BEC Fraud group arrested in connection with COVID-19 PPE

Europol has coordinated an action that resulted in the arrest of 23 suspects believed to have used BEC Fraud to cheat companies in at least 20 countries out of approximately €1 million.  The detained persons were nationals from different African countries residing in Europe.  On 10 August 2021 the suspects were detained in a series of raids at 34 locations, carried out simultaneously in the Netherlands, Romania and Ireland.

The criminals used a sophisticated fraud scheme involving compromised emails and advance-payment fraud.  They employed BEC Fraud (business email compromise) to trick their victims.

Fake email addresses and webpages were created, similar to the ones belonging to legitimate wholesale companies.  Impersonating these companies, the criminals then tricked the victims, mainly European and Asian companies, into placing orders with them for personal protective equipment (PPE) and other protective materials, requesting the payments in advance in order for the goods to be sent.  However, the delivery of the goods never took place, and the proceeds were laundered through Romanian bank accounts controlled by the criminals before being withdrawn at ATMs.

This organised crime group was operational before the start of the COVID-19 pandemic, illegally offering other fictitious products, such as wooden pellets, for sale online.  In 2020, once the pandemic struck, they changed their modus operandi and started offering protective materials.

Europol has been supporting this case since its onset in 2017 by:

• Bringing together the national investigators on all sides who have seen been working closely together with Europol’s European Cybercrime Centre (EC3) to prepare for the action day;
• Providing continuous intelligence development and analysis to support the field investigators;
• Deploying two of its cybercrime experts to the raids in the Netherlands to support the Dutch authorities with cross-checking in real-time information gathered during the operation and with securing relevant evidence.

Eurojust coordinated the judicial cooperation in view of the searches and provided support with the execution of several judicial cooperation instruments.

The following law enforcement authorities were involved in the action:

• Romania: National Police (Poliția Română)
• The Netherlands: National Police (Politie)
• Ireland: National Police (An Garda Síochána)
• Europol: European Cybercrime Centre (EC3)

This action was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

The EAST Expert Group on Payment and Transaction Fraud (EPTF), which meets three times each year, focuses on the prevention of payment and transaction fraud, including BEC Fraud (also known as CEO Fraud).