INTERPOL Operation Synergia III Disrupts Global Phishing and Fraud Infrastructure
INTERPOL said Operation Synergia III led to the arrest of 94 suspects, the seizure of 212 devices and servers, and the sinkholing or takedown of more than 45,000 malicious IP addresses tied to cybercrime infrastructure across 72 countries and territories. The operation ran from July 2025 through January 2026 and targeted infrastructure supporting phishing, malware, ransomware, romance scams, credit card fraud, and related online fraud. Authorities said 110 additional individuals remain under investigation, underscoring that follow-on enforcement activity is still ongoing.
Preliminary case details show broad international participation and a focus on both technical infrastructure and fraud operators. In Macau, investigators identified more than 33,000 phishing and fraudulent websites, including fake casino, banking, government, payment, and other critical-service sites used to steal credentials and payment data. In Bangladesh, authorities arrested 40 suspects and seized 134 devices linked to loan scams, employment scams, identity theft, and credit card fraud, while in Togo police arrested 10 suspects tied to a fraud ring whose members split responsibilities between account compromise and social-engineering schemes such as romance and sextortion scams. The reporting describes a coordinated law-enforcement disruption of active criminal infrastructure rather than a vendor announcement or generic security guidance.
Related Entities
Organizations
Sources
2 more from sources like register security and data breaches net
Related Stories
INTERPOL Operation Red Card 2.0 African Cybercrime Crackdown
**INTERPOL’s Operation Red Card 2.0**, coordinated under the **African Joint Operation against Cybercrime (AFJOC)**, resulted in **651 arrests** across **16 African countries** and the recovery of **over $4.3 million** tied to online scam activity. The operation ran from **December 8, 2025 to January 30, 2026**, identified **1,247 victims**, and targeted criminal activity linked to **over $45 million** in losses, including **high-yield investment fraud**, **mobile money fraud**, and **fraudulent mobile loan applications**. Law enforcement reported significant disruption activity, including the seizure of **2,341 devices** and takedowns of **1,442 malicious IPs/domains/servers (and related infrastructure)**. Notable actions included Nigeria dismantling an investment-fraud ring that leveraged **phishing, identity theft, and social engineering** (with **1,000+ fraudulent social media accounts** removed) and arresting **six suspects** accused of breaching a major telecom provider using **compromised staff credentials** to steal airtime/data for resale; Kenya arrested **27 suspects** tied to social-media/messaging-driven fraud schemes; and Côte d’Ivoire arrested **58 suspects** linked to predatory loan-app activity with hidden fees and abusive collection practices.
3 weeks ago
European Law Enforcement Takedowns of Phishing and Investment-Fraud Networks
European law enforcement reported multiple cyber-enabled fraud disruptions, including a Eurojust-supported operation that dismantled a **fraudulent call-centre network** operating from three offices in Dnipro. Authorities from Latvia, Lithuania, and Ukraine arrested **11 suspects**, seized **more than €400,000** in cash, and collected electronic evidence (computers, SIM cards, documents) during searches at **32 locations**. The group allegedly ran a fake cryptocurrency investment platform and used **remote access software** to gain access to victims’ online banking and move funds to accounts and crypto wallets under their control. Separately, Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group operating in Poland and Germany that used **phishing** to hijack Facebook accounts and extract **BLIK** payment codes. Investigators identified **11 group members**, placed **six** in pretrial detention, and seized **over 100,000** stolen Facebook credentials; prosecutors filed **400+ charges** including unauthorized access, online fraud, and money laundering. A South Korean case involving the breach of Seoul’s bike-hire service *Ttareungyi* (4.62 million users affected) is a distinct incident and not part of the European takedown actions described above.
2 weeks ago
Law Enforcement Disrupts Cybercrime Networks and Arrests Ransomware and Fraud Suspects
International and national law enforcement actions were reported targeting a range of cybercrime activity, including ransomware, extortion, and large-scale fraud. SentinelOne summarized multiple cases: Dutch authorities arrested a man accused of attempting to extort officials after receiving sensitive documents by mistake and refusing to delete them; Polish authorities detained a suspect linked to the **Phobos** ransomware-as-a-service ecosystem as part of Europol-coordinated **Operation Aether**, seizing materials such as stolen credentials and access information; and **Operation Red Card 2.0** (coordinated through Interpol/AFJOC) resulted in hundreds of arrests across multiple African countries, along with seizures of devices, takedowns of malicious sites, and recovery of funds tied to investment fraud and mobile-money/loan scams. Separately, Security Affairs’ weekly newsletter highlighted additional ongoing cyber risk items that align with the same broad theme of active cybercrime and enforcement pressure, including an **FBI warning** about a surge in **ATM jackpotting** losses and reporting on **Operation Red Card 2.0**. Other items in the Security Affairs roundup (e.g., additions to CISA’s KEV catalog, vendor/software issues, and various malware reports) were presented as a curated link list rather than a single unified incident. A SOCRadar profile on the China-attributed **Lotus Blossom** espionage group and a Tom’s Hardware historical piece on the first computer search warrant are not part of the law-enforcement disruption story and do not materially support the same specific event narrative.
3 weeks ago