Source: Metropolitan Police
The UK's Metropolitan Police have disrupted an international crypto scam network in what they describe as the largest fraud operation ever carried out by force.
More than 200,000 potential victims in the UK alone have been directly targeted through the fraud website iSpoof and contacted by scammers hiding behind false identities, the Met said in a statement. The scammers involved posed as representatives of several major banks, including Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, Natwest, Nationwide, and TSB.
"Scotland Yard's CyberCrime Unit worked with international law enforcement, including the National Crime Agency and US and Ukrainian authorities, to take down the website this week," the statement said. “This was a crucial phase in a global operation, which has escaped public scrutiny since June 2021, targeting a suspected organized crime group.”
Cybercriminals used iSpoof to make it appear as if they were calling their victims from banks, tax offices, and other institutions in an attempt to scam them.
Victims of the scam are said to have lost tens of millions of pounds and the criminals behind the site made nearly 3,2 million pounds ($3,9 million) over a 20-month period, according to data released by British police. .
“The losses reported to Action Fraud as a result of calls and texts via iSpoof amount to approximately €48 million. Because the fraud is widely underreported, the total amount would be much higher," the statement read. .
The Met's cybercrime and economic crime units coordinated the effort with the National Crime Agency, Europol, Eurojust, Dutch authorities and the US Federal Bureau of Investigation (FBI).
"In the UK, more than 100 people have been arrested, the vast majority on suspicion of fraud," police said. iSpoof allowed users, who paid for the service in Bitcoin, to mask their phone number to make it appear as if they were calling from a trusted source. This process is known as 'spoofing'."
The Met's CyberCrime Unit began its investigation into iSpoof in June 2021. The site was established in December 2020 and had 59.000 user accounts. Police officers infiltrated the site and began collecting data in cooperation with their international partners. The site's server contained a treasure trove of information in 70 million rows of data. The Met has also tracked Bitcoin records.
Detective Superintendent Helen Rance, who leads the Met's cybercrime-focused efforts, said that by "removing iSpoof, we've prevented new crimes and prevented scammers from targeting future victims."
“Our message to criminals who have used this website is that we have your contact details and are working hard to locate you, wherever you are,” he said.
