In relation to cyberattacks against major retailers Marks & Spencer, Co-op, and Harrods, four people have been taken into custody. Two 19-year-old men, a third 17-year-old, and a 20-year-old woman are among those detained. They were arrested in London and the West Midlands on suspicion of money laundering, blackmail, violations of the Computer Misuse Act, and involvement in organized crime.

Although the NCA did not identify the "organized crime group" that the individuals belong to, it is thought that Scattered Spider, a decentralized cybercrime crew, is responsible for some of these attacks. Since most members of the financially motivated group are young, native English speakers, they have an advantage when trying to win over their targets by pretending to be employees and making phony calls to IT help desks. The group is well-known for using sophisticated social engineering techniques to infiltrate businesses and spread ransomware.

Owen David Flowers (also known as bo764, Holy, and Nazi) and Thalha Jubair (also known as Earth2Star and Operator) are among the 19-year-olds detained. Additionally, Jubair is accused of being a key player in the LAPSUS$ cybercrime group, which is another branch of The Com. According to Zach Edwards, a threat researcher, "nearly a dozen total members of Scattered Spider have been arrested in the last 18 months thus far." According to Carmakal, "this is a critical window for organizations to fortify their defenses against this collective. "For many defenders, their aggressive social engineering strategies and unrelenting quest for access have proven especially difficult," he continues.

According to Edwards, "it should be evident by now that law enforcement is actively pursuing those involved in these communities that support these serious, large-scale crimes." "Young people are making these phishing calls before they turn 18, thinking they are perhaps part of some get-rich-quick scheme," he claims.