Judicial and law enforcement authorities in Europe, Australia, the US, Ukraine, and Canada took down a so-called spoofing website that allowed fraudsters to impersonate trusted corporations or contacts in order to steal more than $120 million from victims.
In a coordinated action led by the UK and supported by Europol and EU judicial cooperation agency Eurojust, a total of 142 suspects were arrested, including the main administrator of the website, according to a statement posted by Europol on November 24.
The website provided a paid-for service that provided those who signed up with the ability to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords.
During the 16 months the website was live, Europol reported that the site took $3.8 million in fees, while enabling its customers to generate $120 million from illegal ‘spoofing’ campaigns.
According to the Federal Communications Commission (FCC), spoofing occurs when a caller deliberately falsifies the information transmitted to a person’s caller ID display to disguise their identity. However, spoofing techniques have become increasingly sophisticated, meaning these attacks now come in many forms, including via email, websites, and text messages.
Criminals using this technique will often pose as legitimate, trusted organisations, such as banks or well-known internet businesses, to convince victims to hand over valuable personal information such as passwords, credit cards or bank information.
UK law enforcement first requested help from Eurojust in October 2021, with the investigation ultimately gathering support from a further 10 countries.
International coordinated action carried out on November 2022 resulted in website users and administrators arrested across the world, while the main administrator of the website was arrested in the UK on November 6. On November 8, the website and server were seized and taken offline by US and Ukrainian authorities.
International cooperation needed to combat fraud
In comments published alongside Europol’s statement announcing the takedown of the website, London’s Metropolitan Police Commissioner, Mark Rowley, stated that the exploitation of technology by organised criminals is one of the greatest challenges for law enforcement in the 21st century, but, with the “support of partners across UK policing and internationally," the Metropolitan Police is “reinventing” the way fraud is investigated.
“Met is targeting the criminals at the centre of these illicit webs that cause misery to thousands," he said. "By taking away the tools and systems that have enabled fraudsters to cheat innocent people at scale, this operation shows how we are determined to target corrupt individuals, intent on exploiting often vulnerable people."
In September, the UK’s National Cyber Security Centre (NCSC) published guidance aimed at helping businesses protect their brand from being exploited online, with specific focus on the removal of malicious content, such as phishing sites, which spoof well-known retailers to exploit brands and customers.
“The better-known your brand is, the more likely someone will try to exploit it. This misuse can appear across many platforms including online adverts, social media accounts, email, SMS and phone calls,” the NCSC wrote.
In its guidance, the NCSC advises businesses contact the hosting companies and domain registrars whose services are being abused, or to obtain the services of a specialised takedown provider.