In early 2019, an organised crime group (OCG) based in Romania began targeting unsuspecting bank customers in Lithuania and Estonia. Through so-called phishing messages that included links to counterfeit bank websites, victims were lured into providing their access credentials online.