Arrests made and thousands of victims contacted after scammer site taken offline

A UK-founded website used to defraud victims on an industrial scale has been infiltrated – leading to scores of arrests around the world, the Metropolitan Police has said.

As many as 70,000 UK victims were tricked by the site’s scams, which obtained 480,000 card numbers and 64,000 PINs globally.

Law enforcement agencies have arrested 37 suspects across the UK and around the world, including at Manchester and Luton airports, as well as in Essex and London.

Phishing is a form of scam where attackers deceive people into revealing sensitive information by masquerading as a legitimate person.

Criminal subscribers were able to log on and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.

LabHost even provided templates and an easy to follow tutorial allowing would-be fraudsters with limited IT knowledge to use the service.

At the end of the tutorial, a robotic voice told fraudsters: “Stay safe and good spamming.”

By the beginning of 2024, more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee.

LabHost provided its subscribers with fake profiles for 170 companies to trick victims, including 47 based in the UK.

A website seizure notice on LabHost (Metropolitan Police/PA)
A website seizure notice on LabHost (Metropolitan Police/PA)

Since creation, the site has received just under £1 million in payments from criminal users.

Shortly after the platform was seized and disrupted, 800 users received a message telling them that police “know who they are and what they’ve been doing”.

Police hope they can dissuade former LabHost subscribers from further offending by creating the same level of fear about their information as their victims.

As part of Operation Stargrew, detectives have contacted up to 25,000 victims in the UK to tell them their data has been compromised.

Work began in June 2022 after detectives received crucial intelligence about LabHost’s activity from the Cyber Defence Alliance – a group of British-based banks and law enforcement agencies which work together to share intelligence.

LabHost scammer site
Some of the equipment seized (Metropolitan Police/PA)

Dame Lynne Owens, deputy commissioner of the Metropolitan Police Service, said: “You are more likely to be a victim of fraud than any other crime.

“In addition to the financial impact, it undermines the public’s confidence in the tools and technology they need to use in daily life. Our collective approach should ensure suspects feel that same level of distrust in their own criminal environment.

“Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.

“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source.

“Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.”

A screengrab from the subscription page
A screengrab from the subscription page (Metropolitan Police/PA)

“Together with cyber crime, it makes up around 50% of all crime in England and Wales. Recognising the scale and nature of the threat, law enforcement are working evermore closely together, both here and overseas, to target the fraudsters and the technology they are exploiting.

“This operation again demonstrates that UK law enforcement has the capability and intent to identify, disrupt and completely compromise criminal services that are targeting the UK on an industrial scale.”

– Advertisement –
– Advertisement –