UK police lift lid on largest ever counter-fraud operation

UK police lift lid on largest ever counter-fraud operation

Metropolitan Police Commissioner Mark Rowley said the operation was the force's largest against fraud
Metropolitan Police Commissioner Mark Rowley said the operation was the force's largest against fraud. Photo: CARL DE SOUZA / POOL/AFP
Source: AFP

UK police on Thursday said their biggest ever counter-fraud operation had disrupted an international criminal network targeting hundreds of thousands of victims in millions of spam phone calls.

The Metropolitan Police, which spearheaded the 18-month global probe into the iSpoof.cc website, has arrested over 100 people in recent weeks, including one of its alleged London-based administrators.

Working with Europol, the FBI and other law enforcement worldwide, suspects were nabbed in the Netherlands, Australia, France and Ireland, while servers were shuttered in the Netherlands and Ukraine.

UK police believe organised crime groups are linked to the website and its tens of thousands of users, who could access software tools on it to help illicitly obtain victims' bank account funds and commit other fraud.

Met Commissioner Mark Rowley said the investigation signalled "a different approach" to criminals exploiting technology.

"This is about starting from the organised criminals that actually drive and create the fraud that we see in the world around us," he told reporters.

Read also

French aid groups in disarray after latest Mali bustup

PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!

Industrialised fraud

The London force -- the UK's largest -- said in the year to August, suspects paid to access the website and make more than 10 million fraudulent calls worldwide.

Around 40 percent were in the United States, while more than a third were in the UK targeting 200,000 potential victims there alone.

Fraud detection agencies have so far recorded £48 million ($58 million) in losses in the UK alone, with the largest single theft £3 million and the average £10,000.

"Because fraud is vastly under-reported, the full amount is believed to be much higher," the Met said.

Those behind the site earned almost £3.2 million from it, the force added.

Only around 5,000 British victims have so far been identified.

Read also

Foreign university students sold 'dreams' in north Cyprus

However, the Met's investigation has yielded the phone numbers of more than 70,000 potential victims who have yet to be contacted.

The force will attempt to reach them over the next two days, sending text messages directing those contacted to its website where details can be safely logged.

"What we're doing here is trying to industrialise our response to the organised criminals' industrialisation of the problem," Rowley added.

'Operation Elaborate'

The iSpoof website -- described as "an international one stop spoofing shop" -- was created in December 2020 and at its peak had 59,000 users paying between £150 and £5,000 for its services, according to the Met.

Detectives said subscribers to the spoofing site could pay in Bitcoin
Detectives said subscribers to the spoofing site could pay in Bitcoin. Photo: Armend NIMANI / AFP/File
Source: AFP

It enabled subscribers, who could pay in Bitcoin, to access so-called spoofing tools which made their phone numbers appear as if they were calling from banks, tax offices and other official bodies.

Some of the UK's biggest consumer banks -- including Barclays, HSBC, Santander, Lloyds, Halifax -- were the mostly commonly imitated.

Read also

Mali peacekeeping force in the balance as countries withdraw

Combined with customers' bank and login details illegally obtained elsewhere online, the criminals were then able to defraud their victims.

"They would worry them (about) fraudulent activity on their bank accounts and tricked them," explained Detective Superintendent Helen Rance, who leads on cyber crime for the Met.

She noted that people contacted would typically be instructed to share six-digit banking passcodes allowing their accounts to be emptied.

The Met launched "Operation Elaborate" in June 2021, partnering with Dutch police who had already started their own probe after an iSpoof server was based there.

A subsequent server operating in Kyiv was shuttered in September, while the site was permanently disabled on November 8.

The previous day the Met had charged Teejai Fletcher, 34, of east London, with fraud and organised crime group offences.

He remains in custody and will next appear in a London court on December 6.

"It's fair to say that he was living a lavish lifestyle," Rance said, noting the investigation remained ongoing.

Read also

Twitter fate in doubt as employees defy Musk ultimatum

"Instead of just taking down the website and arresting the administrator, we have gone after the users of iSpoof," she added.

Two other suspected administrators outside the UK remain at large, the Met noted.

Source: AFP

Authors:
AFP avatar

AFP AFP text, photo, graphic, audio or video material shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium. AFP news material may not be stored in whole or in part in a computer or otherwise except for personal and non-commercial use. AFP will not be held liable for any delays, inaccuracies, errors or omissions in any AFP news material or in transmission or delivery of all or any part thereof or for any damages whatsoever. As a newswire service, AFP does not obtain releases from subjects, individuals, groups or entities contained in its photographs, videos, graphics or quoted in its texts. Further, no clearance is obtained from the owners of any trademarks or copyrighted materials whose marks and materials are included in AFP material. Therefore you will be solely responsible for obtaining any and all necessary releases from whatever individuals and/or entities necessary for any uses of AFP material.