Thessaloniki: How did the spiral that washed 315,000 euros from bank accounts work?

A blow to a spiral that was skimming from bank accounts of unsuspecting citizens was achieved by the Police in its Indicative of how the circuit was operating, it is what a resident of Thessaloniki experienced who saw his money do “poor”. On January 4, 2023, he received three consecutive calls to his cell phone with concealment. When the next day he found that he was not receiving incoming calls he addressed the mobile service provider where he maintains a connection. From customer service he was informed that the promotion had been activated on his mobile, while informed that the incoming calls were promoted to an unknown number. Someone seems to have been able to play the actual subscriber of his number and using the actual evidence of the 37-year-old turned his calls over to another cell phone number. Through the “business” telephone number, the perpetrator then entered the 37-year-old’s e-banking, from where he transferred over 90,000 euros from his bank accounts to both a digital bank and an online betting company. This may have been the most impressive, in terms of prey, “hit” that appears to have been committed by the circuit, the main core of which allegedly constituted four 24-year-olds from Thessaloniki. The “Lagonals” of the Department of Electronic Crimes Division of Northern Greece, EL.A. After months of research they managed to reach their tracks, decoding their complex and multi-shaft criminal activity. Showing great familiarity in the use of computers and the Internet, but also knowing how providers of telecommunications services, banking institutions, electronic money institutions and cryptocurrency exchanges operate, the young defendants seem to have done one digital scam after another, “clearing” -directly or indirectly – the bank accounts of unsuspecting citizens. At 315,000 euros the prey in 9 months The case-file accounts for 26 cases of fraud, nationwide, of which 4 in an attempt. Over a period of 9 months, from September 2022 to June of the following year, they gained profits estimated at 315.948 euros, while attempting to seize an additional 40,648 euros. To darken the cash flows, they themselves supplied or prepared forged fraudulent documents, while money they seized was taken over either by bank ATMs or through transfers to crypto-currency exchanges, digital banks, betting companies etc. For this part, the transfer of funds, they had the help of their accomplices – usually opportunistic individuals – who made up the bearers of money (money mules). Two in prison, one conditionally free Among the acts attributed to them is criminal organization, computer fraud, illegal access to information systems, false evidence, forgery, money laundering etc. Already, the first three of them passed the threshold of the inquisitor of Thessaloniki to explain and two were temporarily detained, following the way to prisons (the third was released on restrictive terms and the fourth has received a call to apologize). Dark Web A key “trigger” for the performance of digital frauds was, according to the case-file, the access of the circuit to sites of the so-called dark internet (Dark Web), from which they purchased digital files with password/username, other relevant critical information, intangible means of payment and personal data of unsuspecting citizens, which was a product of interception by strangers. This role appears to have been taken over by one of the two prisoners, who held technical and informational knowledge. He is alleged – in the same case- to have employed the past the prosecution authorities with similar acts. ‘Fishing’ the OTP codes With access to this data, the two guards could gain unauthorized access to e-baniking, digital governance (e-GOV), digital mobile provider services and communication and social networking applications. A common practice during the case-file was that of phising, where they intercepted either via popular social networking application or by sending a message (SMS) the 6-digit one-time Password-OTP codes in electronic banking services. One such case was the victim of a 40-year-old girl from Glyfada. The patient received a message through the above application that read: “Good evening ma’am (name). In order not to suspend your connection to the application, please enter the 6digit password we just sent you by SMS”. After the woman followed the “guides”, the perpetrators seem to have gained access to the application and the OTP single-use codes to authorize e-banking transaction. They followed without ignoring the five transactions of EUR 10,000, on the grounds: ‘transaction with a betting company’. When the available amounts of the accounts were limited again, the circuit sought to issue loans in their victims’ names but in fact for its members. In particular, having gained access to personal data, they submitted amending tax returns through the respective digital applications and registering increased year income received updated clearings, making the victims eligible for ‘express’ loans, which they requested and disbursed. “We have compensated part of the victims” The brief describes in detail each of 26 cases of fraud (and in an attempt) with the officers of the Electronic Crime Police “unlocking” the complicated flow of funds. In addition 5 of their 11 accomplices (usually expendable and rewarded for the services provided to the circuit) were identified and included in the same file. Those of the main defendants apologized to the interrogator accepted part of their actions, while – reportedly – they have compensated some of their victims.