Danish financial regulators and the National Police (NSK) have jointly warned of a sprawling criminal operation exploiting multiple digital attack vectors—a case study in how organized crime networks are adapting to Scandinavian digital infrastructure.

The campaign operates through several coordinated methods. Initial contact typically arrives via automated robocalls using spoofed Danish phone numbers (+45) with synthetic voices or callers with foreign accents impersonating police officers. The fraudsters falsely claim to be investigating criminal cases and request sensitive information: CPR numbers (Denmark's equivalent to social security numbers), banking credentials, or MitID login codes—the country's mandatory two-factor authentication system.

Parallel to direct contact attempts, criminal networks deploy "silent calls"—incoming calls with no audio—to verify which phone numbers are active. Confirmed numbers are then sold to larger criminal networks for targeted phishing attacks, illustrating the industrial-scale organization behind the fraud.

The phishing phase involves messages impersonating major Danish banks or MitID support services. These communications include manipulated phone numbers and links to counterfeit portals designed to mirror legitimate banking and authentication interfaces. Once victims access these fake sites, they are often socially engineered into downloading remote access software under the pretense of "screen sharing assistance"—granting criminals complete control over their devices and financial accounts.

**AI-Generated Extortion**

Most alarming is the campaign's integration of artificial intelligence for sextortion purposes. Criminal networks are using AI to generate explicit deepfake imagery of victims, then demanding payment under threat of distributing the fabricated content to contacts and family members. This tactic exploits psychological vulnerability alongside technical deception: victims often cannot immediately prove the images are fabricated, and shame frequently prevents reporting.

Danmark Finanstilsynet (Denmark's Financial Supervisory Authority) has emphasized that even digitally literate and cautious customers have fallen victim—indicating the sophistication of social engineering and technical execution. Financial losses per victim reportedly reach tens of thousands of Danish kroner (approximately €2,500–€6,700 USD).

**International Significance**

The Danish case reflects a broader trend across Nordic and Northern European nations, where well-organized criminal syndicates exploit sophisticated digital infrastructure. Denmark's high digital integration—including mandatory MitID authentication and widespread mobile banking—creates both efficiency for citizens and targets for criminals who understand these systems intimately.

Similar campaigns have been documented in neighboring Sweden and Norway, suggesting cross-border criminal networks adapting tactics to Scandinavian regulations and banking protocols. The use of voice cloning and deepfake technology represents an escalation in synthetic fraud capabilities previously more associated with targeted business email compromise schemes.

**Official Response**

Danish authorities have advised citizens to:

- Reject unsolicited calls and verify callers independently using known phone numbers - Never share CPR numbers, banking information, or MitID credentials in response to calls or messages - Treat links in SMS and email messages with extreme skepticism, particularly those claiming to originate from banks or government agencies - Be aware that legitimate institutions will never request authentication codes via phone or email

The Financial Supervisory Authority has also flagged the difficulty in detecting and preventing these attacks at the institutional level, given that victims often voluntarily provide credentials or install malware.

The case underscores a critical gap in digital security awareness: technological sophistication among users does not guarantee immunity to social engineering, particularly when criminals combine voice synthesis, AI-generated content, and institutional impersonation. For Denmark and other high-digitalization societies, the warning serves as a reminder that infrastructure security alone cannot prevent human-centered fraud at scale.