The Dutch police have recently apprehended multiple suspects connected to a significant international investment fraud scheme, impacting an estimated tens of thousands of victims.
This organized group managed 20 call centers, employing more than 700 individuals as financial advisors. Authorities estimate that the gang was generating over 100 million euros (approximately $114 million) monthly at its peak.
The call centers were strategically located across various countries, each housing teams with distinct roles and objectives.
The primary suspect, a 46-year-old Israeli-Polish national, was apprehended in Poland on May 26. He was subsequently extradited to the Netherlands, where he has been held for two weeks pending trial.
“According to publicly available online data, he has a history of hacking several prominent government organizations and is recognized as a notorious hacker,” says Dutch police.
“He is now believed to occupy a crucial role within this criminal organization focused on investment fraud.”
Between July 7 and 10, law enforcement arrested several Dutch and Belgian nationals in Cyprus, Greece, and Belgium on suspicion of their involvement in this fraudulent scheme.
Authorities are not ruling out further arrests linked to this extensive cybercriminal network.
The scammers employed a strategy of nurturing trust with their victims over an extended period, showcasing convincing investment platforms that displayed fabricated profits.
Victims were manipulated by call center operators into increasing their “investments,” typically through cryptocurrency transfers. In reality, the perpetrators absconded with the funds while presenting victims with fake dashboards indicating inflated profits.
Dutch authorities have identified at least 550 fraud reports and are tracking $28.6 million in reported losses associated with this criminal operation.
Estimates suggest that there may be tens of thousands of victims worldwide, with most individuals losing over 10,000 euros (around $11,400) in this ongoing investigation.
The group has been operating since at least 2021, utilizing aliases and “technical means” to obscure their true identities and calling origins.
Police assert that the main suspect’s technical proficiency in establishing infrastructure enabled the organization to evade law enforcement for extended periods.
Investigators tracked IP addresses, financial pathways, and other digital signatures, which facilitated an examination of crucial technological equipment, providing invaluable insights into the group’s operations and the whereabouts of the criminals.
Security teams only document 54% of successful attacks, issuing warnings for just 14%. The remainder navigate invisibly within the environment.
Picus’ whitepaper demonstrates how to test your SIEM and EDR rules in breach and attack simulations to ensure threats are detected effectively.
Source: www.bleepingcomputer.com




