Police forces have made 94 arrests in a large-scale law enforcement operation against phishing and ransomware.

The effort, codenamed Operation Synergia III, ran from July, 18 2025 to January 31, 2026.

It was coordinated by Interpol and involved law enforcement units from 72 countries as well as private sector partners, including Group-IB, Trend Micro and S2W.

In a March 13 announcement, Interpol said the operation led to the seizure of 212 electronic devices and servers, the takedown of 45,000 malicious IP addresses and the arrest of 94 people, with another 110 individuals still under investigation.

While several investigations remain ongoing across participating countries, early reports from key cases highlight the diverse and sophisticated criminal tactics uncovered during the operation.

Cybercrime Rings Dismantled from Togo to Macau

Operation Synergia III targeted a wide range of cybercriminal activities, including fraudulent websites, phishing campaigns, malware distribution, ransomware attacks, romance scams and credit card fraud schemes.

The malicious domains and servers seized were often used by criminals to impersonate financial institutions, government platforms and legitimate services in order to steal personal information and financial data from victims.

In Macau, China, law enforcement identified over 33,000 phishing and fraudulent websites, many of them linked to fake casinos and spoofed versions of official bank, government and payment service platforms.

Meanwhile, authorities in Togo dismantled a fraud ring operating from a residential area, arresting 10 suspects involved in a range of cybercrimes.

Some members of the fraud ring specialized in technical attacks, such as hacking social media accounts, while others ran social engineering schemes, including romance scams and sextortion.

In Bangladesh, police arrested 40 suspects and seized 134 electronic devices tied to a variety of cybercrime schemes, from loan and job scams to identity theft and credit card fraud.

Read more: Ghanaian Pleads Guilty to Role in $100m Romance Scam

Public-Private Partnership Against Cybercrime

Interpol said its role was to transform data into actionable intelligence, facilitate cross-border collaboration and provide tactical operational assistance to member countries.

The private partners helped law enforcement agencies track illegal cyber activities and identify malicious servers.

In a separate statement, also published on March 13, Group-IB confirmed it shared information on phishing domains, hosting infrastructure and servers which distributed malware such as infostealers. The information shared helped investigators identify and disrupt cybercriminal infrastructure across multiple jurisdictions.

Dmitry Volkov, CEO of Group-IB, said, “[Operation Synergia III] demonstrates how close cooperation between law enforcement agencies and private-sector partners can significantly disrupt [cybercriminal] networks.”

“By sharing intelligence on malicious infrastructure and attacker tactics, Group-IB remains committed to supporting global efforts to dismantle cybercrime operations and protect organizations and individuals worldwide,” he added.

Operation Synergia III is named after two similar cybercrime takedowns coordinated by Interpol in 2023 and 2024.

Read now: Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning