Law enforcement agencies from the United States and the Netherlands have successfully dismantled a network of 39 domains involved in business email compromise (BEC) fraud operations. The joint action, dubbed Operation Heart Blocker, targeted online marketplaces operated by a Pakistan-based group known as Saim Raza or HeartSender.
The criminal network, active since 2020, provided cybercriminals with various tools including phishing kits, scam pages, and email extractors. These tools enabled organized crime groups to conduct BEC schemes that resulted in over $3 million in losses for U.S. victims.
According to the U.S. Department of Justice, the Saim Raza group not only sold these malicious tools but also provided instructional content through YouTube videos, making cybercrime accessible to individuals lacking technical expertise.
The group, also known as The Manipulaters, maintained several branded shops across their operation, with physical presence reported in multiple Pakistani cities including Lahore, Karachi, and Faisalabad. Their services attracted thousands of customers before the shutdown.
Dutch authorities have set up a platform where users can verify if their credentials were compromised in these attacks. The takedown follows recent law enforcement actions against similar criminal marketplaces including Cracked, Nulled, Sellix, and StarkRDP.
This operation marks another success in the ongoing efforts by international law enforcement to combat cybercrime networks and protect businesses from email compromise schemes.