The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks.

The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks.

The crooks created more than 400 phishing sites for obtaining the banking data of Ukrainian citizens under the guise of social security payments from the EU.

The phishing sites were hosting an application form to fill out to receive financial assistance from the European Union.

The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks.

“Nine people created and administered more than 400 fake web resources for obtaining banking data of citizens. Through the websites, Ukrainians were offered to form an application for the payment of financial assistance from the countries of the European Union. Using phishing links, victims took surveys and entered bank card details.” reads the advisory published by the Cyber Police of Ukraine.

Once obtained the bank data, the cybercriminals carried out unauthorized access to the victim’s online banking and withdrew money from their accounts. The gang defrauded more than 5,000 citizens, stealing a total amount of more than 100 million hryvnias.

The police searched the home of the suspects and seized computer equipment, mobile phones, bank cards, and money obtained through the illicit activities.

“Criminal proceedings have been opened under Part 3 of Art. 190 (Fraud), Part 5 of Art. 361 (Unauthorized interference in the work of information (automated), electronic communication, information and communication systems, electronic communication networks) of the Criminal Code of Ukraine. Perpetrators may face up to fifteen years in prison.” continues the advisory. “The issue of declaring suspicion and selecting preventive measures for the persons involved is being resolved.”

The Cyber ​​Police urges citizens to obtain information about financial payments only from official sources, and avoid clicking dubious links, and never provide personal and financial information to third parties posing as government entities.

 

[출처 : SecurityAffairs / 7.5.]