A group of imposters operating out of a Ukrainian call center have defrauded thousands of victims by posing as computer security employees of their banks.

They contacted the victims, claimed their bank accounts had been accessed by attackers, and requested financial information claiming it was needed to prevent fraud, but instead emptied their bank accounts.

The scheme was uncovered by the cyberpolice department, the main investigation department of the national police, the prosecutor general’s office and law enforcement officers in Kazakhstan.

Investigators found that 37 operators working in a call center set up by three Dnipro residents were calling citizens of Kazakhstan posing as computer security employees of their banks.

They informed citizens about suspicious transactions and reassured them that malicious actors had gained access to their accounts, persuading them to provide financial information under the guise of canceling the transactions.

After obtaining this information, the perpetrators transferred the victims’ money to accounts under their control, issued quick loans and sent the loan amounts to their accounts.

The crooks used offshore bank accounts and cryptocurrency wallets to collect the money resulting from their scheme and, according to investigators’ estimates, defrauded approximately 18,000 citizens of the Republic of Kazakhstan of an amount of money still unknown.

Databases of personal information found during a police raid

Law enforcement also searched the suspects’ call center and residences, seizing 45 pieces of computer equipment, cell phones, SIM cards and drafts.

During their inspection, Ukrainian cyberpolice also discovered databases containing personal information of citizens of the Republic of Kazakhstan that fraudsters used to divert money from their accounts.

“The organizers encouraged the operators and paid interest on the amount they managed to obtain through criminal means,” the National Police’s cyberpolice department said. said.

While Ukrainian police said the investigation was still ongoing, a criminal case was opened under Article 190, Part 3 (fraud) of Ukraine’s Criminal Code, which carries a maximum sentence of eight years’ imprisonment. jail.

In August, the National Police of Ukraine (NPU) disbanded a network of call centers used by cybercriminals to target victims of cryptocurrency scams under the guise of helping them recover stolen funds.

A year ago, Ukrainian law enforcement arrested 51 suspects suspected of selling personal data belonging to more than 300 million people worldwideincluding Ukraine, USA and Europe, on hacking forums.