Police have arrested 37 members of a criminal gang that operated a phish-for-subcription Website that duped up to 70,000 UK victims into entering their bank details at fraudulent internet sites.
The LabHost cyber fraud site enabled criminals to log on and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.
By the beginning of 2024 more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee. Those subscribing to the ‘worldwide membership’, meaning they could target victims internationally, paid between £200 and £300 a month.
The site was busted in a joint operation co-ordinated by the Metropolitan Police's cyber crime unit with support from other law enforcement agencies and technical help from Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation and Trend Micro.
Detectives have so far established that just under 70,000 individual UK victims have entered their details into one of LabHost’s fraudulent sites. Globally, the service has obtained 480,000 card numbers, 64,000 PIN numbers, as well as more than one million passwords used for websites and other online services. The total number of victims is likely to be even higher than already established and work is ongoing to identify and support as many as possible.
Dame Lynne Owens, deputy commissioner of the Metropolitan Police Service, says: “Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.
“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source. Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.”