Two million recovered from Marbella victims swindled through email attacks

Cyber officers attached to the National Police station in Marbella have recovered more than two million euros swindled from around twenty victims through cyber-attacks on e-mails, most of them associated with real estate transactions.

One of the most noteworthy of the cases solved was one in which the rapid action of the investigators enabled them to foil a fraud of 1.4 million euros in the purchase and sale of a luxury villa in Marbella, according to the National Police in a press release.

The cybercriminals used the 'man-in-the-middle' technique. Since the creation in 2023 of the cybercrime group at the Marbella police station, among other cybercrime crimes, 20 scams have been solved that meet the parameters of the fraud known as a man-in-the-middle attack.

This is a type of crime in which criminals intercept a conversation, via e-mail, between two companies that have a commercial relationship, a service provision relationship or any other relationship involving a payment obligation.

In more detail, this type of computer fraud consists of intercepting a conversation or a data transfer by posing as one of the legitimate participants in the transaction. Intruders make slight changes to legitimate email addresses, sometimes unnoticeable to the victims, such as inserting a dot or a hyphen, or replacing one letter with another.

The cybercriminals then, in this email exchange, provide a new bank account number to carry out the money transfers, pretending to be the company providing a certain service that the victim requires.

In the end, the money is paid into the fraudsters' account, while the victim believes that he or she has actually sent it to the company with which he or she has a contractual relationship.

In the case of the million-dollar scam involving the purchase and sale of a luxury villa in Marbella, the cyber-officers were able to count on the collaboration of the banking institutions involved, as well as the assistance of Interpol and Europol, and were able to locate, intervene and return a total of 1,445,000 euros to their rightful owner, blocking several transfers to Portugal and Austria in time.

Continuing with the investigations, the National Police were able to ascertain how the different criminal plots, in order to hide their identity, made use of intermediaries who were the holders of the target bank accounts. This is what is known in police jargon as a "mule", who provides their bank details so that the cybercriminals can use their account, receiving an economic benefit in exchange. When the swindled money arrives, they make national or international transfers.

On the other hand, as a recommendation, the National Police advise any business company with commercial activity, based on payment of invoices or sale or purchase of movable or immovable property using bank transfers as a means of payment, to ensure that the destination account is the correct one by checking with the account holder, being suspicious of changes, for no apparent reason, of the IBAN numbers of the recipient's accounts, as well as checking contact details, including telephone numbers and e-mails.