rss-bridge 2025-12-29T00:00:00+00:00

Trend Micro's Pivotal Role in INTERPOL's Operation Sentinel: Dismantling Digital Extortion Networks Across Africa

Continuing a Legacy of Successful Collaboration

---

Cyber Crime

Trend Micro's Pivotal Role in INTERPOL's Operation Sentinel: Dismantling Digital Extortion Networks Across Africa

Continuing a Legacy of Successful Collaboration

By: Trend Micro

Dec 29, 2025

Read time: ( words)

[Image: Share]

[Image: Print]

Save to Folio

---

Continuing a Legacy of Successful Collaboration

In yet another successful partnership between Trend Micro and INTERPOL, Operation Sentinel has delivered a devastating blow to digital extortion networks across Africa, resulting in 574 arrests and the recovery of USD 3 million. This operation builds upon our established track record of successful joint operations, including Operation Serengeti, Operation SECURE, and Operation Synergia, demonstrating the continued effectiveness of public-private partnerships in combating cybercrime.

Mapping the Threat Landscape

Trend Micro's threat intelligence made a critical contribution to Operation Sentinel by conducting an extensive analysis of digital extortion campaigns originating from and targeting the Africa region. Through advanced threat detection and analysis capabilities, our researchers achieved remarkable results:

- Identified over 2,700 malicious infrastructures and IP addresses actively used to orchestrate and send digital extortion emails targeting victims in the Africa region

- Detected more than 43,000 digital extortion email attempts sent from the identified IP addresses belonging to the Africa region

These numbers represent more than just statistics – they represent thousands of potential victims protected and criminal networks exposed through meticulous cyber threat intelligence gathering and analysis.

[Image: Language distribution analysis]

Figure 1. Language distribution analysis of digital extortion email subjects

One of the most revealing insights from Trend Micro's analysis was the linguistic patterns employed by cybercriminals. The data reveals a sophisticated understanding of target demographics:

- Key Language Findings:

- English (48.1%) and Portuguese (47.8%) dominated the extortion campaigns, accounting for nearly 96% of all malicious communications

- German (3.0%) presence suggests potential targeting of European businesses with African operations

- Minor presence of Polish (0.7%) and Czech (0.3%) indicates the global reach of these criminal networks

These personalized threats demonstrate the sophisticated social engineering tactics used to intimidate victims into compliance.

[Image: Regional distribution]

Figure 2. Regional distribution of detected digital extortion campaigns with senders from Africa

The regional distribution analysis reveals the truly global nature of these criminal operations:

- Regional Impact Breakdown:

- Americas: 64.62% - The largest target region, indicating significant cross-continental criminal activity

- Europe: 24.90% - Substantial targeting of European entities, likely due to perceived higher financial capabilities

- APAC: 9.56% - Growing focus on Asia-Pacific markets

- MENA: 0.80% - Regional targeting within the Middle East and North Africa

- Africa: 0.13% - Interestingly low intra-regional targeting, suggesting criminals primarily focus on wealthier external markets

Building on Success: The Path Forward

As we continue to support INTERPOL and law enforcement agencies worldwide, the message to cybercriminals remains clear: the global community stands united against digital extortion and cybercrime. Through our ongoing partnership, we are not just responding to threats – we are actively disrupting criminal networks and building a safer digital world for everyone.