In a police announcement Poland’s Central Bureau for Combating Cybercrime said officers dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment codes. The group operated in Poland and Germany from May 2022 to May 2024 and investigators seized more than 100,000 logins and passwords.
KEY FACTS
- Incident Facebook account takeover via phishing
- Scope More than 100,000 stolen logins and passwords seized
- Suspects 11 identified, 6 placed in pretrial detention
- Charges Over 400 charges including fraud and money laundering
- Timeline Active May 2022 to May 2024
The group set up websites that mimicked well known news portals and used sensational headlines to lure users. Clicking a link opened a Facebook login window that captured credentials when victims entered them.
Captured credentials were used to access Facebook accounts and carry out further fraud. The scheme also targeted BLIK payment codes extracted from victims for financial theft.
Investigators identified 11 members who operated in Poland and Germany between May 2022 and May 2024. Six suspects were placed in pretrial detention during the investigation.
Prosecutors filed more than 400 charges that include leading and participating in an organized criminal organization, unlawful access to Facebook and email accounts, online fraud, and money laundering.
WHY IT MATTERS
The scale of the seized credentials and the number of charges show how credential phishing can enable cross border fraud and money laundering and produce large pools of compromised accounts for abuse.