Spain Arrests 11 Over Sophisticated Phishing Scam

A massive phishing fraud with an approximate loss of over 1 million euros resulted in the arrest of 11 people by the Spanish police, who took possession of crypto, cash, and expensive goods.

Spain has disrupted a criminal organization that operated a complex phishing scheme with the use of fraudulent bank employee tricks. At least eleven suspects were arrested in this crackdown, and several provinces were searched.

This was conducted by the National Police with more than 100 officers. It has attacked a band of fraudsters who defraud victims under the guise of being employees of a bank.

The victims had been pressured by the suspects to provide bank passwords and withdraw bank money. 

They used Wi-Fi systems in hotels and fake names in order to escape. The scheme led to nearly 273 victims in the country, with losses reported to the tune of almost 1 million.

The police confiscated crypto assets, almost 30,000 euros in cash, jewelry, watches, and a lot of mobile phones during raids.

A Deep Dive Into the Scam’s Mechanics

The attackers possessed a large base of customers that they would call and threaten with fraud on their accounts. Immediately, trust was established to get transaction codes. 

Those codes supposedly were intended to receive accounts, but instead were used to approve such scams as cash withdrawals, bank transfers, and crypto purchases. 

The group used 55 different phone numbers that it used every now and then to prevent being identified. 

They made use of stolen papers to book hotels, in which they used Wi-Fi services to scam well beyond their actual identities.

The operation revealed a hierarchical criminal network of bank mules, people recruited to whose accounts money was transferred to. 

Mules would also be forced to give back illegal money through coercion. Four leaders who planned the fraud were identified and arrested by law enforcement.

Phases of Arrests and Seizures

The initial stage saw arrests in the areas of Cádiz and Barcelona, where three key suspects were arrested and 111 victims were initially identified. 

After several analyses of the devices, the number of victims had increased to 273, and the number of losses had been estimated to be around 778,637. 

Cryptocurrency worth approximately €7,500, cash, phones, stolen IDs, and luxury goods were among the items that were seized. The fourth leader is still on the run with a warrant.

A second phase saw the arrest of eight additional people with many based in the Alicante province. 

These members were also taken into recruitment and mule account management. Searches brought in European money, guns, electronic devices, luxurious items, and a costly car to the tune of 15,000. 

There is a trial against the apprehended suspects accused of fraud, coercion, and illegal detention in a number of provinces.

The case brings out the sophistication of cybercrime in Spain, whereby criminals used multiple technologies and social engineering to support the execution of the phishing fraud in bulk.

The National Police are still in the process of investigations in an attempt to completely destroy the entire criminal network and curb more scams.