A Belgian phishing crypto arrest made on 29 June has lifted the lid on a European criminal network suspected of stealing more than €500,000 from victims through fake government emails and remote-access scams, with the alleged ringleader picked up at an Airbnb property in Antwerp after returning from Dubai. The suspect, aged 19, subsequently appeared before an investigating judge, who issued an arrest warrant. A second suspect was detained at the same address.
How the Belgian Phishing Crypto Arrest Unfolded
Belgium’s Federal Judicial Police opened the investigation in March 2026, after phishing attacks were designated a regional priority. According to police, the group sent victims fake government emails and made fraudulent phone calls, persuading them to install remote-access software. Once installed, the attackers could reach financial accounts directly.
Stolen funds were moved through money mules and cash carriers before the proceeds were converted into cryptocurrency to obscure the trail. That layering process (using cryptocurrency to convert illicit cash into harder-to-trace digital assets) is now a standard feature of organised fraud networks across Europe.
Belgium’s response is being formalised at an institutional level. The Brussels Times reports that Federal Police Commissioner-General Eric Snoeck has announced plans to establish a dedicated national anti-phishing unit, a move that signals a step up in how the country treats these crimes.
The Industrial Scale Behind Modern Phishing Networks
The Belgian case sits within a broader surge in industrialised fraud. According to CoinDesk’s coverage of the Chainalysis 2026 Crypto Crime Report, an estimated $17 billion in cryptocurrency was lost to scams and frauds in 2025. Impersonation scams alone rose more than 1,400% during that year, driven by criminal groups using artificial intelligence, ready-made phishing kits, and professional laundering networks.
One figure that helps explain the speed of escalation: Yahoo Finance’s report on the same Chainalysis data shows the average individual scam payment climbed from $782 in 2024 to $2,764 in 2025, a near-fourfold increase in a single year.
The infrastructure behind these attacks has also become cheap to access. Cybersecurity Magazine, citing Chainalysis, reports that phishing-as-a-service toolkits (pre-built packages that criminals rent to run attacks without technical expertise) can be acquired for as little as $500. One operation, the Chinese Darcula E-ZPass scheme, allegedly dispatched 330,000 phishing texts in a single day.
For a UK ISA or SIPP holder, the practical implication is direct: if you hold cryptocurrency or have linked a bank account to a crypto exchange, you are the kind of target these networks build their lists around. A realistic £10,000 crypto holding could be at risk from a single convincing fake message claiming to be from HMRC or your bank.
A Canadian Case Puts Sentences in Context
The Belgian phishing crypto arrest is not an isolated event. Last month, a Canadian man was identified as Trenton Richard David Johnston, who pleaded guilty in the United States to conspiracy to commit money laundering, according to KuCoin News. Prosecutors said Johnston had been charged at age 19 after stealing approximately $13.04 million in cryptocurrency through social engineering schemes, impersonating employees of Google, Coinbase, and hardware wallet firm Trezor.
Benzinga reports that internal messages among Johnston’s co-conspirators referenced stealing 185 bitcoin from a single target. US prosecutors have recommended a sentence of up to 63 months in prison, according to crypto.news.
Taken together, the two cases show a pattern: young actors operating inside professionally structured networks, using AI tools and cheap infrastructure to hit targets at scale, before moving proceeds through crypto to complicate recovery.
Belgian authorities have not yet released charges or confirmed whether cross-border cooperation is ongoing. The sentencing calendar in Johnston’s US case is the nearest concrete timeline to watch for signals on how prosecutors across both sides of the Atlantic are calibrating punishment for this category of crime.

