Law enforcement authorities across Europe have successfully arrested five suspects linked to an extensive online investment fraud scheme that has reportedly siphoned more than €100 million (approximately $118 million) from over 100 victims in countries including France, Germany, Italy, and Spain. This operation, described as “elaborate” by Eurojust, involved coordinated actions that included searches at multiple locations across Spain and Portugal, as well as in Italy, Romania, and Bulgaria. Authorities also froze bank accounts and other financial assets tied to the suspected cybercriminals.
The primary suspect is accused of engaging in large-scale fraud and money laundering by operating an online investment platform for several years. Unsuspecting individuals were lured into the scheme with the promise of significant returns on investments in various cryptocurrencies. Once victims deposited their funds, the money was transferred to bank accounts in Lithuania to facilitate laundering. Victims attempting to withdraw their investments were typically confronted with requests for additional fees, after which the scam website would disappear without a trace.
This investigation saw the collaboration of judicial and law enforcement agencies from Bulgaria, Italy, Lithuania, Portugal, Romania, and Spain. Eurojust, along with support from Europol, indicated that the fraudulent operation had been active since at least 2018 and extended its reach over 23 different countries, utilizing those regions to divert proceeds from the scam and locate victims.
Supporting these investigations, the U.S. Federal Trade Commission (FTC) reported that Americans suffered record losses of $12.5 billion due to fraud in 2024, marking a 25% increase from the previous year. Investment scams accounted for the highest losses, totaling around $5.7 billion—a marked increase from $4.6 billion in 2023 and $3.8 billion in 2022. Alarmingly, 79% of individuals who reported investment-related scams lost money, with a median loss of over $9,000. Scams originating online accounted for more than $3 billion in losses, compared to roughly $1.9 billion lost through traditional methods such as phone calls or emails.
In an additional incident, Chainalysis reported a social engineering attack targeting a Venus Protocol user in early September 2025. The attackers exploited a compromised Zoom client to gain access, ultimately manipulating the victim into authorizing a blockchain transaction that provided the criminals with delegate status over the account. This allowed them to drain funds directly from the victim’s wallet.
Fortunately, Venus Protocol swiftly intervened, pausing its services within 20 minutes of the malicious transaction. The swift actions taken allowed for the recovery of approximately $13 million in stolen funds within 12 hours. Venus subsequently enacted a governance measure to freeze an additional $3 million in assets still under the control of the attackers, resulting in a loss for the perpetrators.
This crackdown in Europe coincided with recent efforts from the Seoul Metropolitan Police Agency (SMPA), which disrupted a separate cybercrime operation that reportedly stole around $30 million from 258 high-profile victims, including corporate executives. The operation was noted for its sophistication—criminals hacked personal information and impersonated agency employees to gather further data for additional thefts.
