Police in
the Netherlands and Belgium said this week they had broken up an international
investment-fraud operation that ran roughly 20 call centers and more than 700
people posing as financial advisers, an organization that at its peak took in
an estimated €100 million (about $114 million) a month.
Six people
have been arrested, and investigators say the central figure is a 46-year-old
dual Israeli-Polish national with a long history in the hacking world.
The main
suspect was detained at a Polish airport on May 26 as he arrived from Dubai,
then handed to the Netherlands, where a judge ordered him held for 14 days
pending trial.
Dutch
police said he had been prosecuted before for breaking into the computer
systems of foreign government bodies.
The network
had been active since at least 2021 and was built to resemble a legitimate
business, police said. One head office managed the branches spread across
several countries, each with teams assigned to a specific target market.
The scale
is large even by the standards of Europe’s boiler rooms, the industrialized
call-center scams that FinanceMagnates.com has tracked through leaked recordings
and internal data.
Police link about 550 complaints in the Netherlands and another 200 in Belgium
to the group, and believe the worldwide victim count runs into the tens of
thousands.
Dutch
victims alone lost close to €25 million, most of them more than €10,000 each,
according to police. Henrique van Huisstede of the Midden-Nederland police told
broadcaster RTL the network was “responsible for a significant portion of
all investment fraud in the Netherlands.”
The Hacker Police Won’t
Name
Dutch
police did not release the suspect’s name, describing him only as a well-known
hacker who was, in their words, “no stranger to the cyber world.”
That reticence has not stopped the identification from spreading.
The
newspaper De Telegraaf and the English-language outlet NL Times identified the
man as Ehud “Udi” Tenenbaum, a 46-year-old dual national long known
in hacking circles as “The Analyzer.” Police, however, have not
confirmed the name.
Ehud Tenenbaum (46) spil in mega-beleggingsfraude met miljoenen schade: meesteroplichter opereerde met honderden medewerkers in dienst https://t.co/Pc8UpgU8h7
— De Telegraaf (@telegraaf) July 15, 2026
If that
reporting is correct, it would put a figure from the early history of computer
crime at the center of the case. Tenenbaum drew international attention in
1998, when a teenage break-in later dubbed Solar Sunrise hit systems at the
Pentagon, NASA and the US military, an intrusion American officials at first
feared was a state-backed attack.
A decade
later he surfaced again, arrested in Canada in 2008 and extradited to the
United States over a scheme prosecutors tied to about $10 million stolen from
US banks and card processors. He pleaded guilty in 2012 and was sentenced to
time served plus restitution.
The age,
nationality and record cited by Dutch reporters match that public trail, though
none of it has been confirmed by authorities in this case.
‼️ BREAKING: Dutch and Belgian police have dismantled an international crypto investment fraud network run like a company: roughly 20 call centers, 700+ “employees” and an estimated take of more than €100 million per month. Six suspects have been arrested across Poland, Cyprus,… pic.twitter.com/8r1oiPH5GP
— International Cyber Digest (@IntCyberDigest) July 15, 2026
The group
used pseudonyms and technical tricks to hide identities and locations, the kind
of concealment that has frustrated European investigators in other takedowns.
Europe’s Boiler-Room Busts
Keep Growing
European
police have been pulling these call-center networks apart at a steady clip, and
the totals keep climbing. In November, Cypriot, French and Belgian authorities arrested seven people over a Limassol operation said to
have turned over close to €1 billion in five years.
A month
later, a Europol-coordinated action broke up a network accused of laundering more
than €700 million, one that leaned on deep-fake celebrity ads to reel in
victims.
Spanish
investigators dismantled a €460 million ring earlier in 2025, part of a run of
cases that stretched from the Canary Islands to shell companies in Hong Kong.
An older
German case reached €89 million across roughly 33,000 victims. The
Dutch-Belgian network stood out for its pace rather than its headline total, an
estimated €100 million a month at its peak, run by a payroll of more than 700
that made it look closer to a mid-sized company than a back-room scam.
How the Money Disappeared
The
playbook, as police describe it, changed little from earlier schemes. So-called
advisers spent weeks or months building a rapport with targets, often by phone,
before steering them toward what looked like a professional trading platform.
First
deposits were small and appeared to turn a quick profit. The dashboards victims
logged into looked convincing, but no money was ever invested.
As trust
grew the sums grew with it, much of it moved in cryptocurrency, until the funds
simply landed with the operators. The small-deposit, fake-profit hook has been
a fixture of these frauds for years, Europol has noted in earlier cases.
For
victims, the collapse was abrupt. One Dutch victim, identified only as Alex,
said that when he tried to withdraw, “all contact was suddenly cut
off.” He described the moment he understood the savings were gone as
watching the life he had planned come apart.
A Second Scam Aimed at the
Same Victims
There is a
sting in the tail. Police warned that victims who pull out are sometimes
approached by a so-called recovery firm promising to claw back their money for
an upfront fee, an outfit that in many cases belongs to the same criminal
group.
That
double-dip is a well-worn tactic. Spanish police last year described a gang
that hit the same victims three times, posing first as investment
managers, then as recovery agents, then as officials demanding tax before
releasing funds.
For now,
Dutch prosecutors have the alleged organizer in custody on a 14-day detention
order and say more arrests may follow. The financial investigation, including
efforts to trace and freeze assets, is still going on.
