International police agencies are mowing through scam centers.

INTERPOL has announced a “first-of-its-kind cybercrime operation” that has led to 201 arrests. Authorities across the Middle East and North Africa (MENA) have identified a further 382 suspects. The coordinated operation targeted online fraud, financial scams, malware distribution, and digital extortion, as global law enforcement agencies step up efforts to disrupt organized cybercrime at scale.

Key takeaways

• INTERPOL-led authorities across the MENA region arrested 201 suspects tied to cybercrime operations.
• Investigators seized infrastructure linked to phishing, financial fraud, malware campaigns, and online scams.
• The operation reflects a broader global trend of coordinated crackdowns on organized scam networks.
• Cryptocurrency investment scams, romance fraud, and social media scams continue to generate billions in losses worldwide.
• Despite sweeping crackdowns, cybercriminal groups remain highly adaptable and often re-emerge under new infrastructure.
• Cybercitizens are encouraged to use security tools designed to detect scams.

Operation Ramz

The operation, described by INTERPOL as the first coordinated cybercrime enforcement campaign of its kind in the MENA region, involved extensive intelligence sharing and collaboration among participating countries.

“Thirteen countries from the Middle East and North Africa took part in Operation Ramz (October 2025 – 28 February 2026) which aimed to investigate and disrupt malicious infrastructure, identify and arrest suspects, and prevent future losses,” INTERPOL said in a press release.

Authorities reportedly dismantled malicious infrastructure, analyzed digital evidence, and identified suspects connected to a wide range of online criminal activity. The crackdown targeted operations linked to phishing, business email compromise (BEC), ransomware-related activity, and online financial fraud.

Nearly 8,000 pieces of crucial data and intelligence were disseminated among participating countries to initiate and support investigations.

The arrests come as international law enforcement agencies intensify pressure on cybercriminal ecosystems that increasingly operate across borders, using cryptocurrency payments, encrypted messaging platforms, fake identities, and large-scale scam infrastructures to target victims worldwide.

Operational highlights

INTERPOL shared several operational details illustrating the wide scope of the crackdown.

• In Qatar, investigators detected compromised devices whose owners were unaware their systems had been hijacked and used to distribute cyber threats. Authorities secured the devices and alerted victims so they could strengthen their defenses.
• In Jordan, police uncovered a fraudulent investment scheme operating through a fake trading platform. A police raid found 15 individuals carrying out the scams, but later determined they were trafficking victims who had been lured from Asia with false job offers, had their passports confiscated, and were coerced into participating in the fraud. Two suspected organizers were arrested.
• Authorities in Oman identified a vulnerable server hosted in a private residence that contained sensitive information and had been compromised by malware. Investigators shut down the system to prevent further abuse.
• In Algeria, police dismantled a phishing-as-a-service operation, seizing servers, devices, and phishing tools used to support cybercrime campaigns. One suspect was arrested.
• Meanwhile, Moroccan authorities confiscated computers, phones, and storage devices containing banking data and phishing software. Three individuals are facing judicial proceedings, while additional suspects are under investigation.

Global cybercrime crackdowns are accelerating

The Ramz operation in the MENA region follows several high-profile disruptions to international cybercrime over the past year.

In April, a law enforcement effort led by the US Department of Justice, the FBI, Dubai Police, and Chinese authorities resulted in at least 276 arrests linked to cryptocurrency investment fraud networks in multiple countries. Authorities dismantled at least nine scam compounds allegedly used to run large-scale online fraud campaigns targeting victims primarily in the United States.

The investigators say the scam networks relied heavily on social engineering tactics to build emotional trust with victims before persuading them to invest increasing amounts of money into fraudulent cryptocurrency schemes.

These operations—often referred to as “pig butchering” scams—are among the world’s fastest-growing forms of organized online fraud.

INTERPOL and regional law enforcement agencies have also increasingly focused on infrastructure-level disruption.

