German authorities, in cooperation with the financial regulator BaFin, have dismantled more than 1,400 illegal domains across Eastern Europe that were being used to orchestrate large-scale trading fraud schemes. The operation, codenamed Operation Heracles, was led by the Baden-Württemberg State Police with the participation of BaFin, Europol, and Bulgarian law enforcement agencies. Its primary objective was to dismantle networks providing access to fake online investment platforms.
Visitors to these websites were redirected to fraudulent brokers operating from foreign call centers, where operators persuaded victims to invest substantial sums, promising lucrative returns from global financial markets. In reality, the victims’ funds vanished, and the deception often went unnoticed for months.
According to BaFin, the sophistication of such scams has grown considerably. Fraudsters now employ artificial intelligence to automatically generate hundreds of cloned websites designed to mimic legitimate investment services. This approach allows them to rebuild their infrastructure rapidly after takedowns and continue ensnaring new victims.
The current crackdown follows a June operation that resulted in the closure of about 800 fraudulent domains. In the aftermath, BaFin recorded more than 20 million access attempts to those blocked sites — a testament to both the scale of public trust these schemes managed to cultivate and the persistent activity of defrauded users.
In a joint statement, the participating agencies emphasized that disabling key technical nodes had significantly weakened the operational capabilities of the criminal groups, cutting them off from critical digital tools and distribution channels for their fake platforms. However, the authorities cautioned that the investigation remains ongoing, as the perpetrators continue to adapt swiftly to new conditions and search for alternative ways to revive their schemes.