International Takedown of €300 Million Credit Card Fraud and Money Laundering Network
International law enforcement agencies dismantled three interconnected credit card fraud and money laundering networks responsible for defrauding millions of victims worldwide. The operation, coordinated by Eurojust and Europol and involving authorities from Germany, the USA, Canada, Singapore, Luxembourg, Cyprus, Spain, Italy, and the Netherlands, resulted in the arrest of 18 individuals, including five executives from four German payment service providers. The fraudsters used stolen credit card data to create fake online subscriptions for dating, pornography, and streaming services, keeping charges below €50 to avoid detection and laundering proceeds through shell companies and complicit payment providers. Authorities estimate the fraud affected over 4.3 million cardholders, involved 19 million accounts, and resulted in losses exceeding €300 million, with attempted fraud totaling more than €750 million.
The investigation began in Luxembourg and expanded globally, with German authorities conducting 29 searches and seizing assets worth over €35 million, including luxury vehicles, cryptocurrency, and electronic devices. The suspects, hailing from multiple countries, are accused of exploiting payment infrastructure and using shell companies in Cyprus and the UK to obscure transactions. The operation, dubbed "Operation Chargeback," highlights the role of complicit financial service providers and the use of "Crime-as-a-Service" vendors to facilitate large-scale, cross-border financial crime. The case underscores the complexity and international scope of modern payment fraud and the importance of coordinated law enforcement action.
Sources
1 more from sources like bank info security
Related Stories
Major International Law Enforcement Actions Against Cybercrime and Financial Fraud Networks
Law enforcement agencies across multiple countries have conducted significant operations targeting cybercriminal groups responsible for large-scale financial fraud, data breaches, and cryptocurrency theft. In Spain, police arrested a 19-year-old hacker accused of stealing and attempting to sell 64 million personal data records from nine companies, while Ukrainian authorities apprehended a separate data broker who used custom malware to compromise accounts and sell access on hacker forums. In California, a member of the so-called "Social Engineering Enterprise" pleaded guilty to laundering millions in cryptocurrency stolen through sophisticated social engineering attacks, with the group responsible for a $263 million heist and extravagant spending of the proceeds. Meanwhile, Russian police dismantled a gang that used NFCGate-based malware to steal millions from bank customers by tricking victims into installing fake banking apps and harvesting card credentials for remote theft. A major international operation led by Europol and Eurojust dismantled a €700 million cryptocurrency scam network in Europe that used deepfake videos and aggressive marketing to lure victims into fake investment schemes. The network operated numerous fraudulent platforms, laundered funds through complex channels, and was taken down in coordinated raids across several countries, resulting in arrests and the seizure of cash, cryptocurrencies, and luxury items. These actions highlight the growing sophistication of cyber-enabled financial crime and the increasing collaboration between law enforcement agencies to disrupt such operations on a global scale.
3 months agoEuropean Law Enforcement Dismantles SIM Card-Based Cybercrime Network
European law enforcement agencies have dismantled a sophisticated cybercrime network that provided phone numbers and SIM cards to criminals, enabling a wide range of fraudulent activities across Europe. The operation, coordinated by Europol, involved authorities from Latvia, Austria, and Estonia, and resulted in the arrest of at least five to seven individuals, including the alleged organizer of the illicit service. During the raids, police seized 1,200 SIM box devices containing 40,000 active SIM cards, as well as five servers and hundreds of thousands of additional SIM cards. The network operated an online platform that allowed criminals to rent phone numbers registered in more than 80 countries, which were then used to create fake accounts on social media and messaging platforms. These accounts facilitated crimes such as phishing, investment scams, account intrusions, credential and financial data theft, extortion, migrant smuggling, and the distribution of child sexual abuse material. Investigators linked the group to over 3,000 cyber fraud cases, with financial losses exceeding 5 million euros ($5.8 million), primarily in Austria and Latvia. The infrastructure supporting the operation was described as highly advanced and professionally organized, featuring a polished website and a global logistics network for procuring SIM cards. The service appeared to operate as a legitimate business, masking its true purpose and scale. Authorities estimate that more than 49 million online accounts were created using the illicit service, allowing criminals to conceal their identities and locations. The operation, dubbed "SIMCARTEL," involved 26 searches in Latvia and was described by Latvian police as unprecedented in scale and complexity. One of the main suspects had a prior criminal history in Estonia, including arson and extortion. The takedown of this network is considered a significant blow to cybercriminals who rely on anonymous phone numbers to evade detection and law enforcement. Europol emphasized the unique and novel nature of the scheme, noting that it posed a new challenge for European authorities. The successful operation demonstrates the effectiveness of international cooperation in combating organized cybercrime. The seized infrastructure and arrests are expected to disrupt ongoing and future cyber-enabled fraud schemes across Europe and beyond. Authorities continue to investigate the full extent of the network's activities and its connections to other criminal enterprises.
4 months ago
European Law Enforcement Takedowns of Phishing and Investment-Fraud Networks
European law enforcement reported multiple cyber-enabled fraud disruptions, including a Eurojust-supported operation that dismantled a **fraudulent call-centre network** operating from three offices in Dnipro. Authorities from Latvia, Lithuania, and Ukraine arrested **11 suspects**, seized **more than €400,000** in cash, and collected electronic evidence (computers, SIM cards, documents) during searches at **32 locations**. The group allegedly ran a fake cryptocurrency investment platform and used **remote access software** to gain access to victims’ online banking and move funds to accounts and crypto wallets under their control. Separately, Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group operating in Poland and Germany that used **phishing** to hijack Facebook accounts and extract **BLIK** payment codes. Investigators identified **11 group members**, placed **six** in pretrial detention, and seized **over 100,000** stolen Facebook credentials; prosecutors filed **400+ charges** including unauthorized access, online fraud, and money laundering. A South Korean case involving the breach of Seoul’s bike-hire service *Ttareungyi* (4.62 million users affected) is a distinct incident and not part of the European takedown actions described above.
3 weeks ago