A two-year long cybercrime investigation between the Romanian National Police and the Italian National Police, with the support of Europol, its Joint Cybercrime Action Taskforce (J-CAT) and Eurojust, has led to the arrest of 20 suspects in a series of coordinated raids on 28 March. 9 individuals in Romania and 11 in Italy remain in custody over a banking fraud netted EUR 1 million from hundreds of customers of 2 major banking institutions. The Romanian authorities have conducted 3 house searches, while the Italian National Police ordered the execution of 10 home and computer searches, involving more than 100 Italian policemen.
The organised crime group (OCG), comprised essentially of Italian nationals, used spear phishing emails impersonating tax authorities to harvest the online banking credentials of their victims.
While the most common phishing scams blast out millions of generic e-mails, spear phishing emails are personally addressed to targeted stakeholders with content to make it appear from a reputable source, such as a bank. Recipients are encouraged to click on a link, which will lead to a fake version of a legitimate website where their account or contact details can be stolen.
The investigation which was initiated in 2016 uncovered how the criminals used the stolen online banking credentials to surreptitiously transfer money from the victims’ accounts into accounts under their control, and from there withdrew the money from ATMs in Romania with credit/debit cards linked to the criminal accounts.
The highly organised OCG pursued its criminal activity using encrypted chat applications. It established its power by applying intimidating and punitive methods towards affiliates and competitors. The OCG is also suspected of money laundering, drug and human trafficking, prostitution and participation in a criminal organisation.
During the investigation, Eurojust ensured close contacts and coordination among the prosecuting and investigating authorities in Italy and Romania. Europol supported the case by providing tailored intelligence analysis and expertise to the investigators and deploying mobile offices on the action day to both countries. Several coordination and operational meetings took place prior to the action at Eurojust and Europol. Due to the demanding investigative measures run on an international level, a joint investigation team (JIT) was set up between the cooperating countries with the assistance of Eurojust and Europol.