Operation HAECHI-II brought together specialized police units adept in online criminal activities which, in addition to arresting 1,003 individuals, shut down 2,350 bank accounts and closed 1,660 cases of crimes such as investment fraud, illicit gambling, and money laundering.
Police investigations also led to the discovery of 10 new modus operandi linked to various cyber financial crimes.
One such example is a malware-laden mobile application that takes its name and branding from the Netflix show ‘Squid Game’.
The perpetrators masqueraded as affiliates of the Netflix series, but in reality their app was a Trojan horse virus that hacked their victims’ billing and credit card information.
“Online scams like those leveraging malicious apps evolve as quickly as the cultural trends they opportunistically exploit,” said José De Gracia, Assistant Director, Criminal Networks at Interpol.
HAECHI-II was the first global police initiative against cyber financial crime; an example of criminal activity which itself is not limited by national borders or jurisdiction.
Cyber financial crime is a significant facet of transnational organized crime. It allows criminals to steal millions from their victims before channeling the funds through a network of bank accounts across the globe, making them nearly impossible to recuperate.
In one case in Colombia, a textiles company was defrauded of over $8 million in a sophisticated business email compromise (BEC) scam, also known as ‘man-in-the-email attacks’.
BEC scams usually involve the perpetrators obtaining the contact information and business credentials of a trusted source within a company and then use the stolen credentials to contact someone with access to the company’s finances and order them to transfer millions into an account thought to be trusted, when in reality it is controlled by the fraudsters.
The perpetrators acquired the credentials and contact information of the textile company’s legal team and ordered the transfer of over $16 million into two Chinese bank accounts.
Half of the funds had already been transferred by the time the company became aware of the scam and alerted the authorities in Bogota.
Cases of cyber-enabled financial fraud have become well-known to authorities. The U.S. Department of Justice has participated in a coordinated international effort involving over 280 BEC investigations in this year alone.
One such investigation resulted in the conviction of two Nigerian nationals for several man-in-the-email attacks. Authorities handed them a combined sentence of over 22 years in prison.