An international law enforcement operation, supported by Europol, has led to the arrest of eight individuals suspected of involvement in a sophisticated ‘phone phishing’ network. The operation, conducted in Belgium and the Netherlands, targeted a cybercrime gang accused of defrauding victims across Europe, causing estimated economic damages of several million euros.
The operation reached its conclusion on 6 December 2024, with coordinated raids at 17 locations across the two countries. Law enforcement officials seized electronic devices, luxury watches, jewellery, significant amounts of cash, and a firearm.
The suspects, four arrested in Belgium and four in the Netherlands, are alleged to have orchestrated large-scale phishing campaigns aimed at accessing victims’ financial data. Employing a range of deceptive techniques, the perpetrators impersonated police officers or banking officials and, in some cases, approached elderly victims directly at their homes. The proceeds of these fraudulent activities were reportedly used to purchase luxury goods and fund extravagant lifestyles.
The investigation, initiated by Belgian authorities in 2022 with Europol and Eurojust’s assistance, unveiled the gang’s transnational operations. Although most criminal activities took place in Belgium, the group’s primary operators were based in the Netherlands.
In 2023, Dutch authorities launched their own inquiry, culminating in the creation of a dedicated task force to target the gang’s high-value members. Europol played a critical role, coordinating information exchange between member states and providing analytical and financial expertise. Eurojust facilitated judicial support, organising eight coordination meetings to streamline collaboration between Belgian and Dutch investigators.
Authorities believe the network’s fraudulent activities impacted victims in at least ten European countries. In addition to phishing, the suspects exploited second-hand marketplaces by requesting small upfront payments to manipulate victims into revealing sensitive financial information.
The operation yielded significant results, including the arrests of the suspects, searches of multiple locations, and the confiscation of valuable items and cash.
Belgian and Dutch authorities have since issued public warnings to help citizens avoid falling victim to similar phishing schemes. They emphasise the importance of caution when dealing with unexpected communications, particularly those requesting urgent updates to bank accounts or claiming accounts have been locked. Citizens are advised to avoid clicking on unverified links, use antivirus software on their devices, regularly update security systems, and create unique passwords for their online accounts. Additional recommendations include verifying that website URLs begin with ‘https://’ and exercising care in transactions conducted on second-hand marketplaces, particularly when asked for initial payments.
The investigation involved collaboration among several agencies. In Belgium, these included the Federal PPO, the Investigating Judge Court of First Instance Antwerp (Mechelen division), and the Federal Judicial Police East-Flanders. In the Netherlands, the PPO Rotterdam and the National Police (Rotterdam Unit) took the lead. Europol and Eurojust provided overarching support, with the European Cybercrime Centre (EC3) contributing to the operational efforts.
Read also:
Synthetic Identity Theft: a new and potentially devastating form of cybercrime
