Experts at cybersecurity firm Bitdefender have warned that a phishing scam that was first detected in July 2021 is now targeting email users in Romania, Croatia and Hungary.
As part of the phishing scam, hackers send emails that appear to reply to messages previously sent by email users. Targets are then warned that their passwords and intimate pictures have been obtained, and are under ransom for 1,200 euros in Bitcoin.
According to Bitdefender, more than half of the phishing scam emails targeting Romanian users were sent from local IP addresses.
Romania’s Directorate for Investigating Organised Crime and Terrorism (DIICOT) has already arrested a number of organised criminal groups that had been operating both locally and internationally between 2020 and 2021. The groups had all been conducting a range of activities under the phishing scam and cyber fraud umbrella.
In July 2020, the Italian National Postal and Communication Police Unit (Polizia Postale e delle Comunicazioni) and the Romanian National Police (Poliția Română) coordinated to dismantle an organized criminal group involved in cybercrime and money laundering.
Authorities carried out 12 house searches as part of the crackdown, seizing personal computers, credit cards, properties, vehicles and other assets worth an estimated 1.5 million euros.
In another case, Europol’s European Cybercrime Center (EC3) supported Romanian and US authorities in arresting a 41-year-old Romanian national who allegedly targeted high-profile organizations and companies using ransomware. As part of his attacks, the suspect would demand a ransom payment in cryptocurrency, or else leak the stolen data on cybercrime forums.
In a related incident, the district court of Oradea dismissed a civil suit filed in 2020 by Calin Moldovan, the administrator of a gaming Facebook group called the “True Gamers”. As part of the suit, Moldovan demanded 4,000 euros in moral compensation from five other members of the Facebook group, whom he accused of taking over the group.
According to the suit, the five members in question eventually posted pornographic images on the group in order to force Facebook to permanently suspend the “True Gamers” group.
The Oradea court, however, ruled that the plaintiff could not prove that the five defendants were tied to the Facebook users who conducted the so-called takeover. The decision was one of the first in which a court has ruled that a Facebook profile is not sufficient to identify a person without reasonable suspicion, with substantial implications for the future treatment of cyber fraud activities on Facebook.