German police have arrested ten people suspected of running a phishing scam designed to raid the contents of online bank accounts that netted hundreds of thousands of euros.

The group, including two women, were cuffed by officers from Germany's Federal Crime Office (BKA) over allegations they distributed Trojan code designed to seize online banking credentials from compromised PCs.

Malicious emails allegedly sent by the gang posed as messages from Deutsche Telekom, eBay, Wal-Mart, IKEA, and the German television licensing organisation (GEZ). Attached to the emails were malicious Trojan horses (such as Troj/Clagger-AZ and Troj/DwnLdr-FYH) that stole information from infected Windows PCs.

A police investigation, which lasted 18 months, resulted in arrests in several German cities, including Dusseldorf, Cologne and Frankfurt this week. Items of computer kit were seized during the arrest and are now undergoing forensic examination.

The suspects include Russian, Ukranian and German nationals aged between 20 and 36 years old. According to the BKA, the suspects bought expensive jewellery, cars and luxury holidays from the proceeds of their criminal acts.

More on the bust can be found in statement by the BKA (in German) here. ®

Related stories

• Crimeware grifters scamming naive phishers (7 August 2008)
• Crooks charge premium for filter-evading Trojan (18 July 2008)
• US and Romania dredge up 38 phishing suspects (20 May 2008)
• Phishers bait hook with Verified by Visa scam (26 September 2007)
• People are biggest threat to IT security (20 September 2007)
• Italian police net 26 in phishing takedown (16 July 2007)
• FBI logs its millionth zombie address (13 June 2007)
• FBI-led probe nets phishing gang (3 November 2006)
• Suspected bot master busted (4 November 2005)
• Arrests 'unlikely' to impact botnet threat (13 October 2005)
• Brazilian cops net 'phishing kingpin' (21 March 2005)
• 150+ cuffed in US-led cybercrime crackdown (27 August 2004)