100-plus arrests made in UK’s biggest-ever counter fraud operation

The scammers posed as representatives of banks including Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, NatWest, Nationwide and TSB. Scotland Yard’s Cyber Crime Unit worked with international law enforcement, including authorities in the US and Ukraine, to dismantle the website. This was a crucial phase in a worldwide operation, which has now been running out of the public eye since June last year in targeting a suspected organised crime group.

iSpoof enabled criminals to appear as if they were calling from banks, tax offices and other official bodies as they attempted to defraud victims. Those victims are believed to have lost tens of millions of pounds, while those behind the site earned almost £3.2 million in one 20-month period.

Detective Superintendent Helen Rance, who leads on cyber crime for the Metropolitan Police Service, explained: “By taking down iSpoof, we have prevented further offences and stopped fraudsters targeting future victims. Our message to criminals who have used this website is that we have your details and are working hard to locate you, regardless of where you are.”

Metropolitan Police Service Commissioner Sir Mark Rowley commented: “The exploitation of technology by organised criminals is one of the greatest challenges for law enforcement in the 21st Century. Together with the support of partners across UK policing and internationally, we are reinventing the way in which fraud is investigated. The Metropolitan Police Service is targeting the criminals at the centre of these illicit webs that cause misery for thousands.”

Rowley added: “By taking away the tools and systems that have enabled fraudsters to cheat innocent people at scale, this operation shows precisely how we are determined to target corrupt individuals intent on exploiting often vulnerable victims.”

Co-ordinated operation

The Metropolitan Police Service’s Cyber and Economic Crime Units co-ordinated the operation with the National Crime Agency, Europol, Eurojust, the Dutch authorities and the FBI. Here in the UK, more than 100 individuals have been arrested, the clear majority of them on suspicion of fraud.

iSpoof allowed users, who paid for the service in Bitcoin, to disguise their phone number so it appeared that they were calling from a trusted source. This process is known as ‘spoofing’. Such criminals attempt to trick people into handing over money or providing sensitive information such as one-time pass codes to bank accounts. The average loss from those who reported being targeted is believed to be £10,000.

In the 12 months until August this year, around ten million fraudulent calls were made globally via iSpoof, with circa 3.5 million of those made in the UK.

Of those, 350,000 calls lasted for more than one minute and were made to 200,000 individuals.

Losses reported to Action Fraud as a result of the calls and texts via iSpoof are in the region of £48 million. Due to the fact that fraud is vastly underreported, the full amount is believed to be much higher.

The Metropolitan Police Service, which has also worked closely with the Cyber Defence Alliance and UK Finance, is asking anyone who believes they were contacted as part of a scam where a number was spoofed to report this online via Action Fraud.

Beginning of the investigation

The Metropolitan Police Service’s Cyber Crime Unit began investigating iSpoof in June last year under the name of Operation Elaborate. A wave of UK arrests followed with details of other suspects passed on to law enforcement partners in Holland, Australia, France and Ireland.

iSpoof was created in December 2020 and had 59,000 user accounts. Investigators infiltrated the site and began gathering information alongside international partners. The website server contained a treasure trove of information in 70 million rows of data. Bitcoin records were also traced.

Given that the pool of 59,000 potential suspects is so large, investigators are focusing initially on UK users and those who’ve spent at least £100 of Bitcoin to use the site. Earlier this month, the suspected organiser of the website was arrested in East London and has been charged with a range of offences while being remanded in custody.

There are more than 70,000 numbers that have been contacted via iSpoof which the Metropolitan Police Service has linked to an identified suspect.

European perspective

Eurojust president Ladislav Hamran commented: “As cyber crime knows no borders, effective judicial co-operation across jurisdictions is key in bringing its perpetrators to court. Eurojust supports national authorities in their efforts to protect citizens against online and offline threats, and also to help see that justice is done.”

Europol executive director Catherine De Bolle added: “The arrests send a message to cyber criminals that they can no longer hide behind perceived international anonymity. Europol co-ordinated the law enforcement community, enriched the information picture and brought criminal intelligence into ongoing operations to target the criminals wherever they are located. Together with our international partners, we will continue to relentlessly push the envelope to bring criminals to justice.”

Commander Nik Adams from the City of London Police explained: “As the national lead force for fraud, we have co-ordinated activity across the country with other police forces and Regional Organised Crime Units to provide a response that supports the Metropolitan Police Service with its own actions and helps to make this operation a success. A collaborative approach has supported this operation, which is also underpinned by our work with the National Economic Crime Centre within the National Crime Agency.”

Adams concluded: “Collaborative and proactive operations like this one designed to tackle fraud are vitally important in clamping down on criminals and preventing innocent members of the public from being targeted for their hard-earned money.”