A new phishing scam has come to light, and the Economic and Financial Crimes Unit (UDEF) of the High Police Department in Aragon has taken decisive action. Eight Spaniards, aged 18 to 43, were arrested for alleged involvement in a criminal group responsible for multiple fraud offenses. The incidents began on November 13 when a bank branch manager alerted authorities after a man attempted to withdraw funds from an ATM without a card, with a woman posing as a helper and confirming that the account belonged to someone else.
A patrol from the Operational Response Group (GOR) attended the scene and verified the information provided by the bank manager. Investigators found that a withdrawal of 2,490 euros had been charged to another person who had already reported a similar incident at the same ATM the day before, prompting authorities to arrest the suspect.
The following day, another person tried to withdraw money from the same central Aragon capital ATM. Once again, the bank manager notified the National Police, and Citizen Security officers confirmed plans to withdraw 2,500 euros from a third-party account.
These arrests sparked a broader investigation led by the Provincial Judicial Police Brigade, which identified a further participant. The latter individual allegedly recruited others to execute the first two withdrawals, using data obtained through phishing in online banking applications.
The method used to withdraw funds without a card involved entering the DNI/NIE number, date of birth, security code, and a coded text message at the ATM. The perpetrators obtained these details by posing as bank employees or managers and convincing victims to divulge information to halt or reverse fraudulent transactions.
In addition, the group is under investigation for allegedly making online purchases using third-party cards. The scheme involved capturing bank card data and placing large orders on various websites, changing shipping addresses and recipient IDs to conceal the true owner of the purchases.
The investigation traced several individuals responsible for more than 500 online purchases and for acquiring items without payment, including three of the people previously detained. The mastermind, a 27-year-old man, is accused of stealing customer data from financial institutions and enabling the rest of the group to withdraw money at ATMs or to make substantial online purchases.
Members known as ‘mules’ occupied the lowest rung of the operation. They were tasked with the most visible fraud acts, such as cash withdrawals from ATMs or placing orders online and collecting goods in person.
Eight suspects were arrested in a staged sequence between March 15 and March 28, with five already facing charges and the others awaiting formal decisions. The operation underscores the importance of citizen vigilance and the continued effort of law enforcement in combating cybercrime and fraud. Internet banking users are urged to stay alert for phishing attempts, never share personal information over the phone, and report any suspicious activity to the proper authorities.