websites and executed cyber-fraud; others were recruiters and money-mule organizers; and some were money-laundering experts who sometimes used cryptocurrencies. The cops said some of those cuffed have “links to mafia organisations.” We wouldn’t be surprised at all if the mob has or had ties to other phishing and cyber-fraud rings.

An investigation into the Tenerife affair resulted in 16 house searches and 118 frozen bank accounts. In the process, officers seized many electronic devices, 224 credit cards, SIM cards, and point-of-sale terminals, plus a marijuana plantation and associated farming and distribution equipment.

It took the authorities over a year to infiltrate and break up the operation, which included some work-abroad opportunities for the three analysts and one forensic expert at the Hague-headquartered Europol dispatched to Tenerife and Italy.

Spanish National Police have more details here. The Italians have a similar breakdown of the operation here.

For instance, we’re told by the Italian police that the stolen funds “were later recycled through the purchase of cryptocurrency or reinvested in further criminal activities, such as prostitution, drug production and trafficking, and arms trafficking.”

Breaking up such cybercrime is not a new gig for Europol and its pals. In the past, the law enforcement agency busted an operation that involved fraudsters hijacking companies’ email systems to send messages that convinced those businesses’ customers to wire payments to the crooks’ bank accounts. The cops also raided homes of suspected users of Droidjack, a strain of Android malware.

You have to hand it to the Mafia for keeping up with the times and trends as phishing, business email compromise, and SIM swapping are truly crimes of the era. Google claims it stops more than 100 million harmful emails from going into Gmail accounts per day, and during the peak of the pandemic last year, there were 18 million daily malware and phishing emails related to COVID alone. ®