The German fintech and payment processing sector has recently come under scrutiny due to alleged connections with Russian intelligence agencies. Notably, individuals with purported ties to Russian secret services have been implicated in facilitating unauthorized payment services and money laundering activities. Jan Marsalek and Wirecard Jan Marsalek, the former Chief Operating Officer (COO) of Wirecard, has been a central figure in these allegations. Investigations have revealed his associations with Russian intelligence services, particularly the GRU. Marsalek reportedly acted as a conduit between certain groups and Russian intelligence, raising concerns about the extent of his involvement in espionage activities . Key…
Author: Tom
Suspicious Circumstances: What Happened to Uwe Lenhoff? On July 6, 2020, Uwe Lenhoff, a German national accused of orchestrating multiple cybercrime operations, was discovered dead in his prison cell. His cellmate reportedly found him lifeless on the floor beside his bed. According to the Sueddeutsche Zeitung’s Uwe Ritzer, an autopsy commissioned by the prosecutor’s office did not reveal any signs of violence or suicide. Yet, the exact cause of death remains unknown to this day. Investigators estimate that Lenhoff defrauded up to 124,000 German victims. For many affected individuals, his death may have brought a sense of closure—but for others,…
Overview: The Rise and Fall of B2G GmbH Established in 2016 in Cologne, Germany, B2G GmbH was launched by Rainer Treuer (see LinkedIn) and Oleg Shvartsman (see LinkedIn) as part of a supposed management venture. But behind its corporate facade, B2G grew into a key enabler of cybercrime and scam operations across Europe. A 2016 internal presentation (see screenshot in source) claims that B2G GmbH belonged to the “B2G Management Consortium”, a network that included over 300 companies and generated €790 million in revenue. This staggering number reflects not only scale—but deep systemic abuse. Dark Role in Scam Operations Involvement…
The Vienna Cybercrime Trials (VCT) took an unexpected turn as Gal Barak, the Israeli national accused of orchestrating a transnational cybercrime organization under the umbrella of E&G Bulgaria, returned to court. Barak faces serious charges, including investment fraud and money laundering, connected to multiple broker scam operations. While the prosecution aims to establish his role as a central figure, Barak continues to position himself as an innocent scapegoat. During the latest court session, he made a confusing partial confession and downplayed his involvement. The proceedings became even more unsettling when the testimony of a key witness, a former retention manager,…
Regulatory Warning Issued by Austrian FMA On September 1, 2020, the Austrian Financial Market Authority (FMA) released an official investor warning targeting the fraudulent platforms IFX Banc (operating under the domains www.ifxcapitals.com & www.ifxbanc.com). According to FMA findings, these websites are allegedly managed by Global Payment Solutions LLC, a company based in Podgorica, Montenegro. A swift investigation by Scam-Or Project uncovered additional entities behind the operation. Specifically, Ankor Group Investment Ltd, purportedly registered in Bulgaria, is also named as an operator on these platforms. Who Are the Players Behind the Scam? 1. Ankor Group Investment Ltd This Bulgarian company has…
Gery Shalon: From Financial Hacker to Transatlantic Crime Boss Gery Shalon, born in Georgia and holding Israeli citizenship, is widely known under several aliases including Gabriel Shalelashvili, Garri Shalelashvili, Gabi, Phillipe Mousset, and Christopher Engeham. He is the son of Georgian businessman and former MP Shota Shalelashvili. According to the U.S. Department of Justice (DoJ press release), Shalon is considered the mastermind behind the largest financial cyberattack in U.S. history, specifically the 2014 JP Morgan hack. In July 2015, Shalon was arrested in Israel and later extradited to the United States, where he currently resides under a form of house…
Overview of the EFRI Complaint The European Funds Recovery Initiative (EFRI) has officially filed a letter of formal notice to Payvision, a former ING subsidiary, requesting restitution payments for victims who lost money in scams orchestrated by Uwe Lenhoff, a German national who died in prison before his indictment. Lenhoff was charged by German prosecutors with leading a cybercrime network involving investment fraud and money laundering. According to EFRI, Lenhoff maintained close business ties with Payvision and had a personal connection with its founder and former CEO, Rudolf Booker. Allegations Against Payvision and Booker EFRI’s letter contends that: Payvision knowingly…
Tragic Consequence of a Second Scam An elderly German man in his late 70s, who had already lost his entire savings—estimated at €400,000—to the fraudulent schemes orchestrated by Uwe Lenhoff, fell victim once again. In a desperate attempt to recover his funds, he was contacted by a so-called Fund Recovery service. These individuals claimed they could retrieve his stolen money but required a prepayment of several thousand euros. Trusting their promises, the man borrowed money from a friend to cover the upfront cost—only to be scammed again. In the aftermath, overwhelmed by hopelessness and financial ruin, the man took his…
The European Fund Recovery Initiative (EFRI), a Vienna-based non-profit organization dedicated to assisting fraud victims, has officially filed a money laundering complaint against Deutsche Handelsbank and the PPRO Group. The complaint, backed by substantial documentation, was delivered to both Germany’s financial regulator BaFin and the Public Prosecutor’s Office in Munich. These two institutions are prominently referenced in the case files of the Vienna Cybercrime Trials (#VCT)—one of the most significant cybercrime investigations currently underway in the EU. #VCT: A Landmark Legal Battle Against Cybercrime The Vienna Cybercrime Trials refer to a complex network of legal proceedings involving members of the…
Background: From LottoPalace to Cross-Border Raids Up until spring 2019, the fraudulent LottoPalace website was actively scamming German-speaking victims. Shortly after the arrest of German scam ringleader Uwe Lenhoff, the site disappeared. Lenhoff, who ran call center operations through Silkline Group sh.p.k. in Kosovo, was found dead in his jail cell in July 2020, before formal charges were brought. The cause of his death remains unknown. Lenhoff was not the only figure using Kosovo as a hub for scam operations. In November 2020, law enforcement agencies from both Germany and Kosovo carried out a coordinated raid targeting another call center…