Police bust global cyber gang accused of industrial-scale fraud
-
Published
Police have taken down a gang accused of using a technology service that helped criminals use fraudulent text messages to steal from victims.
They have arrested 37 people worldwide and are contacting victims.
Officers say younger people who grew up with the internet were the most likely to fall for the âphishingâ scam.
The technology allowed scammers without technical skills to bombard victims with messages designed to trick them into making payments online.
Police targeted the gangâs site, LabHost, on the dark web, which helped criminals send the messages and direct victims to fake websites appearing to be legitimate online payment or shopping services.
It had enabled the criminals to steal identity information, including 480,000 card numbers and 64,000 Pin codes, known in criminal slang as âfullz dataâ, the police said.
Detectives do not know how much money was stolen but estimate the LabHost site made nearly ÂŁ1m ($1.25m) in profits.
Metropolitan Police Deputy Commissioner Dame Lynne Owens said: âYou are more likely to be a victim of fraud than any other crime.
âOur approach is to be more precise and targeted, with a clear focus on those enabling online fraud to be carried out on an international scale.â
National Economic Crime Centre director Adrian Searle said: âTechnology is enabling crime to be delivered at scale in an almost industrial fashion.â
And LabHost had given criminals without technical skills the opportunity to âbuy them off the shelf online and use them against victims in the UK and elsewhereâ.
The arrests were the result of a two-year operation involving the Metropolitan Police, National Crime Agency, City of London Police and law-enforcement bodies in 17 countries.
In the UK, 24 suspects were taken into custody, with arrests at Luton and Manchester airports.
Worldwide, 70 properties were searched and one British man charged.
Text messages
In the UK, 70,000 victims are believed to have been tricked into giving their details online.
About 25,000, who have been identified, will be sent text messages warning them which fake online payment services and shopping sites could have taken their money.
They will be advised to go to a Metropolitan Police website for advice.
Their cases have been reported to fraud investigators.
And officers say their personal details found in a dump of data, obtained from LabHost, have been âsecuredâ.
Personalised videos
Investigators also seized the email addresses of 800 criminals paying up to ÂŁ300 a month to use the LabHost service.
And they will be sent personalised videos making clear police know who they are and what they have been doing.
The strategy, which follows advice from behavioural psychologists, is designed to undermine criminal confidence in the security of scam services offered on the dark web.
The gangâs activities were discovered in 2022 by the Cyber Defence Alliance, a small team of investigators funded by UK financial bodies to infiltrate criminal networks on the dark web.
An alliance official said: âUnless we build a network to defeat a criminal network, we are going to be overwhelmed.â
This investigation is an example of a new approach involving police, the National Crime Agency and banking security experts to target criminals offering services to other criminals.
In November 2022, police took down iSpoof, another âcrime as a serviceâ operation, which allowed criminals to cold-call victims to take their money.
Tejay Fletcher, 35, who founded the service, responsible for fraud totalling ÂŁ100m, was jailed for 13 years in 2023.
And in February 2024, the National Crime Agency took down LockBit, âthe worldâs most harmful cyber-crime groupâ, which had used ransomware attacks costing victims billions of pounds.
-
-
Published11 May 2023
-
-
-
Published5 May 2023
-
-
-
Published25 January 2021
-