Spanish Police Dismantle Cybercrime Network with €140M Revenue

Photo: BleepingComputer
Quick answer
Spanish police dismantled a cybercrime group that earned €140M through investment fraud and business email compromise (BEC) attacks.
Spanish police successfully dismantled an international cybercrime network that earned approximately €140 million through fraudulent schemes. The primary sources of income included fake investment offers and business email compromise (BEC) attacks, which resulted in significant financial losses for victims.
During the investigation, four individuals suspected of organizing the criminal network were arrested. The group operated across multiple countries, using fake platforms to attract investors and sophisticated money laundering schemes. According to police, the criminals transferred funds through cryptocurrency wallets and shell companies to conceal their origin.
Business email compromise (BEC) attacks remain one of the most dangerous threats to businesses. Criminals hacked employees' email accounts to send fake payment instructions or request confidential data. In several cases, the victims were financial departments of large organizations.
The investigation is ongoing to identify all members of the criminal network and recover the stolen funds. Cybersecurity experts emphasize the importance of strengthening protective measures, including staff training and the adoption of advanced monitoring technologies.
Common questions
- What are business email compromise (BEC) attacks?
- Business Email Compromise (BEC) attacks are a type of cyber fraud where criminals hack or spoof corporate email accounts to deceive employees into transferring money or disclosing confidential data. These attacks often target financial departments of companies.
- What methods did the criminal group use for money laundering?
- The group employed complex money laundering schemes, including the use of shell companies, cryptocurrency wallets, and fake investment platforms. Funds were transferred through multiple accounts to obscure their origin and complicate tracking.
- What measures can protect companies from such attacks?
- To protect against BEC attacks, companies should implement multi-factor authentication (MFA), train employees to recognize phishing emails, use monitoring systems for suspicious activity, and regularly update security policies.
Dzen feed: /feed/dzen.xml · RSS: /feed.xml