Arrested 25 people and 69 victims detected
The National Police dismantled in Barcelona two groups of cybercriminals specialized in scams through phishing and carding
The first of them operated from Mataró and, through a mass mailing of emails, pretended to be a bank and reported a false incidence in their accounts, directing the victims to a fraudulent web domain where they obtained their credentials.
The second of the groups, mostly made up of minors, acted in the Maresme and del Vallés Oriental counties and made fraudulent purchases after obtaining credit card numbers by phishing / carding
July 17, 2019.- Agents of the National Police have dismantled, in two different operations, two networks of cybercriminals settled in the Maresme and Vallès Oriental regions (Barcelona). In total, a total of 25 people have been arrested and 69 victims affected by the scams have been detected. Those arrested were specialized in phishing and carding to obtain credit card numbers and, subsequently, make fraudulent purchases.
Massive sending of fraudulent emails
In the first of the operations, a criminal organization that operated from the town of Mataró (Barcelona) dedicated to committing bank scams through the Internet has been dismantled. As a result of the investigation, ten of its members have been arrested, among which is the head of the plot.
To carry out their illicit activities, those arrested had technological tools with which they massively launched emails, supplanting the identity of a well-known financial institution, and thus capture potential victims. In this message the client was informed of a serious incident in his account and that, to be able to correct it, he had to access a Web domain that simulated that of his entity, where he should enter the keys of access operations to online banking.
The fraudulent emails included a link that, when clicked, redirected the victim to a forged Web page. In this way, the user believed to be in a trusted site where he entered the information requested and, in reality, went to the hands of the cybercriminals allowing them to have control of their bank accounts
Creation of virtual cards after obtaining the numbering
Thanks to the hacking of accounts, they managed to make transfers to ATMs of the entity where members of the organization, known as mules, withdrew it in cash. For this, they had the key generated for the transaction and it was not necessary to have a bank card. They also diverted the money of their victims to accounts of members of the plot, as well as obtained virtual cards with NFC technology that allowed them to make fraudulent purchases or withdraw money at ATMs. A total of 29 complaints of victims who have suffered an economic loss amounting to more than 48,000 euros have been compiled.
In the register carried out in the domicile of the principal in charge, the agents intervened numerous and diverse computer equipment and mobile telephony as well as documentation and bank cards all related to the illicit investigated. In the same way, false and useful paper money was used to make it.
In this operation, a total of ten people have been arrested in the town of Mataró, of Moroccan and Spanish nationality, as alleged perpetrators of crimes of belonging to a criminal organization, fraud and counterfeiting of currency.
Most of the detainees in the second operation are minors
The second criminal group operated from different locations in the regions of Vallés Oriental and Maresme and consisted of 15 people of various nationalities, of whom 12 were minors.
The investigation is initiated as a result of the complaints presented by the victims in the month of November last year. They reported fraudulent charges to holders of credit cards resident in different localities of the national territory, always through the same criminal modus operandi.
It is a defined group and with distribution of functions in which each of them had entrusted its function; in the first level were the brains of the plot in charge of getting the numbering of credit cards by phising / carding to later resell to collaborators who would be in charge of committing the frauds; in a second level were those responsible for making fraudulent purchases with the cloned cards, mostly small electronic products and easy resale; and at a third level, the people who collected the purchases made over the Internet and sent them to automated collection points of courier companies.
Adopted multiple security measures to avoid being identified
Despite the youth of the detainees and lack of background, it should be noted the high level of security measures taken to avoid police action. Among others used stolen identity documents to create profiles and identify the recipients of fraudulent purchases, used remote control systems to leave no trace of the IP of the terminals they used, as well as access to the Tor network to maintain their anonymity.
The agents identified and arrested 15 people as alleged perpetrators of the crimes of fraud, disclosure of secrets and belonging to a criminal group. So far, a total of 40 complaints have been compiled from those affected, without being able to account for the fraud that has occurred since, as a result of the documentation and the overturning of the telephony terminals intervened, it can be inferred that new victims may be affected abroad. The investigation is still open.