Judicial and law enforcement authorities in Europe, Australia, the United States, Ukraine, and Canada have taken down a website that allowed fraudsters to impersonate trusted corporations or contacts to access sensitive information from victims, a type of cybercrime known as ‘spoofing’. The website is believed to have caused an estimated worldwide loss in excess of $120 million.
In a coordinated action led by the United Kingdom and supported by Europol and Eurojust, 142 suspects have been arrested, including the main administrator of the website.
The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords. The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims.
In an international coordinated action carried out this November, 142 users and administrators of the website were arrested across the world. The main administrator of the website was arrested in the U.K. on November 6. On November 8, the website and server was seized and taken offline by U.S. and Ukrainian authorities.
The case was opened at Eurojust in October 2021 at the request of the U.K. authorities. National authorities from ten countries, including European Union Member States and third countries, supported the investigation. The Agency played a key role in facilitating the judicial cross-border cooperation among all parties involved. Two coordination meetings were hosted by Eurojust to coordinate the national investigations and to prepare for the action.
Following a request from the United Kingdom, Europol started supporting the case earlier that same summer (August 2021). Since then, Europol’s European Cybercrime Centre (EC3) has been providing continuous intelligence development to the national investigators through the Joint Cybercrime Action Taskforce (J-CAT). In addition, EC3 provided a secure platform for law enforcement to exchange large packages of evidence. In the framework of its analytical work, Europol was able to identify additional users of the iSpoof service, a number of which were already known for their involvement in other high-profile cybercrime investigations at the European level.
The following authorities took part in or supported this investigation:
- Australia: Australian Federal Police
- Canada: Royal Canadian Mounted Police – Federal Policing Cybercrime Investigation Team Toronto
- France: Cyber Criminality Unit – PPO Paris; Law Enforcement : C3N – Gendarmerie Nationale
- Germany: Bundeskriminalamt (Federal Criminal Police Office) – Cybercrime Division and Office of the Public Prosecutor General in Bamberg – Bavarian Central Office for the Prosecution of Cybercrime
- Ireland: An Garda Síochána
- Lithuania: Prosecutor General’s Office of the Republic of Lithuania; Lithuanian Criminal Police Bureau
- Netherlands: Cybercrime team Midden-Nederland and Public Prosecutor’s Office Midden-Nederland
- Ukraine: Department of cyber police of National Police of Ukraine
- United Kingdom: Metropolitan Police Service (Cyber Crime Unit), City of London Police, and Crown Prosecution Service
- United States: Federal Bureau of Investigation – Pittsburgh Division; United States Secret Service – Pittsburgh Field Office; and the United States Attorney’s Office for the Western District of Pennsylvania