The international law enforcement operation known as Trident is starting to have ripple effects in the fraud underground. Like the Darknet operation in October 2008, it is certainly a milestone in the minds of Cybercriminals, who feel less safe and anonymous.

At least for a while.

At first the fraud community shrugged off the arrests as an attempt by the Scotland Yard and FBI to clamp down on money mules, as is evident in the attached screenshot from one of the leading fraud forums.

But if you read down the message posts, you’ll see fraudsters being skeptical whether the arrests were just limited to mules. “That’s what they SAID”, warned one fraudster before the arrest of the actual Trojan operators became public news.

And another fraudster added “some people I know from Holland are arrested”.

The overall tone wasn’t cheerful. Fraudsters don’t like reading about arrests: it’s bad for business. It shows that you can’t hide behind a veil of anonymity, and that everyone can make mistakes. The scale of the law enforcement operation, as well as previous high-profile arrests like the one of BadB, demonstrated to the fraud community that the good times where police was clueless and helpless are over, and from now on people should be extra careful.

It’s clear that such operations will not topple the fraud community: it’s too distributed. It’s also clear that it will drive some natural selection – survival of the fittest – in the fraud community. That’s part of the game in such investigations: the next one is always more difficult, and requires more creativity and more international collaboration, sense of urgency and ‘gloves off’ policy.

For now, let us just enjoy the ripples in the underground for as long as they last.