- Written by Tom Simmonds
- Internal affairs correspondent
Police have busted a gang accused of using a technology service that helped criminals use fraudulent text messages to rob victims.
They have arrested 37 people worldwide and are contacting the victims.
Young people who have grown up with the internet are more likely to fall for a 'phishing' scam, officers say.
This technology allowed unskilled fraudsters to bombard victims with messages designed to trick them into making online payments.
Police targeted the gang's website, LabHost, which helped criminals send messages and direct victims to fake websites that looked like legitimate online payment or shopping services.
Police said the software enabled criminals to steal identity information, including 480,000 card numbers and 64,000 PIN codes, known in criminal parlance as “full data.”
Investigators don't know how much money was stolen, but they estimate that LabHost generated profits of up to £1 million ($1.25 million).
Metropolitan Police Deputy Commissioner, Dame Lyn Owens, said: “You are more likely to be a victim of fraud than of any other crime.
“Our approach is to be more precise and targeted, with a clear focus on those that enable online fraud to be carried out on an international scale.”
“Technology enables crime to be committed on a large scale in an almost industrial way,” said Adrian Searle, director of the National Economic Crime Centre.
LabHost gave criminals without technical skills the opportunity to “buy it off the shelf online and use it against victims in the UK and elsewhere”.
The arrests were the result of a two-year operation involving the Metropolitan Police, the National Crime Agency, the City of London Police and law enforcement agencies in 17 countries.
In the United Kingdom, 24 suspects were arrested and detained at Luton and Manchester airports.
Worldwide, 70 properties were searched and one British man was charged.
In the UK, 70,000 victims are believed to have been tricked into providing their details online.
Text messages will be sent to about 25,000 identified people, warning them that online payment services and fake shopping sites could have taken their money.
They will be advised to go to the Metropolitan Police website for advice.
Their cases have been reported to fraud investigators.
Officers say their personal details in the data dump, obtained from LabHost, have been “secured”.
Custom videos
Investigators also seized the email addresses of 800 criminals who paid up to £300 a month to use the LabHost service.
They will be sent personalized videos to show that police knew who they were and what they were doing.
This strategy, which follows advice from behavioral psychologists, aims to undermine criminals' confidence in the security of fraudulent services.
The gang's activities were discovered in 2022 by the Cyber Defense Alliance, a small team of investigators funded by UK financial bodies to infiltrate criminal networks on the dark web.
“Unless we build a network to defeat a criminal network, we will be defeated,” one coalition official said.
This investigation is an example of the new approach involving police, the National Crime Agency and banking security experts to target criminals who provide services to other criminals.
Have you fallen victim to a phishing scam originated through a text message? Share your experiences via email [email protected].
Please include a contact number if you would like to speak to a BBC journalist. You can also get in touch in the following ways:
If you are reading this page and cannot see the form, you will need to visit the mobile version of the BBC website to submit your question or comment or you can email us at [email protected]. Please include your name, age, and location with any submission.
More Stories
Stand News editors convicted in sedition case
Latest Baysail sinking: Mike Lynch’s wife ‘didn’t want to leave boat without family’ as crew investigated
WFP halts Gaza operations after repeated shooting at aid vehicle