CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

European Authorities Dismantle Ukraine-Based Call Center Fraud Ring

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

European law enforcement dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of over 10 million euros. The operation involved arrests, seizures, and the disruption of multiple call centers employing approximately 100 people. The criminals used various schemes, including impersonating bank employees and police officers, to defraud over 400 known victims. The network operated as a commission-based criminal enterprise, promising bonuses for successful scams. Authorities from the Czech Republic, Latvia, Lithuania, and Ukraine, supported by Eurojust, arrested 12 suspects out of 45 identified. The operation included 72 searches across three Ukrainian cities, leading to the seizure of vehicles, weapons, a polygraph machine, computers, cash, and counterfeit identification documents. The fraud ring used remote access software to steal banking logins and directed victims to transfer funds to 'safe' accounts under their control. Members of the network had different roles, including making scam phone calls, forging official documents, and collecting cash from victims.

Timeline

  1. 16.12.2025 13:44 2 articles · 1d ago

    European Authorities Dismantle Ukraine-Based Call Center Fraud Ring

    On December 9th, European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of over 10 million euros. The operation involved arrests, seizures, and the disruption of multiple call centers employing approximately 100 people. The criminals used various schemes, including impersonating bank employees and police officers, to defraud over 400 known victims. The network operated as a commission-based criminal enterprise, promising bonuses for successful scams. The fraud ring used remote access software to steal banking logins and directed victims to transfer funds to 'safe' accounts under their control. Members of the network had different roles, including making scam phone calls, forging official documents, and collecting cash from victims.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

International Law Enforcement Dismantles Credit Card Fraud Networks

International authorities have dismantled three large-scale credit card fraud and money laundering networks in Operation Chargeback. The operation targeted 44 suspects, including American, Austrian, Canadian, Danish, Dutch, German, and Lithuanian nationals, and resulted in the arrest of 18 individuals. The fraud networks affected over 4.3 million cardholders across 193 countries, causing losses exceeding €300 million. The operation involved over 60 searches and the execution of 18 arrest warrants. The fraudsters created over 19 million fake online subscriptions for services like pornography, dating, and streaming. They disguised monthly charges of about €50 to avoid detection. The operation was led by the Cybercrime Department of the General Prosecutor’s Office in Koblenz and the German Federal Criminal Police Office, supported by Europol and Eurojust. Authorities seized assets worth over €35 million, including luxury vehicles, cryptocurrency, and electronic devices. The suspects face accusations of organized computer fraud, membership in a criminal group, and money laundering. The fraudsters abused four major German payment service providers to launder proceeds, with six employees allegedly helping the fraudsters in exchange for fees. The suspects concealed their activities through numerous shell companies obtained through crime-as-a-service providers, primarily registered in the UK and Cyprus. The estimated attempted damages from the fraud schemes surpass €750 million (~$865 million).

Open in new tab

Increased Cryptocurrency and Forex Investment Scams in Asia

A surge in fake investment platforms targeting cryptocurrency and forex exchanges is driving a new wave of financial crime across Asia. These scams, orchestrated by organized cross-border groups, exploit social media and messaging apps to lure victims. The schemes use sophisticated trading interfaces and complex backend systems to steal funds. Group-IB's research outlines two key models: a Victim Manipulation Flow and a Multi-Actor Fraud Network. These models detail how trust is built and exploited, and how distinct roles cooperate within a single operation. The report highlights shared technical fingerprints, such as reused SSL certificates and identical chatbot systems, linking multiple scam campaigns. The growing international threat is exemplified by the August 2025 arrest of 20 individuals in Vietnam connected to the $1bn Paynet Coin crypto fraud. This case illustrates how online investment scams have scaled beyond borders, with operators recruiting globally and leveraging fake corporate accounts, stolen identity data, and mule networks to move funds undetected.

Open in new tab

Increased Caller ID Spoofing Attacks Targeting Europe

A surge in caller ID spoofing attacks across Europe has prompted Europol to issue a call for coordinated action. These attacks, which falsify caller IDs to appear legitimate, are used in various fraud schemes and social engineering scams, costing an estimated €850 million globally each year. Organized criminal networks are exploiting this technique, offering 'spoofing-as-a-service' and conducting cross-border operations that are difficult to investigate. The Europol Position Paper on Caller ID Spoofing highlights the need for harmonized technical standards, enhanced cross-border collaboration, and regulatory convergence to combat this threat effectively. Approximately 400 million people in the EU are at risk due to fragmented regulations and limited cooperation between law enforcement and telecom providers.

Open in new tab

Interpol-led Operation HAECHI VI Seizes $439 Million in Global Cybercrime Crackdown

Interpol and 40 countries' law enforcement agencies seized $439 million in cash and cryptocurrency during Operation HAECHI VI, a five-month operation targeting cyber-enabled financial crimes. The operation, conducted between April and August 2025, involved a wide range of criminal activities, including voice phishing, investment fraud, e-commerce fraud, online sextortion, business email compromise, romance scams, and money laundering. The operation resulted in the seizure of 400 cryptocurrency wallets, blocking of 68,000 bank accounts, and the arrest of 45 suspects in Portugal. Additionally, Thai police seized $6.6 million transferred by a Japanese corporation into accounts controlled by a transnational organized crime group. This operation is part of a series of global efforts to combat cyber-enabled financial crimes, with previous operations HAECHI V and HAECHI IV also resulting in significant seizures and arrests.

Open in new tab

U.S. sanctions cyber scam operations in Southeast Asia

The U.S. Department of the Treasury has sanctioned several large cyber scam networks in Southeast Asia, primarily in Burma and Cambodia. These operations, which used forced labor and human trafficking, stole over $10 billion from Americans in 2024, a 66% increase from the previous year. The scams included romance baiting and fake cryptocurrency investments. The sanctions target individuals and entities linked to the Karen National Army (KNA) and various organized crime networks. The U.S. has established a new task force, the Scam Center Strike Force, to disrupt Chinese cryptocurrency scam networks. This task force, supported by the U.S. Attorney's Office, the Department of Justice, the FBI, and the Secret Service, has already seized over $401 million in cryptocurrency and filed forfeiture proceedings for an additional $80 million in stolen funds. The Treasury Department’s Office of Foreign Assets Control has imposed additional sanctions on the Democratic Karen Benevolent Army (DKBA) and related entities. The sanctions block these entities from the U.S. financial system, freeze their U.S.-based assets, and limit their access to international financial services. The move aims to disrupt the operations and impose legal and financial consequences on the perpetrators. The cybercriminal syndicates in Southeast Asia net nearly $40 billion annually in illicit profits. The U.S. actions are part of a broader effort to degrade the infrastructure supporting these scams and punish the system enabling their crimes.

Open in new tab