Cyber Crime
TrendAI™ Supports Global Law Enforcement Efforts
Learn how TrendAI™ and our researchers contributed threat intelligence and analysis to support INTERPOL against cybercrime.
Save to Folio
Serious fraud and cybercrime know no boundaries — jurisdictional or otherwise. Criminal gangs operate with impunity across borders, often leaving behind in their wake a trail of devastation. But they don’t always get their own way. In fact, with the help of our global law enforcement partners, we’re able to peer into their murky world with more clarity than ever today. And show the gangs that there are real consequences to their actions.
That’s why we’re delighted to share in the success of another INTERPOL operation, which this time led to the takedown of over 45,000 malicious IP addresses and servers.
Why Operation Synergia III matters
Cyber is often viewed as a victimless crime. Tell that to the parents who have lost their children to suicide following sextortion attacks. Or the lonely hearts who lose their life savings to romance scammers. Businesses also bear the brunt of these schemes – from the banks that spend a growing sum of money on reimbursing defrauded customers, to the companies scammed by business email compromise (BEC).
The scale of these criminal endeavors is breathtaking. According to the FBI, romance scams cost victims $672m in 2024, the latest year for which data is available. BEC cost made cybercriminals $2.8bn, while investment scams racked up staggering profits of $6.6bn for fraud rings.
That’s why, when agencies INTERPOL ask for our help, we’ll do everything we can to support them.
How TrendAITM helped
The scope of this operation shows what we’re up against. From fake casino phishing websites in China, to sextortion and romance scammers in Tongo, and loan/job fraud in Bangladesh — this is a truly global ‘industry.’ The sheer scale of these operations, and the distributed, obfuscated infrastructure on which they run, makes accurate threat intelligence critical.
This is where TrendAITM comes in. Our global team of threat researchers and unrivalled technical insight help us to shine a light on the shadows. Decades of experience and precise domain knowledge enabled us to identify key infrastructure — such as the servers that host phishing pages and deliver malware — and tie it back to real people and criminal networks. That meant hours of hunting through domains, IP addresses, WHOis records and ISP lists — and reaching out to industry partners.
As TrendAITM Director for Cybercrime Research, Robert McArdle explains: “Arrests like these are the result of months of investigative work mapping the infrastructure, tools and networks that cybercriminal groups rely on to operate. By analyzing malicious servers, phishing infrastructure and command systems, our threat researchers help law enforcement connect digital evidence to the individuals behind the activity.”
As impressive as that sounds though, this intelligence is nothing without good, old-fashioned police work. This is where INTERPOL comes in. Coordinating forces across 72 countries and territories, as well as private sector partners such as ourselves, it turned our actionable leads into outstanding results:
- 45,000 malicious IP addresses and servers taken down
- 94 suspects arrested and another 110 under investigation
- 212 electronic devices and servers seized
The bigger picture
Operation Synergia III comes hot on the heels of our collaboration with Europol to take down prolific phishing-as-a-service platform Tycoon2FA last week. And before that, we scored big wins with Operation Sentinel, which led to 574 arrests in a blow to digital extortion network across Africa. And Operation Secure, which took down 20,000 malicious IPs and domains and led to 32 arrests in connection with infostealer malware. The list goes on.
But we all know there’s a long way to go. That’s why we’ll continue to do what we do best, in order to help our law enforcement partners do what they do best — make crime pay for the perpetrators.