Earlier this year, following months of close judicial and law enforcement cooperation, Belgium and the Netherlands conducted simultaneous arrests and house searches.
Investigations to identify potential criminal connections in other Member States are ongoing.
Voice-phishing is a relatively new form of cybercrime. In this case, the potential victims in Belgium first received an e-mail, seemingly from a Belgian bank, asking for personal information. In the second phase, the criminals, located in the Netherlands, made direct contact with the potential victims in Belgium by telephone to gain access to private and personal information. The collected information was subsequently used to access bank accounts in Belgium and transfer money. The Belgian victims and banks suffered millions of euros in losses.
Both Eurojust and EC3 facilitated cooperation between Belgian and Dutch judicial and law enforcement authorities by hosting coordination and operational meetings and facilitating the exchange of information within the framework of a joint investigation team (JIT). EC3 also provided valuable analytical and forensic support to the JIT.
Michèle Coninsx, National Member for Belgium and President of Eurojust, and Henri Tillart, Assistant to the National Member for the Netherlands, agreed: "The success of this case would not have been possible without close cooperation with Europol and the establishment of a JIT. Eurojust’s continued support to JITs is crucial in combating newly evolving forms of organized cross-border crime."
Troels Oerting, Head of EC3, commented: "This case is another example of organized cybercriminals setting up teams to act like legitimate representatives of established businesses, who then lure innocent victims into disclosing personal information. The criminals misuse this harvested information to steal the victims’ identities or money."
Europol and Eurojust advise citizens to be very cautious when receiving ‘cold calls’. Every effort should be made to establish whether the caller is genuine. Never disclose your PIN, password or other personal details to any strangers – no genuine company would ask for this information.