Ukrainian cyberpolice have detained nine people suspected of stealing bank card data in a major phishing campaign unleashed on fellow citizens amid the Russian invasion.
“The attackers created more than 400 phishing links to obtain citizens’ bank card data and misappropriate money from their accounts,” according to the June 29 announcement.
The scheme was exposed by officers of the Cyberpolice Department together with investigators of the Pechersk Police Department with the guidance of the Pechersk District Prosecutor’s Office of Kyiv and the help of specialists from the National Bank of Ukraine.
Police identified nine suspects as responsible for creating and administering more than 400 fake websites rigged to phish bank data from unsuspecting Ukrainian citizens.
“Through the sites, Ukrainians were offered to form an application for payment of financial assistance from the European Union,” according to a machine-translated version of the press release.
“After receiving bank data, the attackers made an unauthorized intrusion into online banking and withdrew money from citizens’ accounts.”
The attackers deceived more than 5,000 citizens, with losses exceeding 100 million hryvnias, or 3.36 million US dollars.
In raids on the homes of some suspects, police confiscated computer equipment, mobile phones, credit cards and money identified as being obtained by criminal means.
The Ukrainian cyberpolice has published a list of known phishing sites operated by the group and is urging potential victims to report their case to the agency.