Operation Chargeback: 4.3 Million People Paid Scammers for 5 Years (And Didn't Notice)
The scheme was uncovered when victims started demanding a "cashback" for a subscription to a non-existent movie.
The scheme was uncovered when victims started demanding a "cashback" for a subscription to a non-existent movie.
An international operation, "Chargeback," has led to the exposure of a massive bank card fraud scheme that affected over 4.3 million people across 193 countries. According to investigators, the damage exceeded 300 million euros, with the potential volume of attempted thefts reaching 750 million euros.
The investigation began back in December 2020, and on November 4, 2025, an international day of action took place across multiple countries. On that day, searches were conducted at more than 60 premises, and 18 arrest warrants were executed. A total of 44 individuals from Germany and other countries are under suspicion, including executives of payment service providers, intermediaries, criminal service suppliers, and risk assessment specialists who helped cover the tracks of the fraud. In Germany alone, searches were carried out at 29 locations, with police, prosecutors, the BaFin financial supervisory authority, and tax officials arresting five suspects and seizing assets worth over 35 million euros, some of which were located in Luxembourg.
According to the investigation, from 2016 to 2021, the criminals used stolen bank card details to set up approximately 19 million fake online subscriptions on websites for adult content, dating services, and streaming video. These sites were designed to avoid indexing by search engines and remained accessible only via direct links. The charges, typically under 50 euros per month, were accompanied by confusing transaction descriptions, making them difficult for cardholders to spot.
A key element of the scheme was the infrastructure of four major German payment providers through which the illegal transactions were processed. Investigators believe that six employees of these companies, including top managers and compliance specialists, knowingly facilitated the criminal operations in exchange for compensation.
To conceal the origin of the money, the network used numerous shell companies registered in the UK and Cyprus. These firms served to launder the funds and hide the traces of the operations. So-called Crime-as-a-Service (CaaS) providers sold them ready-made corporate structures with fake directors and forged KYC documents.
The coordinated actions took place simultaneously in Germany, the USA, Canada, Singapore, Luxembourg, Cyprus, Spain, Italy, and the Netherlands. Law enforcement agencies seized documents, data storage devices, communication tools, and froze assets. The investigation involved more than 90 international requests for legal assistance to 30 countries.
Europol provided support from May 2023 onwards—supplying analytical data, assisting in tracking suspects, and coordinating the actions of national services. The seized materials are now being analyzed, and the suspects face charges of organized computer fraud, participation in a criminal organization, and money laundering.
