Interpol concluded Operation First Light 2026, which resulted in 5,811 arrests and the seizure of $293 million in illicit assets in 97 countries and territories, according to the agency.
The operation ran from January 15 to April 30 and focused on social engineering scams, including commercial email breaches, romance scams, phishing fraud, investment fraud, and sextortion.
Investigators closed 23,715 cases, identified 15,606 suspects and froze 31,014 bank accounts. More than 142,000 victims were identified worldwide.
First Light Operation Scale 2026 and Notable Cases
Operation First Light 2026 involved handling a significant number of cases:
- 152,808 cases reviewed,
- 23,715 cases closed,
- 15,606 suspects identified,
- 31,014 frozen bank accounts and more than
- 142,000 victims identified.
Tomonobu Kaya, director of Interpol’s Anti-Corruption and Financial Crimes Center, explained that criminal syndicates often manipulate human psychology to target individuals. Kaya emphasized that no country can address these issues alone and highlighted the importance of coordinated global efforts.
In Eswatini, police arrested 82 people and dismantled an illegal online gambling and scam ring that was involved in money laundering and identity theft schemes.
Authorities confiscated 240 electronic devices and a full-scale replica of a Brazilian police station, complete with fake uniforms, signs and equipment. The scammers used the replica to make video calls, posing as the Brazilian Federal Police, convincing victims that they were under investigation and pressuring them to transfer money.
In Thailand, only two arrests uncovered a laundering operation linked to romance scams. A suspect, 20 years old, managed a cryptocurrency wallet that moved more than $122 million in ten months. This case highlights how quickly a single mule account can grow when cryptocurrencies are used to cover the tracks.
Macau authorities carried out an anti-fraud outreach campaign that led to the arrest of a resident who was being trained by scammers posing as government officials. The scammers were pressuring the individual to transfer almost $372,000 as part of a fake investigation. The police intervened before the transfer took place.
In Palau, authorities deported 22 people after discovering two scam centers operating in hotels. These centers used illegal gambling and cryptocurrency websites to target victims abroad.
Both Singapore and Oman used Interpol’s I-GRIP mechanism to block a compromised transfer of business email worth $6.6 million. The criminals had posed as suppliers to a commodities trading company based in Singapore.
How Interpol’s I-GRIP Helped Block Fraudulent Transfers
Several of the operation’s most effective interventions were based on I-GRIP, the Global Rapid Intervention Payments mechanism. I-GRIP allows member countries to request an emergency freeze of a fraudulent transfer before it is settled.
The mechanism recognizes that fraud now has no borders, and that the victim, the fraudster and the bank are often located in different countries. In such cases, a freezing order must be faster than the movement of money.
Operation First Light 2026 was funded by the Chinese Ministry of Public Security, with support from ASEANAPOL, GCCPOL and Europol.
This operation is part of a broader pattern of coordinated fraud takedowns carried out by Interpol in recent months, including Synergia III, which sank tens of thousands of malicious IP addresses, and Red Card 2.0, which led to 651 arrests across Africa.
What users should do to avoid social engineering scams
For those concerned about the types of fraud targeted by Operation First Light 2026, there are several practical steps that can help reduce exposure.
Confirm any unexpected messages claiming to come from law enforcement, government agencies, or financial institutions by communicating directly through official channels.
Avoid sending money or sharing sensitive information through unverified phone calls, video chats, or messages. Be wary of urgent fund transfer requests, especially if the caller cites custodial or investigative reasons:
- Enable two-factor authentication on financial accounts, email, and other services used for business transactions.
- Before authorizing payments, verify instructions with the supplier or business partner through a separate, pre-established channel.
- Be wary of online relationships that quickly turn into requests for money, especially if you’ve never met the other person in person.
- Always consult family or trusted advisors before sending money in response to unusual requests.
- If you suspect you have been attacked, report the incident to local authorities and, in the United States, to the Internet Crime Reporting Center at ic3.gov. Similar reporting agencies exist in most countries.
The magnitude of current fraud and what comes next
In 2025, the FTC recorded $3.5 billion in losses from imposter scams in the U.S. alone, part of a total of $16 billion reported in fraud cases nationwide, representing an increase of approximately 25% from the previous year.
The FBI estimates that cybercrime caused nearly $21 billion in losses in the United States during the same period. These figures only represent the United States.
Globally, Operation First Light 2026 covered 97 countries, and its total seizures represented a small portion of the estimated global losses due to fraud.
Social engineering attacks tend to be simple in approach and often rely on compelling scripts and a willing target rather than complex malware or zero-day exploits.
Interpol has not announced a specific timeline for follow-up operations, but the pattern of large coordinated takedowns suggests that similar efforts will continue regularly.
Users can stay informed through official Interpol announcements about upcoming operations and awareness campaigns. For individuals, being cautious about unsolicited messages, verifying information through independent channels, and delaying financial responses to urgent requests remain the most effective defense.
Financial institutions and payment services are increasingly using fraud detection tools, but the primary responsibility for avoiding social engineering scams still falls on the user.






