13-Year Sentences for Fraud Ring Leaders

The Three-Member Court of Appeal for Felonies in Thessaloniki sentenced the two masterminds behind the organization to 13 years in prison. The group had systematically drained the bank accounts of unsuspecting citizens, amassing over €315,000 from 26 victims.

Following months of investigations by the Northern Greece Cybercrime Unit, authorities dismantled the operation. The extensive case file details the methods they used to generate hundreds of thousands of euros over a nine-month period, from September 2022 to June 2023.

Both key players of the criminal group had been in custody since March. A 25-year-old accomplice, who was initially free under restrictive conditions, was also sentenced to six years in prison for recruiting individuals into the network. These recruits played supporting roles in the group’s fraudulent activities.

Additionally, five other individuals received prison sentences for misdemeanors, while three co-defendants were acquitted.

How the Fraud Worked

The young members of the network gained access to security systems by purchasing stolen banking credentials and personal data from the dark web.

One of the main convicted hackers handled the technical aspects of the fraud, while the other managed the financial operations.

According to the indictment, the 25-year-old defendant bought digital files containing access credentials (usernames and passwords), personal data, and other sensitive information stolen by unidentified hackers.

The cost of these credentials varied from $30 to $300, as he admitted in his testimony.

The group then used call and message diversions to gain control of online banking and digital government (e-GOV) services. They transferred victims’ banking details to their own mobile devices, conducted contactless payments, loaded prepaid cards, and even took out instant loans in their victims’ names, pocketing the funds themselves.

Manipulating Tax Records for Loan Approvals

To obtain loan approvals, the fraudsters submitted modified tax returns through government digital platforms. By inflating declared incomes, they generated updated tax documents, making their victims unwitting applicants for instant loans—which the criminals then withdrew.

Using advanced knowledge of cybersecurity, banking systems, and cryptocurrency exchanges, the group carried out one fraud after another, emptying victims’ bank accounts both directly and indirectly.

The case file documents 26 instances of fraud, including four unsuccessful attempts. In just nine months, they acquired €315,948 and attempted to steal an additional €40,648.

To obscure financial trails, they created and used forged documents. Stolen funds were withdrawn from ATMs or transferred to cryptocurrency exchanges, digital banks, and online betting platforms. The group also relied on accomplices—often recruited opportunistically—to act as “money mules” and launder the funds.

Victims Speak Out: “I Went Through Hell”

Victims of the fraud testified in court, describing the distressing experience of being scammed.

“I wouldn’t wish this on my worst enemy,” said one victim, who, despite avoiding financial loss, recounted the panic and fear they endured upon realizing their personal data had been compromised.

“I went through hell. This had a severe impact on my health. I lost my job…” another victim testified. They explained that the fraudsters gained access to their phone, tax ID, and even their online tax portal (Taxisnet).

The criminals took out a personal loan in their name, altering their tax records in the process. This manipulation led to an increased tax bill in the following year.

“I Had No Second Thoughts” – The Hackers’ Testimonies

During his testimony, the 25-year-old responsible for the technical aspects of the fraud admitted his actions and apologized.

“I saw fraud as a game—stealing money from people. I was no different from a thief. I had no second thoughts. I never imagined I would end up in prison,” he confessed.

His co-defendant, who handled the stolen funds and made cash withdrawals, spoke about his efforts to compensate the victims.

Defense Lawyer’s Statement

Dimitris Pessios, the defense attorney for one of the acquitted defendants, commented on the case:

“This was a complex case that occupied the court for several days. It involved cybercrime and an organized criminal network. What stands out is how easy it has become for some individuals to defraud others, hijack bank accounts, and even alter official documents.”

“After thorough deliberation, the court convicted the guilty parties while recognizing my client’s innocence. He had been deceived and misled by the true masterminds behind this scheme. We are fully satisfied that the court accepted our arguments and unanimously acquitted my client and two other defendants of all charges.”