Police in
the Netherlands and Belgium said this week they had broken up an international
investment-fraud operation that ran roughly 20 call centers and more than 700
people posing as financial advisers, an organization that at its peak took in
an estimated €100 million (about $114 million) a month.
Six people
have been arrested, and investigators say the central figure is a 46-year-old
dual Israeli-Polish national with a long history in the hacking world.
The main
suspect was detained at a Polish airport on May 26 as he arrived from Dubai,
then handed to the Netherlands, where a judge ordered him held for 14 days
pending trial.
Dutch
police said he had been prosecuted before for breaking into the computer
systems of foreign government bodies.
The network
had been active since at least 2021 and was built to resemble a legitimate
business, police said. One head office managed the branches spread across
several countries, each with teams assigned to a specific target market.
The scale
is large even by the standards of Europe’s boiler rooms, the industrialized
call-center scams that FinanceMagnates.com has tracked through leaked recordings
and internal data.
Police link about 550 complaints in the Netherlands and another 200 in Belgium
to the group, and believe the worldwide victim count runs into the tens of
thousands.
Dutch
victims alone lost close to €25 million, most of them more than €10,000 each,
according to police. Henrique van Huisstede of the Midden-Nederland police told
broadcaster RTL the network was “responsible for a significant portion of
all investment fraud in the Netherlands.”
The Hacker Police Won’t
Name
Dutch
police did not release the suspect’s name, describing him only as a well-known
hacker who was, in their words, “no stranger to the cyber world.”
That reticence has not stopped the identification from spreading.
The
newspaper De Telegraaf and the English-language outlet NL Times identified the
man as Ehud “Udi” Tenenbaum, a 46-year-old dual national long known
in hacking circles as “The Analyzer.” Police, however, have not
confirmed the name.
Ehud Tenenbaum (46) spil in mega-beleggingsfraude met miljoenen schade: meesteroplichter opereerde met honderden medewerkers in dienst https://t.co/Pc8UpgU8h7
— De Telegraaf (@telegraaf) July 15, 2026
If that
reporting is correct, it would put a figure from the early history of computer
crime at the center of the case. Tenenbaum drew international attention in
1998, when a teenage break-in later dubbed Solar Sunrise hit systems at the
Pentagon, NASA and the US military, an intrusion American officials at first
feared was a state-backed attack.
A decade
later he surfaced again, arrested in Canada in 2008 and extradited to the
United States over a scheme prosecutors tied to about $10 million stolen from
US banks and card processors. He pleaded guilty in 2012 and was sentenced to
time served plus restitution.
The age,
nationality and record cited by Dutch reporters match that public trail, though
none of it has been confirmed by authorities in this case.
‼️ BREAKING: Dutch and Belgian police have dismantled an international crypto investment fraud network run like a company: roughly 20 call centers, 700+ “employees” and an estimated take of more than €100 million per month. Six suspects have been arrested across Poland, Cyprus,… pic.twitter.com/8r1oiPH5GP
— International Cyber Digest (@IntCyberDigest) July 15, 2026
The group
used pseudonyms and technical tricks to hide identities and locations, the kind
of concealment that has frustrated European investigators in other takedowns.
Europe’s Boiler-Room Busts
Keep Growing
European
police have been pulling these call-center networks apart at a steady clip, and
the totals keep climbing. In November, Cypriot, French and Belgian authorities arrested seven people over a Limassol operation said to
have turned over close to €1 billion in five years.
A month
later, a Europol-coordinated action broke up a network accused of laundering more
than €700 million, one that leaned on deep-fake celebrity ads to reel in
victims.
Spanish
investigators dismantled a €460 million ring earlier in 2025, part of a run of
cases that stretched from the Canary Islands to shell companies in Hong Kong.
An older
German case reached €89 million across roughly 33,000 victims. The
Dutch-Belgian network stood out for its pace rather than its headline total, an
estimated €100 million a month at its peak, run by a payroll of more than 700
that made it look closer to a mid-sized company than a back-room scam.
How the Money Disappeared
The
playbook, as police describe it, changed little from earlier schemes. So-called
advisers spent weeks or months building a rapport with targets, often by phone,
before steering them toward what looked like a professional trading platform.
First
deposits were small and appeared to turn a quick profit. The dashboards victims
logged into looked convincing, but no money was ever invested.
As trust
grew the sums grew with it, much of it moved in cryptocurrency, until the funds
simply landed with the operators. The small-deposit, fake-profit hook has been
a fixture of these frauds for years, Europol has noted in earlier cases.
For
victims, the collapse was abrupt. One Dutch victim, identified only as Alex,
said that when he tried to withdraw, “all contact was suddenly cut
off.” He described the moment he understood the savings were gone as
watching the life he had planned come apart.
A Second Scam Aimed at the
Same Victims
There is a
sting in the tail. Police warned that victims who pull out are sometimes
approached by a so-called recovery firm promising to claw back their money for
an upfront fee, an outfit that in many cases belongs to the same criminal
group.
That
double-dip is a well-worn tactic. Spanish police last year described a gang
that hit the same victims three times, posing first as investment
managers, then as recovery agents, then as officials demanding tax before
releasing funds.
For now,
Dutch prosecutors have the alleged organizer in custody on a 14-day detention
order and say more arrests may follow. The financial investigation, including
efforts to trace and freeze assets, is still going on.