In a separate operation across Asia-Pacific countries, INTERPOL announced the takedown of more than 20,000 malicious IP addresses and domains tied to infostealer malware campaigns. Authorities seized servers and arrested suspects linked to malware operations used to steal credentials, cryptocurrency wallet information, and financial data.

While authorities are making arrests, consumer losses linked to online scams continue to climb.

A recent report from Britain highlighted that romance scam victims in the UK lost roughly £102 million in 2025 alone, with criminals increasingly using dating platforms and social media to manipulate victims emotionally before requesting money transfers or cryptocurrency payments.

At the same time, data from the U.S. Federal Trade Commission showed Americans lost an estimated $2.1 billion to social media scams in 2025, making social platforms one of the largest sources of fraud-related losses.

The Bitdefender 2025 Consumer Cybersecurity Survey shows social media is attackers’ preferred scam-delivery system.

Key findings from our report:

• Social media is the top scam delivery channel (34%), underscoring how deception blends seamlessly into platforms where people spend much of their time.
• 7 out of 10 respondents have encountered scams of some type in the last 12 months.
• 1 in 7 consumers fell victim to a scam in the past year.
• In the context of AI, 37% named deepfakes as their biggest concern.

Cybercriminals increasingly rely on fake investment opportunities, impersonation, cloned accounts, and fraudulent advertisements distributed through mainstream platforms where users lower their guard.

Scam operations have evolved into highly organized criminal enterprises. Some groups operate with call-center-style structures, scripted manipulation techniques, multilingual operators, money laundering teams, and dedicated technical infrastructure.

Coordinated busts

Cybercrime investigations are notoriously difficult. Criminal groups often spread infrastructure across multiple countries, rely on cryptocurrency transactions, and rapidly migrate operations when servers or domains are seized. That makes international cooperation critical.

Operations coordinated through organizations like INTERPOL allow participating countries to share intelligence, identify overlapping investigations, trace infrastructure, and act in unison against criminal networks.

Authorities hope synchronized enforcement makes it harder for cybercriminal groups to quickly regroup elsewhere. Still, arrests alone are unlikely to eliminate large-scale scam ecosystems.

Past crackdowns have shown that fraud networks often rebuild using new domains, fresh social media accounts, alternative messaging platforms, and replacement infrastructure within weeks.

The challenge grows even more complicated as criminals adopt AI-assisted tactics, including deepfake impersonation, voice cloning, and automated scam messaging.

Read: Got a Silent Call From an Unknown Number? It’s Not Random, It’s a Scam

Read: Older Adults Lost Billions to Scammers Last Year, FBI Warns

How to protect yourself from sophisticated scams

As online fraud operations continue to expand globally, internet users should exercise caution when interacting with strangers online — especially in conversations involving investments, cryptocurrency, urgent financial requests, or emotional manipulation.

Here are some practical tips to reduce your risk:

• Be skeptical of investment opportunities promoted through social media, messaging apps or dating platforms.
• Never send money or cryptocurrency to someone you have not verified independently.
• Watch for pressure tactics involving urgency, secrecy, or emotional manipulation.
• Enable multi-factor authentication on important accounts.
• Use strong, unique passwords and consider a password manager.
• Avoid downloading attachments or clicking links from unexpected messages.
• Keep devices and security software updated.
• Research companies, trading platforms, and investment offers independently before sending funds.

Use security tools that detect scams

Security solutions with scam-detection features can help identify phishing links, fraudulent messages, and suspicious websites.

To help people stay ahead of evolving threats, Bitdefender has introduced Scam Radar, a new feature integrated into Bitdefender Mobile Security for Android and Bitdefender Mobile Security for iOS.

When in doubt about an unsolicited phone call, text or social media interaction, use Scamio, our free scam detector and prevention service. Simply describe your situation and let Scamio guide you to safety.

You may also want to read:

Global Scam Crackdown: 276 Arrested, Crypto Fraud Networks Dismantled

Brits Lost £102 Million to Romance Scams Last Year

Social Media Scams Cost Americans $2.1 Billion in 2025, FTC Warns