The group impersonated tax authorities to dupe victims into handing over their account details.
20 suspected fraudsters have been arrested in connection with a banking fraud scheme which resulted in the loss of over a million euros.
On Thursday, Europol said that the arrests are the result of a two-year investigation between the agency, the Romanian National Police and the Italian National Police, and Eurojust.
On 28 March, a series of arrests took place across Europe. In total, the raids resulted in the arrest of nine individuals from Romania and 11 in Italy, all of which are remanded in custody.
Law enforcement alleges that the group used spear phishing and mass email campaigns to impersonate tax agencies. The emails were crafted to appear from legitimate sources in order to lure victims to click on malicious links which led to fraudulent websites.
These domains then requested the online banking credentials of victims. When submitted, these credentials were then used by the scammers to make fraudulent transactions to bank accounts under their control.
The funds, now deposited into attacker-linked accounts, were then withdrawn from Romanian ATMs.
According to Europol, roughly one million euros was stolen from hundreds of customers belonging to two unnamed banks.
“The highly organized crime group (OCG) pursued its criminal activity using encrypted chat applications,” Europol says. “It established its power by applying intimidating and punitive methods towards affiliates and competitors. The OCG is also suspected of money laundering, drug and human trafficking, prostitution and participation in a criminal organization.”
Europol has been busy. Earlier this week, the agency said the suspected leader of a criminal ring responsible for the theft of over €1 billion from financial institutions has been arrested.
The suspect is believed to be behind the Carbanak and Cobalt malware campaigns which targeted over 100 financial institutions, stealing at least €10 million per successful heist.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.