Sign up
Subscribe
Home / news / Belgian police arrest 19-year-old suspected phishing gang leader tied to over 500,000 euros theft
news

Belgian police arrest 19-year-old suspected phishing gang leader tied to over 500,000 euros theft

Belgian police arrest 19-year-old suspected phishing gang leader tied to over 500,000 euros theft

Belgian authorities say they arrested a 19-year-old they считают a key figure in a European phishing and money-laundering network that stole more than 500,000 euros ($572,000) using fake government emails and phone calls. For PSPs and crypto businesses, the important part is not the stunt itself; it is the plumbing behind it: money mules, cash carriers, and cryptocurrency used to wash the proceeds.

  1. The Federal Judicial Police said the suspect was detained in an Airbnb in Antwerp, where a second suspect was also found. The main suspect was brought before an investigating judge, who issued an arrest warrant.
  2. According to a Thursday police report, the investigation began in March 2026, when phishing attacks became a priority in the region. Authorities say the network used fake government emails and phone calls to trick victims into installing remote-access software.
  3. The gang allegedly moved the stolen funds through money mules and cash carriers before laundering the proceeds through cryptocurrencies. For high-risk payment operators, that mix matters because it combines account takeover, cash-out infrastructure, and crypto rails in one chain.
  4. The case sits inside a broader phishing problem in crypto. Hacken said phishing and social engineering attacks accounted for $306 million of the $482 million lost in the first quarter of 2026.
  5. That pattern keeps showing up elsewhere: on May 25, onchain analyst “b-block” warned that scammers used Google to run malicious phishing ads impersonating Uniswap, reportedly stealing more than $400,000 from victims. DeFiLlama said “fake ads on Google are a common source of phishing attacks,” and Security Alliance reported in April that there was a “significant uptick” in phishing activity on Google Search in March.

CertiK’s Skynet report also flagged phishing and social engineering as leading attack vectors for North Korea-linked malicious actors, and tied the 2022 Ronin Bridge exploit that stole $600 million to a spearphishing campaign involving a fake LinkedIn recruiter and a malware-laden PDF. The mechanism is boring in the worst possible way: people get tricked, funds move fast, and the laundering layer does the rest.

Weekly high-risk digest

Regulation, sanctions and payment news across your verticals — once a week, free.

Please check your inbox and click the link to confirm your subscription.

Please enter a valid email address!