Over 20,000 hours of phone calls and tens of thousands of screen recordings have uncovered the sophisticated operations of two large-scale boiler room call centre groups that swindled hundreds of millions of dollars from thousands of victims.

An anonymous source leaked two sets of internal data from call centres—one about 1.14 terabytes from Georgia and the other 765 gigabytes from another group operating from Bulgaria, Cyprus, and Spain but controlled from Israel—to an investigative group comprising the Organized Crime and Corruption Reporting Project (OCCRP), Swedish Television (SVT), and 30 other media partners.

Two Massive Boiler Room Scams

The operation in Georgia had three offices in Tbilisi, the country’s capital. As of April 2024, it had about 85 employees.

The other operation was significantly larger, consisting of three main business units, each with its own management structure, and operating from at least seven offices across Israel, Bulgaria, Ukraine, Spain, and Cyprus. It ran with at least 480 people as of August 2023. The operation appeared to be directed by a management team in Tel Aviv.

Although separate, both scam operations pushed fraudulent investment products to victims, mostly in high-income countries. According to the leaked data, almost half of the attempted calls targeted UK numbers, followed by Canada and Spain.

Courtesy: The Guardian

The victims included a former London Stock Exchange employee, who suffered the highest individual loss of £162,000; a 61-year-old woman who transferred £100,000 from her pension pot; and a 74-year-old former NHS doctor who lost £50,000.

While the Georgian operation received $35.3 million from over 6,000 people between May 2022 and February 2025, the Israeli/European operation siphoned at least $247 million from nearly 27,000 victims between January 2021 and December 2024.

However, the platforms through which the scammers transferred the money were not entirely undetected. The UK's Financial Conduct Authority (FCA) had flagged multiple platforms. Interestingly, several individuals connected to the Cyprus hub of the scam network previously worked for companies that had faced administrative fines from the Cyprus Securities and Exchange Commission (CySEC), the financial regulator on the island, according to the Financial Mirror. However, none of the companies tied to the latest scam network held CySEC licences.

The Flow of Money

To receive the proceeds, scammers preferred digital banks over commercial banks, which usually have stronger security measures to flag such transactions.

Revolut was the most used platform. According to The Guardian, 154 out of 1,000 victims whose bank details appeared in spreadsheets from the Georgian operation had used this platform. Although Revolut and other platforms occasionally blocked transactions, advisors at the scam operations were carefully guided on how to bypass such restrictions and successfully transfer the funds.

Courtesy: The Guardian
Courtesy: The Guardian

The trail of these monetary transactions disappeared in places, and the ultimate beneficiaries remain hidden.

Source: Finance Magnates