Operation Heart Blocker, undertaken by U.S. and Dutch law enforcement on January 29, 2025, resulted in the dismantling of 39 online domains and servers operated by Saim Raza, a group behind online marketplaces since 2020. These platforms facilitated the sale of phishing toolkits and fraud-enabling tools, contributing to over $3 million in losses through business email compromise schemes. The investigation revealed not only the sale of these malicious tools but also training offered to users via instructional content, making digital fraud more accessible to broader criminal elements.
The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages, and email extractors, often used to build and maintain fraud operations.
Not only did Saim Raza make these tools widely available on the open internet, it also trained end users on how to use the tools against victims by linking to instructional YouTube videos.
The tools advertised on the marketplaces also made it possible to harvest victim user credentials, which were subsequently put to use to further the fraudulent schemes.
The criminal group sold various programs to facilitate digital fraud, which could be employed by cybercriminals to send phishing emails at scale or steal login credentials.
Collection
[
|
...
]