US authorities seize iSpoof, a call spoofing site that stole millions

An international police operation has dismantled an online spoofing service that allowed cybercriminals to impersonate trusted corporations to steal more than $120 million from victims.

iSpoof, which now displays a message stating that it has been seized by the FBI and the U.S. Secret Service, offered “spoofing” services that enabled paying users to mask their phone numbers with one belonging to a trusted organization, such as banks and tax offices, to carry out social engineering attacks.

“The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords,” Europol said in a statement on Thursday. “The users were able to impersonate an infinite number of entities for financial gain and substantial losses to victims.”

London’s Metropolitan Police, which began investigating iSpoof in June 2021 along with international law enforcement agencies, in the U.S., the Netherlands, and Ukraine, said it had arrested the website’s suspected administrator, named as Teejai Fletcher, 34, charged with fraud and offenses related to organized crime. Fletcher was remanded to custody and will appear at Southwark Crown Court in London on December 6.

iSpoof had around 59,000 users, which caused £48 million of losses to 200,000 identified victims in the U.K., according to the Met Police. One victim was scammed out of £3 million, while the average amount stolen was £10,000.

Europol says the service’s operators raked in estimated profits of $3.8 million in the last 16 months alone.

The Metropolitan Police said it also used bitcoin payment records found on the site’s server to identify and arrest a further 100 U.K.-based users of the iSpoof service. The site’s infrastructure, which was hosted in the Netherlands but moved to Kyiv earlier in 2022, was seized and taken offline in a joint Ukrainian-U.S. operation earlier this month.

Police have a list of phone numbers targeted by iSpoof fraudsters and will contact potential victims via text on Thursday and Friday. The text message will ask victims to visit the Met’s website to help it build more cases.

Helen Rance of the Metropolitan Police Cyber Crime Unit said: “Instead of just taking down the website and arresting the administrator, we have gone after the users of iSpoof. Our message to criminals who have used this website is: we have your details and are working hard to locate you, regardless of where you are.”

US authorities seize iSpoof, a call spoofing site that stole millions by Carly Page originally published on TechCrunch

Share
Published by
WP PRO

Recent Posts

Unlocking the Secrets of JSON.stringify(): More Than Meets the Eye

JSON (JavaScript Object Notation) is a lightweight data-interchange format widely used in web development. At…

3 months ago

How to Handle AJAX GET/POST Requests in WordPress

AJAX (Asynchronous JavaScript and XML) is a powerful technique used in modern web development that…

4 months ago

Page Speed Optimization: Post-Optimization Dos and Don’ts

Introduction After successfully optimizing your website for speed, it's essential to maintain and build upon…

4 months ago

Ultimate Guide to Securing WordPress Folders: Protect Your Site from Unauthorized Access

Securing your WordPress folders is crucial to safeguarding your website from unauthorized access and potential…

5 months ago

HTML CSS PHP File Upload With Circle Progress Bar

Creating a file upload feature with a circular progress bar involves multiple steps. You'll need…

5 months ago

Using WP Rocket with AWS CloudFront CDN

Integrating WP Rocket with AWS CloudFront CDN helps to optimize and deliver your website content…

5 months ago