
INTERPOL dismantles digital fraud networks that have affected thousands of victims in 13 Arab countries

The International Criminal Police Organization (Interpol) on Monday announced the official results of a large-scale cybersecurity operation called "Ramez", which resulted in the dismantling of organized cyber fraud networks and the identification of thousands of victims in the Middle East and North Africa (MENA) region.
The organization, which is based in the French city of Lyon, explained in a statement that the operation was carried out from October 2025 to February 2026, and included intensive coordination between 13 Arab countries with the aim of curbing the huge financial losses caused by digital crimes.
Outcome and indicators of the security operation
According to the data issued by the security agencies participating in the operation, the campaign succeeded in achieving the following figures and results on the ground:
Some 3,867 victims were identified who were exposed to digital financial scams.
201 suspects were arrested and 382 others were prosecuted.
Approximately 50 servers were seized and seized that were used as infrastructure to manage criminal activities.
Approximately 8,000 intelligence and criminal information were exchanged between member states to expand the scope of investigations.
The campaign was in close coordination with international private sector partners, most notably leading cybersecurity companies Kaspersky and Group-IB, where the latter provided INTERPOL with detailed data related to more than 5,000 hacked accounts in the region, some of which were found to be linked to government and sensitive infrastructures, whose credentials were sought by hackers to steal to gain access to official systems.
Details of Specific Operations in the Arab Countries
According to the report of the international organization, the security services in Jordan succeeded in dismantling an investment fraud network that operates a fake financial trading platform to lure victims with the temptations of quick profit, before freezing their funds immediately after depositing them.
The investigations revealed another aspect of the network, which was "human trafficking", as it was found to be involved in the detention of 15 people, the confiscation of their travel documents, and forcing them under threat to work under force in the management of fraudulent accounts.
In Algeria, authorities have spotted a sophisticated technical architecture based on the "phishing-as-a-service" model, a software system that allows traditional criminals to purchase and use off-the-shelf cyberattacks without the need for advanced technical expertise, facilitating the widespread theft of bank data and personal accounts.
In Morocco, security forces seized a package of electronic devices loaded with stolen bank data and credit phishing malware.
At the same time, investigations in Qatar revealed that computers that were hacked and exploited remotely – without their owners' knowledge – as intermediary platforms (zombies) to carry out broader cyberattacks and spread digital threats.
Broad Regional Partnership
The organized operation witnessed concerted security efforts from Tunisia, Algeria, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Bahrain, and the United Arab Emirates.
The regional move comes at a time when the World Economic Forum is increasingly warning of the rise of cybercrime, which is costing the global economy billions of dollars annually, threatening the national and financial security of countries.

