A UK police operation has deactivated “iSpoof.cc,” an online spoofing service that allowed cybercriminals to impersonate trusted corporations in order to steal from victims. iSpoof allowed criminals to pay for software with Bitcoin.
To take down the website, Scotland Yard’s Cyber Crime Unit collaborated with international law enforcement, including the National Crime Agency and authorities in the U.S. and Ukraine.
iSpoof provided “spoofing” services, allowing paying users to mask their phone numbers with those of a trusted organization, such as banks such as Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, Natwest, Nationwide, and TSB, to carry out social engineering attacks.
According to the Metropolitan Police, iSpoof had approximately 59,000 users and caused £48 million in losses to 200,000 identified victims in the U.K. One victim lost £3 million, and the average loss reported by the 4,785 people who have been targeted by ‘Action Fraud’ is £10,000.
The Metropolitan Police said it used bitcoin payment records discovered on the site’s server to identify and arrest another 100 iSpoof users in the U.K.
Commissioner Sir Mark Rowley said, “There is something sort of slightly bizarre about this, isn’t there, which is why we’re encouraging people to actually go on to the Met Police website and they’ll find the shortcuts and links there to report this.”
Also Read: U.S. Treasury “Redesignates” Tornado Cash as a Sanctioned Entity
