Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world.
The operation, the agency said, was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States. Europol said the investigation into the syndicate started in 2023.
In addition, the five alleged suspects behind the cryptocurrency scam were arrested on June 25, 2025. Three of the arrests took place in the Canary Islands, while two others were apprehended from Madrid.
“To carry out their fraudulent activities, the leaders of the criminal network allegedly used a net of associates spread around the world to raise funds through cash withdrawals, bank transfers, and crypto-transfers,” Europol said.
These types of scams often follow a pattern known as cryptocurrency confidence or romance baiting (formerly “pig butchering”), where scammers slowly build trust with victims over weeks or months—often through dating apps or friendly chats—before convincing them to invest in fake crypto platforms. Behind the scenes, fraudsters use social engineering tricks, like fake trading dashboards and scripted conversations, to keep the illusion going. Once money is deposited, it’s moved across multiple accounts in a process called layering, making it harder for authorities to trace.
The cybercriminals are believed to have set up a corporate and banking network based in Hong Kong, with the illicitly obtained funds routed through a maze of payment gateways and user accounts in the names of different people and in different exchanges.
The development comes shortly after the U.S. Department of Justice (DoJ) filed a civil forfeiture complaint seeking to recover over $225 million in cryptocurrency linked to cryptocurrency confidence (aka romance baiting) scams running out of Vietnam and the Philippines.
Europol described the “scale, variety, sophistication, and reach” of these online fraud schemes as “unprecedented,” and that they’re on track to surpass serious and organized crime, thanks to the increased adoption of artificial intelligence (AI) technologies.
“The integration of generative artificial intelligence by transnational criminal groups involved in cyber-enabled fraud is a complex and alarming trend observed in Southeast Asia, and one that represents a powerful force multiplier for criminal activities,” said UNODC Regional Analyst, John Wojcik, late last year.
According to a report from INTERPOL last week, cybercrime reports account for more than 30% of all reported crimes in Western and Eastern Africa. This included online scams, ransomware, business email compromise (BEC), and digital sextortion.
“Cybercrime continues to outpace the legal systems designed to stop it,” INTERPOL said, adding, “75% of countries surveyed said their legal frameworks and prosecution capacity needed improvement.”
Part of what makes this kind of fraud so hard to fight is how criminals exploit legal loopholes and fragmented international laws. Many scammers now use synthetic identities—fake personas built with stolen or AI-generated data—to register accounts or rent bank access. They also recruit financial mules to move money, often without them realizing they’re part of a crime.
To pull off such investment fraud schemes, unwitting people from Asia and Africa are lured into Southeast Asia with lucrative job opportunities, and forcefully detaining them inside “scam compounds” run by transnational organized crime groups originating from China.
As many as 53 scam compounds have been identified in Cambodia, per Amnesty International, where the non-profit said “human rights abuses have taken place or continue to occur, including human trafficking, torture and other ill-treatment, forced labour, child labour, deprivation of liberty and slavery.”
Many of the people forced into these scam compounds were originally promised tech or sales jobs abroad. Once they arrive, their passports are taken and they’re forced to scam others under threats of violence or debt.
Last year, the United States Institute of Peace revealed that the return on cyber scamming is estimated to exceed $12.5 billion annually in Cambodia, which amounts to half the country’s formal gross domestic product (GDP).
The illegal operation has had such an impact that the Indian Embassy in Cambodia has a prominent warning on its website urging citizens to be vigilant against falling into the hands of human traffickers under the pretext of high-paying jobs, stating job seekers are coerced to undertake online financial scams and other illegal activities.
Adding more context to the criminal activity is a recent report from ProPublica that Chinese-language Telegram channels and groups are advertising to scammers the ability to rent U.S. bank accounts at Bank of America, Chase, Citibank, and PNC, who then use these accounts to launder the proceeds. Telegram has begun to take action on some of these channels.
Meta is said to have detected and taken down no less than seven million Facebook accounts associated with scam centers in Asia and the Middle East since the start of 2024, per a statement shared by the company to the investigative journalism organization.
