Large-scale phishing: OM requires up to 2 years in prison | news

News feature | 10-03-2022 | 19:34

The National Public Prosecutor’s Office (OM) has today demanded a prison sentence of 2 years against two suspects and 18 months against a suspect at the court in Rotterdam. Three men aged 26, 30 and 31 from Amsterdam and Amstelveen have been charged in high-tech crime investigation 26Turtlecreek, suspected of large-scale fraud mainly through phishing.

In the case against the 26-year-old suspect, the suspicion is also of money laundering of an amount of approximately 48,000 euros and concealment of the purchase of a Volkswagen Golf with criminal money.

From 2014 to 2019

According to the prosecution, the three suspects are guilty of using technical tools (using malware and phishing sites), hacking (using fraudulent data and loading data into banks ‘and companies’ computer files) and subsequently committing fraud and theft. According to the prosecution, all the suspects have done all this from 2014 to 2019, both individually and together.

Start research

The national unit’s high-tech crime team started an investigation in January 2018 under the authority of the National Prosecutor. The investigation was prompted by reports of bank fraud via malware made by a bank (ING).

Several reports of fraud and theft against suspects soon followed from other banks, such as Rabobank, and telecommunications providers (Vodafone and KPN / Telfort). The reports were often based on reports from customers who saw deviant logins or suspicious transfers and cash withdrawals.

Fraud, fraud and theft

In these cases, it turned out that there had been attempted fraud or success with customer data. Customers were contacted in various ways via messages that appeared to come from their telecommunications provider, bank or credit card company. This impression was reinforced because the suspects incorporated the name, logo and house style of the authorities in the messages. The content of the text was an alarming message to the recipients. This caused them to click on a web link and provide personal information such as passwords. What the recipient did not know was that clicking on the link caused malware infection. This allowed the attackers to log in to the victims’ account and proceed to the theft.

Fraudulent SIM exchanges were also carried out by suspects. The victim’s phone number was transferred to a SIM card belonging to the attackers. This made it possible to validate fraudulent transactions.

According to the prosecution, suspects are also guilty of so-called ‘smishing’ in addition to phishing via e-mail. It is phishing via SMS. Customers of telecommunications providers whose subscriptions could be renewed were attacked. Bank customers were also contacted. Via a fake sms’ on behalf of ‘their provider’, people were led to a phishing site where they left their information. With the login information obtained, the scammers could adjust (address) the information on the customer and order expensive iPhones and capture them, among other things, at addresses of cat catchers. What also happened is that they transferred money with fraudulent data to bank accounts of also cat catchers.

Injuries and suffering

The prosecution strongly blames the suspects for causing damage to businesses, damaging confidence in payment and internet traffic and leaving customers with bank accounts or telephone contracts in despair and distress. The officer accused them especially of the latter, and completely turned the lives of the victims upside down. “It was about making easy money behind a computer without thinking about the suffering this caused.”

During searches of their homes, various devices and data carriers were seized from the suspects. Files were found with thousands of e-mail addresses, personal data and login information for banking and telecom customers, as well as methods of sending mass mail. A host of communications (including Whatsapp and Telegram) were also intercepted. These reports have given the police and the judiciary a clear picture of the actions of suspects.

The public prosecutor at the hearing: “They stopped their criminal activities only through police action.” In general, a sentence of three to four years’ imprisonment is appropriate for this type of offense and the large size of this case.

However, the public prosecutor demanded these reduced sentences because the three suspects had been under the supervision of the probation service for three years and have since improved their lives. It is now also a matter of legal work. In addition, the three suspects have revealed their criminal acts and expressed regret and shame.

However, the suspects must compensate the damage to Rabobank, ING Bank and Vodafone up to an amount of more than 430,000 euros. With this, they lose previously confiscated money, a car and valuables, including various role-playing games.

The suspects also lost 18 computers, telephones, laptops, iPads and peripherals with which the offenses were committed.


The investigation will end on March 21, 2022, after which the court is expected to rule on April 4.

Leave a Comment