Europol 'dismantles' Spanish cyber-crime group

News by Adrian Bridgwater

EU law agency Europol and Spanish police mount operation 'Walker' to crack premium number phone scam

EU law enforcement agency Europol has supported the Spanish police force in an effort to take down a cyber-crime group operating with a ‘sophisticated' illegal call centre from Barcelona.

Under a joint operation codenamed ‘Walker', raids and arrests took place on 6 July  in the Catalan capital.

The telecommunications-based cyber-crime in this case is classified as International Revenue Share Fraud (IRSF).

Grupo de fraudes - desmantelar

Reports suggest that ‘Grupo de fraudes de las telecomunicacione' police officers ‘dismantled' six houses and seized over 100 smartphones, stolen SIM cards, computer equipment and a significant amount of cash and credit cards.

Europol's own website states that the aim of this investigation was to target the cyber criminals and their accomplices who were involved in large scale telecommunication fraud, as well as channelling and cashing-out the proceeds of their crimes. 

The unnamed cyber-crime group had established a channel to receive mobile phones stolen from tourists in Spain. A further network of premium rate numbers had been set up and managed by other members of the criminal group based outside the EU.

Stolen device phone numbers were then harvested and exploited until the point at which they were blocked by telecom operators in their country of origin.

Europol explains that it analysed thousands of financial transactions to reconstruct the money flows and destinations across several international jurisdictions. The criminal damage wreaked by the group has been estimated to be at least €2 million.

According to Europol, “Cooperation between law enforcement authorities, Europol and the telecommunication companies was crucial for the success of this operation, which represents a milestone in this specific area of digital crime.”

The global illegal income from International Revenue Share Fraud is estimated to be more than €45 million.

Simple, but effective scamming

Gavin Millard, technical director of Tenable Network Security, spoke to to explain that International Revenue Share Fraud can be simple to initiate.

“It's simple to execute and will generate significant revenue for the operators of the schemes. Further, it can cause endless issues for the victims as they attempt to prove to their mobile providers they had nothing to do with the calls to premium rate services,” he said.

Millard reminds us that crimes of this type can cross multiple borders, making it difficult to bring the perpetrators of International Revenue Share Fraud and other online fraud to justice.

“With the dramatic increase in cyber-crime the EU is facing, continued cooperation and cross border activity between disparate agencies will be required and should be encouraged to stop the monetisation of the masses through fraud of this kind," he added.

"Organisations generally don't tend to share information about security risks as they don't want to appear vulnerable. Exploiting blind spots is what hackers thrive on and use to their own advantage and commercial gain,” comments Charles Sweeney, CEO, Bloxx.

Speaking to today, Sweeney added that this example demonstrates how the ‘pooling of skills, resources and knowledge' is hugely valuable in putting into place all the pieces of the jigsaw and most importantly securing a valuable ‘win' in the fight against cyber-crime.

Cross-border financial crime-fighting

Brian Kinch, is a senior partner at FICO working closely with the software analytics company's global fraud clients. Kinch spoke to SC to assert that this is a “significant victory” in respect of cross-border financial crime-fighting cooperation.

“For too long digital thieves have thought themselves to have the upper hand by means of performing connected criminal operations from disparate geographies, thinking that law enforcement have little chance of ‘connecting the dots' and catching them,” he said.

“Man-in-the-middle and man-in-the-browser attacks have been the cyber-operation of choice for criminals seeking to intercede in personal, financial and business data exchanges and harvest sufficient information for nefarious purposes. Catching a group of this size and sophistication demonstrates the extent to which technological advances in cyber-security, link analysis and anti-money laundering checks are beginning to outsmart even the most determined criminal brains,” added Fico's Kinch.

Robert Burton of network services company Evolved Intelligence agrees that this this type of fraud is becoming increasingly common. Speaking to, Burton explained that fraudsters find that they can net up to €4,000 per hour per victim through these kinds of mechanisms.
"Although most people are aware of the need to lock their phones, few lock their SIM cards or even know how to do it. Many telecom operators take the position that any loss is the customer's problem. This therefore makes this a very dangerous fraud for travellers as they can lose a significant amount of money. We can block this type of fraud in the network, however few operators have as yet deployed solutions to do this. This situation may well change if regulations are brought in to cap the potential losses to consumers,” he said.

Europol has engaged in several initiatives similar to this Spanish case as detailed in a various reports on SC Magazine UK.

Crime & Threats

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews