LYON, France – An international cybercrime operation targeting phishing, malware and ransomware has taken down more than 45,000 malicious IP addresses and servers.
Law enforcement from 72 countries and territories took part in Operation Synergia III (18 July 2025 – 31 January 2026), coordinated by INTERPOL. The operation led to the arrest of 94 people, with another 110 individuals still under investigation.
During the operation, INTERPOL transformed data into actionable intelligence, facilitated cross-border collaboration, and provided tactical operational assistance to member countries. Preliminary investigations led to a series of coordinated actions by national authorities, including raids on key locations and the disruption of malicious cyber activities. In total 212 electronic devices and servers were seized.
Neal Jetton, INTERPOL’s Director of the Cybercrime Directorate, said:
“Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve. INTERPOL remains at the forefront of this fight, uniting law enforcement agencies and private sector experts to dismantle criminal networks, disrupt emerging threats and protect victims around the world.”
Fraudulent websites, romance scams and credit card fraud
Although several investigations are still ongoing in participating countries, preliminary reports of key cases demonstrate the breadth of the criminal tactics employed:
- Law enforcement in Macau, China identified more than 33,000 phishing and fraudulent websites, related to fake casinos and critical infrastructure, such as official bank, government and payment service sites. Victims are defrauded by topping up their accounts via the fraudulent sites or by having their personal information and credit card details stolen.
- Police in Togo arrested 10 suspects operating a fraud ring from a residential area. Some specialized in technical crimes such as hacking social media accounts, while others carried out social engineering schemes including romance scams and sextortion. After gaining access to an account, the criminals contacted the victim’s online contacts, impersonating the account holder to build fake romantic relationships or deceive friends and family members. Their ultimate goal was to persuade these secondary victims to make money transfers.
- In Bangladesh, police arrested 40 suspects and seized 134 electronic devices related to a large range of cybercrime schemes, including loan and job scams, identify theft or credit card fraud.
During Operation Synergia III, INTERPOL worked closely with its partners, Group-IB, Trend Micro and S2W, to track illegal cyber activities and identify malicious servers.
Notes to editors
Participating countries and territories: Angola, Argentina, Austria, Bahrain, Bangladesh, Bolivia, Bosnia and Herzegovina, Botswana Brazil, Brunei, Burkina Faso, Burundi, Cameroon, Colombia, Democratic Rep of Congo, Eritrea, Eswatini, France, Gambia, Georgia, Greece, Guatemala, Guinea, Guinea Bissau, Guyana, Honduras, Iceland, India, Iraq, Ireland, Israel, Japan, Jordan, Kazakhstan, Kenya, Kuwait, Latvia, Lebanon, Lesotho, Liechtenstein, Macao (China), Madagascar, Malaysia, Maldives, Moldova, Mongolia, Niger, Nigeria, North Macedonia, Oman, Pakistan, Palestine, Paraguay, Philippines, Poland, Qatar, Singapore, South Africa, South Sudan, Spain, Sri Lanka, Switzerland, Tanzania, Togo, Türkiye, Uganda, Ukraine, United Arab Emirates, United Kingdom, Venezuela, Zambia, Zimbabwe.
