Unmasked: 23 charged over COVID-19 business email compromise fraud

11 August 2021
Press Release
Press Release/News

This News/Press release is about Cybercrime

View all crime areas

A sophisticated fraud scheme using compromised emails and advance-payment fraud has been uncovered by authorities in Romania, the Netherlands and Ireland as part of an action coordinated by Europol. 

On 10 August, 23 suspects were charged as a result of a series of raids carried out simultaneously in the Netherlands, Romania and Ireland. In total, 34 places were searched. These criminals are believed to have defrauded companies in at least 20 countries of approximately €1 million. 

The fraud was run by an organised crime group which prior to the COVID-19 pandemic already illegally offered other fictitious products for sale online, such as wooden pellets. Last year the criminals changed their modus operandi and started offering protective materials after the outbreak of the COVID-19 pandemic. 

This criminal group – composed of nationals from different African countries residing in Europe, created fake email addresses and webpages similar to the ones belonging to legitimate wholesale companies. Impersonating these companies, these criminals would then trick the victims – mainly European and Asian companies, into placing orders with them, requesting the payments in advance in order for the goods to be sent. 

However, the delivery of the goods never took place, and the proceeds were laundered through Romanian bank accounts controlled by the criminals before being withdrawn at ATMs. 

Europol has been supporting this case since its onset in 2017 by: 

  • Bringing together the national investigators on all sides who have seen been working closely together with Europol’s European Cybercrime Centre (EC3) to prepare for the action day;
  • Providing continuous intelligence development and analysis to support the field investigators;
  • Deploying two of its cybercrime experts to the raids in the Netherlands to support the Dutch authorities with cross-checking in real-time information gathered during the operation and with securing relevant evidence. 

Eurojust coordinated the judicial cooperation in view of the searches and provided support with the execution of several judicial cooperation instruments.

This action was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

The following law enforcement authorities were involved in this action:

  • Romania: National Police (Poliția Română)
  • The Netherlands: National Police (Politie)
  • Ireland: National Police (An Garda Síochána)
  • Europol: European Cybercrime Centre (EC3)
     

EMPACT

In 2010 the European Union set up a four-year Policy Cycle to ensure greater continuity in the fight against serious international and organised crime. In 2017 the Council of the EU decided to continue the EU Policy Cycle for the 2018 - 2021 period. It aims to tackle the most significant threats posed by organised and serious international crime to the EU. This is achieved by improving and strengthening cooperation between the relevant services of EU Member States, institutions and agencies, as well as non-EU countries and organisations, including the private sector where relevant. Cybercrime is one of the priorities for the Policy Cycle.