Getty Images/iStockphoto

Italian Mafia implicated in massive cybercrime network

A recent spate of phishing attacks and SMS fraud scams in Spain is being blamed on cybercriminals who were operating from the Canary Islands with backing from the Italian mob.

European law enforcement agencies have broken up a massive phishing and SMS fraud ring that was conducted with the backing of the Italian Mafia.

Europol said Monday it arrested 106 people as part of its bust of the online fraud ring. In addition to the arrests, the police agency said that it searched 16 houses, froze 118 bank accounts, and froze 224 credit cards along with multiple SIM cards and point-of-sale terminals.

Credit for the bust was also given to Spain's Policía Nacional and Italy's Polizia di Stato for providing local assistance in their respective countries.

It seems the operation was a veritable grab bag of online fraud schemes. Authorities say the crew was involved in phishing operations, SIM-swapping account thefts and business email compromise (BEC) scams. The seizure of point-of-sale machines would also suggest that the criminals were interested in stealing credit card details from retailers. Police estimate that the various schemes were bringing in around 10 million euros per year.

According to Europol, the massive network of fraudsters, money launderers and other career criminals was operating across the continent, with one of Spain's Canary Islands, Tenerife, as their main base of operations.

The roots of the fraud operation, however, were traced back to Italy.

"Most of the suspected members are Italian nationals," Europol said in its announcement, "some of whom have links to mafia organizations."

Most of the suspected members are Italian nationals, some of whom have links to mafia organizations.
Europol statement

It was not only hackers who were nabbed in the takedown.

While Europol was not specific about who did what in the operation, police noted that a number of those arrested were money mules: people whose function is to accept deposits from defrauded accounts and then launder the cash by transmitting it, either directly or via a medium such as gift cards, into the hands of the criminals who are actually committing the fraud.

Money mules can be wise to the operation, but are often unwitting participants believing they have a legal job.

Europol noted that in addition to the mules, there were also a number of go-betweens who were well-versed in the art of money laundering. This was key in getting the pilfered funds back to Italy without alerting authorities.

"This large criminal network was very well organized in a pyramid structure, which included different specialized areas and roles," Europol said.

"Among the members of the criminal group were computer experts, who created the phishing domains and carried out the cyber fraud; recruiters and organizers of the money-muling; and money laundering experts, including experts in cryptocurrencies."   

Dig Deeper on Threats and vulnerabilities

Enterprise Desktop
Cloud Computing