Authorities Dismantle Massive Credit Card Fraud Ring Affecting 4.3 Million Cardholders

Authorities dismantled three sophisticated fraud and money laundering networks that victimized over 4.3 million credit cardholders across 193 countries, causing damages exceeding €300 million.

Dubbed Operation Chargeback, the effort was spearheaded by Germany’s Cybercrime Department in Koblenz and the Federal Criminal Police Office (BKA), with investigations ongoing since December 2020.

More than 60 house searches were conducted globally, leading to 18 arrests out of 44 targeted suspects, including fraud operators, payment service executives, intermediaries, and a risk manager.

The scheme, active from 2016 to 2021, involved using stolen credit card data to generate around 19 million fake online subscriptions on hidden websites offering pornography, dating, and streaming services.

These sites evaded search engines, accessible only via direct links, and imposed low monthly charges of about €50 with vague descriptions to slip past victim detection.

In Germany, 29 premises were raided across multiple states, five arrests made, and over 250 officers mobilized, securing assets worth more than €35 million in Germany and Luxembourg, including cryptocurrencies, luxury vehicles, and devices.

Exploiting Payment Providers

Suspects allegedly infiltrated four major German payment service providers, with six individuals including executives and compliance officers accused of granting access for fees, facilitating transaction processing and laundering.

This collusion allowed illicit funds to flow undetected, amplifying the fraud’s scale and attempted damages surpassing €750 million.

Shell Companies and Laundering Tactics

To mask operations, the networks relied on hundreds of shell companies registered in the UK and Cyprus, procured through crime-as-a-service providers supplying fake directors and falsified KYC documents.

This structure minimized chargebacks and regulatory scrutiny, distributing fraudulent payments across entities. Investigators uncovered 500 such shells and 2,000 fake websites in their probe.

Global Cooperation Yields Results

The action spanned Germany, the USA, Canada, Singapore, Luxembourg, Cyprus, Spain, Italy, and the Netherlands, coordinated by Europol and Eurojust with over 90 legal assistance requests to 30 countries.

Europol provided analytical support since May 2023, deploying experts and facilitating liaison networks.

Europol Executive Director Catherine De Bolle hailed the effort: “Operation Chargeback is a testament to the power of international cooperation in dismantling complex criminal networks,” emphasizing Europol’s role in countering evolving threats.

EU Commissioner Magnus Brunner added that cross-border ties, bolstered by updated mandates and data access, are vital, noting 85% of investigations depend on online evidence.

Suspects now face charges of organized computer fraud, criminal organization membership, and money laundering, with ongoing analysis of seized evidence promising further actions.

This takedown underscores the perils of digital payment vulnerabilities and the efficacy of unified law enforcement.