By Emily Caulkett-
An estimate 70,000 brits are to receive a text from the police today, informing them that they have fallen victim to the UK’s biggest ever ‘bank spoofing’ phone fraud.
Members of the British Law Enforcement worked with Dutch law enforcement who managed to tap the website’s servers in the Netherlands to secretly listen to phone calls. At one point as many as 20 people every minute were being targeted by callers using technology bought from the site
The Met’s Cyber and Economic Crime Units co-coordinated the crackdown on iSpoof working with Europol, Eurojust, the Dutch authorities and the FBI.
Criminals who discovered about the site from adverts posted on channels on encrypted messaging app Telegram, used it to buy technology that allowed them to mask their phone number. This meant they could trick victims into thinking they were being contacted by their bank and persuade them to pass on personal details that allowed the fraudsters to steal cash.
One victim lost £3 million and the average loss among the 4,785 people who have reported being targeted to Action Fraud is £10,000. There are thought to be many more potential victims.
Of 10 million fraudulent calls made, 40% were in the United States, 35% were in the UK and the rest were spread across a number of countries. Around 70,000 UK phone numbers called by criminals who used the site will be alerted by the Metropolitan Police via text message on Thursday and Friday and asked to contact the force.
The move comes after the website iSpoof, used by 59,000 scammers across the world was shut down by police but not before an estimated 200,000 people in the UK were scammed out of at least £50 million.
Scammers paid a subscription to iSpoof to use technology that would let them appear as though they were phoning victims from banks such as Barclays, Santander, NatWest and Nationwide.
iSpoof allowed users, who all paid with Bitcoin, to disguise their real phone number so it appeared they were calling from a trusted source. This is known as ‘spoofing’.
Crooks would then trick people into handing over money or sensitive information like one-time passcodes to online bank accounts when victims answered their calls.
Of 10 million fraudulent calls made, 40% were in the United States, 35% were in the UK and the rest were spread across a number of countries. Around 70,000 UK phone numbers called by criminals who used the site will be alerted by the Metropolitan Police via text message on Thursday and Friday and asked to contact the force.
So far 120 arrests have been made ,103 in London and 17 outside the capital.
These include alleged site administrator Teejay Fletcher, 35, who was arrested in east London earlier this month and is facing criminal charges.
Police said Fletcher, who is alleged to be a member of an organised crime group, was living a “lavish” lifestyle
Subscriptions
A total of 59,000 criminals paid subscriptions of between £150 and £5,000 to use the website, making £3.2million for the site’s owners and scamming around 200,000 unsuspecting victims in the UK out of £48million.
Police say because the fraud is vastly underreported, the true amount is believed to be much higher.
The Metropolitan Police said at one point, almost 20 people every minute of the day were being contacted by scammers behind false identities.
Police investigators infiltrated the site in June 2021 and found a treasure trove of information in 70 million rows of data. Bitcoins were also tracked down.
The Met Police focused on users from the UK who spent at least £100 of Bitcoin on the site.
Over 100 people have so far been arrested, most on suspicion of fraud.
The suspected mastermind behind the site, Teejai Fletcher, 34, from East London, was arrested earlier this month and charged with a range of offences and will appear at court in two weeks’ time.
Victims who were contacted unknowingly via iSpoof will get a text today and tomorrow from the Met Police directing them online for more information about what to do next.
Met police Commissioner Sir Mark Rowley said: “The exploitation of technology by organised criminals is one of the greatest challenges for law enforcement in the 21st century.
“Together with the support of partners across UK policing and internationally, we are reinventing the way fraud is investigated.
“The Met is targeting the criminals at the centre of these illicit webs that cause misery for thousands.
“By taking away the tools and systems that have enabled fraudsters to cheat innocent people at scale, this operation shows how we are determined to target corrupt individuals intent on exploiting often vulnerable victims.”
In the UK, more than 100 people have been arrested, the vast majority on suspicion of fraud.
The Met’s Cyber Crime Unit began investigating iSpoof in June 2021 under the name Operation Elaborate.
It was created in December 2020 and had 59,000 user accounts.
Investigators infiltrated the site and began gathering information alongside international partners.
The website server was also targeted by investigators, who found it contained a “treasure trove” of information in 70 million rows of data. Bitcoin records were also traced.
Europol Executive Director Ms Catherine De Bolle said: “The arrests today send a message to cybercriminals that they can no longer hide behind perceived international anonymity.
“Europol coordinated the law enforcement community, enriched the information picture and brought criminal intelligence into ongoing operations to target the criminals wherever they are located.
“Together with our international partners, we will continue to relentlessly push the envelope to bring criminals to justice.”