Ukraine online safety

The Kharkiv Call-Centre Takedown Shows Judicial Cooperation, Not New EU Mandates, Is What's Cracking Ukraine's Scam Economy

Eurojust's May 26 Kharkiv bust is the third Ukraine call-centre takedown in six months — and a case study in what actually works.

Ukraine's Scam Call-Centre Crackdown, Dec 2025–May 2… People of Internet Research · Ukraine 4 Ringleaders arrested Four suspected leaders detained in… 14 Locations searched Searches carried out across Ukrain… 49 Phones seized in raid Mobile phones seized as evidence i… €10M+ Prior bust's confirmed losses A December 2025 sister operation c… peopleofinternet.com

Key Takeaways

A Recovery Scam Preying on Prior Victims

On 26 May 2026, Latvian and Ukrainian authorities, coordinated through Eurojust, carried out an action day against a fraudulent call centre in Kharkiv. Four alleged leaders of the organised crime group were arrested, five additional suspects identified, and 14 locations searched, according to Eurojust's press release. Investigators seized computers, 49 mobile phones, and vehicles.

What makes this case distinct from routine investment fraud is the victim-selection method. The call centre specifically targeted older Europeans who had already been defrauded once. Operators posed as recovery specialists, promising to retrieve victims' lost funds — then used that trust to push fabricated cryptocurrency investment offers, complete with falsified profit reports, and in some cases arranged credit agreements in victims' names without their consent. It is a second bite at an apple the fraudsters themselves had reason to believe was ripe: a victim who has already sent money once has demonstrated they can be persuaded to send it again.

The Kharkiv centre also ran its own internal security apparatus — entry-pass systems, access control, video surveillance, and polygraph screening of staff — a level of operational discipline that resembles a legitimate business more than an improvised scam shop. The joint investigation team (JIT) behind the case was only formally established at Eurojust in April 2026, meaning arrests followed roughly six weeks after the legal framework for cooperation was in place.

Part of a Pattern, Not an Isolated Bust

The Kharkiv case is the third Eurojust-backed takedown of a Ukraine-based fraud call centre in six months, and the pattern is worth tracing. On 9 December 2025, a JIT involving Czech, Latvian, Lithuanian, and Ukrainian authorities dismantled a network running call centres out of Kyiv, Dnipro, and Ivano-Frankivsk, arresting 12 of an estimated 45 suspects and confirming over €10 million in losses across more than 400 victims, per Eurojust. Workers were reportedly recruited from across the EU with commissions of up to 7% of stolen funds, according to The Record, which also reported Czech police observing that such centres are increasingly relocating closer to the front line — a deliberate bet that active-conflict zones deter Western law enforcement follow-through.

Then, on 17 February 2026, a second JIT covering Latvia, Lithuania, and Ukraine took down a Dnipro-based operation running a nearly identical fake-crypto-investment script, arresting 11 and seizing €400,000 in cash plus eight luxury vehicles, per Eurojust. OCCRP has framed these busts within a broader global pattern of scam-centre operations documented by the UN human rights office in Southeast Asia — a useful reminder that fraud infrastructure and labour exploitation often travel together, though nothing in the Eurojust releases on the Ukrainian cases specifically alleges coerced labour among the call-centre staff themselves.

The Case for More Regulation — Fairly Stated

There is a real argument that enforcement alone will not solve this. Three busts in six months, hitting different cities each time, looks like whack-a-mole: dismantle one crew and the trade migrates to the next city, the next JIT, the next six-week lag. Proponents of tighter EU rules can reasonably point to the crypto layer as the load-bearing weakness — fabricated "profits" only convert into real losses once victims are pushed toward a wallet or exchange, and if those on-ramps enforced know-your-customer checks more rigorously, the fraudulent-payout stage would be harder to execute. They can also point to the recidivism pattern: victims defrauded once are being defrauded again, which suggests stolen victim data is circulating and being resold, an argument for mandatory data-breach notification and stronger telecom SIM-registration rules to choke off the cold-calling pipeline itself.

Why the JIT Model, Not New Mandates, Is the Right Lesson

That argument proves less than it appears to. The EU already has a KYC and anti-money-laundering framework for crypto on-ramps — the Markets in Crypto-Assets Regulation (MiCA) — and the enforcement gap here is jurisdictional, not legislative: the fraud originates outside the EU, in a Ukrainian city under wartime strain, using infrastructure that doesn't touch EU-regulated exchanges until the final payout hop. No amount of additional EU platform mandate reaches an unregistered crew operating out of Kharkiv. What did reach it was a Eurojust-backed JIT that moved from formation to arrests in about six weeks, with Latvian and Ukrainian prosecutors sharing evidence and building a joint case in real time.

That is the mechanism worth investing in further: sustained EU funding for Ukraine's cyber-police capacity, more JITs like this one, and faster mutual legal assistance — not blanket age-verification, ID-check, or data-retention mandates that raise compliance costs for legitimate EU platforms and users while doing nothing to reach a call centre in Kharkiv. The three busts since December show the model working at increasing tempo. The policy question isn't whether Brussels needs new online-safety powers; it's whether Eurojust and Ukraine's prosecutors get the resources to keep the tempo up while the war continues to push this trade eastward.

Sources & Citations

  1. Eurojust — Scam call centre shut down (Kharkiv, 26 May 2026)
  2. Eurojust — Fraudulent call centres in Ukraine rolled up (Dec 2025)
  3. The Record — European police bust Ukraine-based call centers
  4. OCCRP — Eurojust-backed operation dismantles scam call center network