A cyber criminal organization stole one and a half million euros, and at least 60 people were killed in the Balearic Islands in connection with a banking scam that spoofed the bank’s real phone number and asked for security codes. The Civil Guard arrested six suspects in Barcelona for their alleged involvement in this large-scale cyber fraud affecting the islands. (Civil Guard)
The perpetrators used a spoofing technique, presenting their calls as though they were coming from the victim’s bank. They then pressured victims to disclose security codes, enabling unauthorized access to bank accounts. (Civil Guard)
Earlier in the year, a surge of similar complaints reached the Balearic Islands. In response, the Civil Guard’s Technological Crimes Unit launched a coordinated operation, known as the Fretus operation. Investigators determined that the suspects were highly trained in data manipulation and in impersonating banking institutions. The so-called “smile” method—a variant of spoofing or phone fraud—was central to their approach. (Civil Guard)
The Balearic Civil Guard’s cybercrime specialists tracked the group and traced their activity to Barcelona, where six individuals were identified as using sophisticated techniques to commit phone fraud and harvest victims’ data over the internet. (Civil Guard)
The criminals initially relied on smishing, sending text messages that appeared to be from the victim’s bank. The messages warned of unauthorized access and urged immediate verification of recent actions. Recipients were directed to a link that led to a page designed to resemble the bank’s site but was controlled by the criminals to capture login details and other sensitive information. (Civil Guard)
Cyber fraudster ‘Alex García’
Investigations revealed that an alleged bank representative went by the name Alex García in all communications. Media outlets flagged this as a dangerous cyber threat. The fraudsters relied on security code requests and even opened a new account for the holder to receive funds. The technique, known as caller ID spoofing, allowed them to mimic the bank’s real number. When victims did not fall for the SMS scam, the criminals continued their scheme by calling, warning of supposed fraud on the accounts and pressing for security codes. (Civil Guard)
Despite repeated pressure, the scammers did not abandon their plan. They pursued voice-based deception aimed at moving money from legitimate accounts, making the situation more dangerous. (Civil Guard)
As the investigation progressed, authorities identified roughly 60 victims in the Balearic Islands alone, and there is concern that the total could be higher across other regions. (Civil Guard)
Throughout the inquiry, cybercrime specialists from the Civil Guard managed to block fraudulent transactions totaling about 200,000 euros, successfully restoring those funds to their rightful owners. Seized electronic devices and other items were found during searches in Barcelona, and a high-end vehicle valued at around 50,000 euros was recovered as part of the operation. (Civil Guard)
The six detainees range in age from 16 to 22, with two being minors. Four adults have been placed in temporary detention, while the investigation remains active and authorities have indicated that further arrests could occur as new evidence comes to light. (Civil Guard)