
An international law enforcement operation targeting online fraud has led to thousands of arrests and the seizure of hundreds of millions of dollars in criminal proceeds.
The operation, coordinated by Interpol and involving authorities from 97 countries and territories, uncovered—yet again—how online fraud has shifted to social media as the main attack vector. Rather than relying on malware or sophisticated hacking, many of the targeted criminal networks simply manipulated people into handing over money themselves.
Operation First Light 2026 ran between January and April this year, bringing together police agencies, financial investigators, and cybercrime specialists from nearly 100 jurisdictions.
Rather than targeting a single criminal group, the operation focused on the broader ecosystem of social engineering fraud—a category of crime that exploits trust instead of technical vulnerabilities. Criminals impersonate banks, government agencies, businesses, romantic partners, or investment advisers to persuade victims to voluntarily transfer money or disclose sensitive information.
According to Intertpol, participating countries analyzed more than 152,000 fraud cases during the operation, identifying over 15,600 suspects, blocking more than 31,000 bank accounts, and issuing 99 international notices and diffusions to help locate offenders across borders.
The investigation uncovered a wide variety of criminal operations.
In Eswatini, authorities dismantled a network involved in illegal online gambling, money laundering, and sophisticated impersonation scams. Police seized hundreds of electronic devices, foreign currency, and even discovered a realistic replica of a Brazilian police station complete with fake uniforms and official-looking equipment used to deceive victims.
In another case, investigators in Singapore and Oman prevented the transfer of $6.6 million stolen through a business email compromise (BEC) scam. Criminals had impersonated a legitimate supplier and persuaded a commodity trading company to redirect a payment to fraudulent accounts before authorities intervened.
Meanwhile, Sri Lankan authorities carried out multiple raids against cyber scam centers, arresting hundreds of suspects accused of organized online fraud operations.
Bitdefender data shows that many scam operations follow predictable work schedules, reinforcing what police investigations have long suggested: modern fraud is an organized business.

Scam activity peaks during the morning hours, when people typically receive their most important messages. Many fraud operations follow structured workdays rather than operating randomly.
The operation highlights a reality our blog has covered repeatedly: today's most successful cybercriminals often don't hack computers—they hack people.
Whether it's an investment scam promising unrealistic returns, a fake bank representative requesting urgent verification, a romance scammer building emotional trust, or a business email compromise operation redirecting invoices, these attacks rely on psychological manipulation.
Our own 2026 Global Scam Intelligence Report found that scammers increasingly meet victims where they already spend time—on social media, messaging platforms, SMS, phone calls, and online marketplaces—rather than relying solely on traditional phishing emails.
As we note in a recent blog article highlighting these findings, social media has evolved into a highly effective scam distribution channel, with 36% of users who encountered scams on social platforms interacting with them. Instead of baiting users hoping to open suspicious emails, scammers now conveniently place traps exactly where people spend hours every day.

Data from the Bitdefender 2025 Consumer Cybersecurity Survey also supports these findings, with more than a third of respondents reporting they encountered a scam through their social media feed.

As artificial intelligence makes impersonation easier and more convincing, social engineering is becoming both more scalable and harder to detect.
Interpol officials say no country can tackle these schemes alone.
“Social engineering scams continue to pose a significant threat to our society,” said Tomonobu Kaya, Director of Interpol's Financial Crime and Anti-Corruption Centre, adding that criminal syndicates routinely operate across multiple jurisdictions, making international intelligence sharing and coordinated enforcement critical to disrupting fraud networks and the money laundering operations that support them.
Scammers posing as government agencies, banks, tech support representatives, employers, and even romantic partners stole $3.5 billion from Americans in 2025, according to the U.S. Federal Trade Commission (FTC).
Imposter scams were the most commonly reported type of fraud in the United States for the ninth consecutive year, with reported losses jumping nearly 20% from 2024.
While large international operations disrupt criminal networks, fraudsters launch new campaigns every day. A few habits can significantly reduce your risk:
The best defense is usually a healthy dose of skepticism: whenever someone demands money, personal information, or urgent action, verify first. However, it always helps to use a security tool.
When in doubt about an unsolicited phone call, text or social media interaction, consider using a scam detector like Scamio or Scam Radar, our new scam-fighting solutions integrated across our consumer security suite.
We’ve also recently launched Bitdefender RealCheck — a standalone app for iOS and Android that helps you evaluate whether a video has been manipulated and may be intended to deceive.
You may also want to read:
Americans lost $3.5 billion to imposter scams last year — and the scams are getting harder to spot
Scam centers keep office hours — because fraud is a business
tags
Filip has 17 years of experience in technology journalism. In recent years, he has focused on cybersecurity in his role as a Security Analyst at Bitdefender.
View all posts