201 Arrested as INTERPOL Smashes MENA Cyber-Scam Cartels

INTERPOL coordinates the first massive regional cyber strike across the Middle East and North Africa, arresting 201 suspects and neutralizing cross-border phishing networks. The sweep marks a milestone for 13 nations in the region that combined forces to disrupt a surge in digital investment scams and malware deployment.

Operation Ramz targeted phishing rings, malware distribution, and fraudulent investment schemes over a six-month period that ended February 28, 2026. Law enforcement agencies identified 382 additional suspects and 3,867 victims during the offensive. Authorities seized 53 servers and exchanged nearly 8,000 pieces of intelligence to support ongoing criminal probes.

Neal Jetton, INTERPOL’s Director of Cybercrime, provided a clear assessment of the operational logic. “In a world where cybercriminals exploit the digital landscape without borders, Operation Ramz demonstrates the effectiveness of global collaboration. INTERPOL is dedicated to working with its member countries and private sector partners to take down malicious infrastructure, disrupt criminal groups and bring perpetrators to justice,” Jetton stated.

The participating nations included Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia, and the UAE. These agencies ran joint actions that exposed the intersection between physical coercion and digital theft. Jordanian police dismantled a fraudulent trading platform that relied on human trafficking. Ringleaders in Jordan coerced 15 foreign workers from Asia into operating the scam after confiscating their passports. Authorities arrested two suspected leaders for the exploitation.

Moroccan officials seized computers and hard drives containing banking credentials and phishing kits, resulting in judicial proceedings for three individuals. Algerian teams shut down a “phishing-as-a-service” platform and detained one suspect. Qatari authorities secured compromised devices used to spread malware and notified the unwitting owners.

Private-sector partners supported the regional strike by mapping the malicious infrastructure used by these syndicates. Group-IB, Kaspersky, Shadowserver Foundation, Team Cymru, and TrendAI supplied the threat intelligence required to locate malicious servers. The collaboration turned scattered local complaints into a unified regional strike against professionalized scam networks.

The exchange of 8,000 intelligence items established a new baseline for speed and cooperation in a region where criminals previously jumped jurisdictions with ease. Agencies built lasting communication channels that will remain active long after the initial raids. While 53 servers went offline, the scale of the 3,867 identified victims suggested that many more remains unreported, particularly in investment scams that prey on retail trust. The operation sent a signal that borderless risk will now be met with borderless policing.

Chain Street’s Take

Operation Ramz marks a departure from isolated enforcement by treating cybercrime as a regional infrastructure problem. The human cost revealed in the Jordanian raids proves that digital fraud often relies on old-world brutality, including human trafficking and physical coercion. For participants in the Middle East and North Africa digital economy, the message is clear: the tools of borderless finance now carry borderless risks that law enforcement is beginning to map. Coordinated hits buy the ecosystem time, but the long-term solution requires the same 13 nations to adopt even stricter verification standards and better user education to match the speed of these criminal networks.