/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

Police bust cybercrime phishing subscription network

Police have arrested 37 members of a criminal gang that operated a phish-for-subcription Website that duped up to 70,000 UK victims into entering their bank details at fraudulent internet sites.

  1 1 comment

Police bust cybercrime phishing subscription network

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The LabHost cyber fraud site enabled criminals to log on and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.

By the beginning of 2024 more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee. Those subscribing to the ‘worldwide membership’, meaning they could target victims internationally, paid between £200 and £300 a month.

The site was busted in a joint operation co-ordinated by the Metropolitan Police's cyber crime unit with support from other law enforcement agencies and technical help from Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation and Trend Micro.

Detectives have so far established that just under 70,000 individual UK victims have entered their details into one of LabHost’s fraudulent sites. Globally, the service has obtained 480,000 card numbers, 64,000 PIN numbers, as well as more than one million passwords used for websites and other online services. The total number of victims is likely to be even higher than already established and work is ongoing to identify and support as many as possible.

Dame Lynne Owens, deputy commissioner of the Metropolitan Police Service, says: “Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.

“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source. Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.”

Sponsored [Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates

Related Company

Comments: (1)

Jamie French

Jamie French Financial Technology at Vention

Love to see it! Well done to the Met, and an even bigger well done to whoever made the call to colaborate with Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation and Trend Micro. That was smart!

[Webinar] Reaping the benefits of Hyper-Personalisation with AI and Application ModernisationFinextra Promoted[Webinar] Reaping the benefits of Hyper-Personalisation with AI and Application Modernisation