Dozens arrested as police infiltrate UK-founded cyber network after 500k tricked into handing over card details

18 April 2024, 02:02 | Updated: 18 April 2024, 07:19

A major UK-founded network of fake websites was infiltrated by police.
A major UK-founded network of fake websites was infiltrated by police. Picture: Met Police
Fraser Knight.

By Fraser Knight.

A major UK-founded network of fake websites has been infiltrated by police, after being used to trick people into handing almost half a million bank card details and PIN numbers.

Listen to this article

Loading audio...

LabHost, a platform which gave criminals access to their own phishing sites, had been charging a fee of up to £300 a month to allow them to pose as trusted banks, healthcare agencies and postal services.

The subscription even provided would-be fraudsters with limited IT knowledge an easy-to-follow tutorial, which ended by telling them: “Stay safe and good spamming.”

The set-up has allowed criminals to use the web pages to deceive victims into handing over information including passwords and addresses, including from around 70,000 Brits.

Commander Steve Clayman from the Met Police will join Nick Ferrari at Breakfast on LBC this morning from 0740 to discuss the operation and you can listen live on Global Player, the official LBC app.

Adrian Searle, Director of the National Economic Crime Centre at the National Crime Agency, told LBC: “This sort of technology is lowering the barriers to entry when it comes to crime. It’s allowing people who aren’t technically minded to almost buy capabilities off the shelf.

“We’re seeing it a lot more and it is a concern. Criminals are providing these capabilities to others to let them use them at scale - on an industrial scale.”

In a major operation - dubbed Stargrew - the Metropolitan Police, alongside teams at City of London Police, the National Crime Agency (NCA) and Europol, have disrupted the network and started to dismantle it.

LabHost wrapped

On Wednesday, control of LabHost’s fraudulent sites was seized, and what appeared to be a personalised video was sent to its criminal users.

‘LabHost Wrapped’ appeared to taunt subscribers saying the police had “enjoyed” going through all the data stored by the platform.

It also warned them to “think carefully where you go on holiday next” with victims being targeted in countries around the world.

37 suspects have been arrested across the UK, including at both Manchester and Luton airports, as well as in Essex and London.

Read more: Police apologise for failings in investigation into 1986 Babes in the Wood murders of Karen Hadaway and Nicola Fellows

Read more: Police officer seriously injured after being stabbed while arresting knifeman in Enfield

Some of the items that were seized during the operation.
Some of the items that were seized during the operation. Picture: Met Police

Dame Lynne Owens, Deputy Commissioner of the Metropolitan Police Service, said: “Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.

“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source.”

LabHost was set up in 2021 by a cybercriminal network in the UK and at its height was being used by more than 2,000 criminals to defraud victims across the globe.

By the start of 2024, police reckon more than 40,000 fake websites had been created with 480,000 card numbers, 64,000 PIN numbers and more than 1 million passwords handed over by unsuspecting victims.

The Met says as many as 25,000 British victims have been contacted by them to make them aware that their data has been compromised.

The website was seized
The website was seized. Picture: Met Police

Last month, the Secretary General of Interpol revealed the changing nature of cyber-crime during a conversation with reporters in London, describing emerging groups as being ‘ad-hoc’ rather than permanent gangs.

Jurgen Stock said the outsourcing of some of the more technical aspects of online activities meant there was now effectively a ‘Yellow Pages’ for criminal gangs on the dark web, making it harder to catch them.

“If you have a criminal intent, you can buy the services directly. There is a system where they even get a rating on whether their criminal support is reliable or not and they organise themselves in a very dynamic way based on the skills they require,” he said.

“It’s very much sequenced in smaller sequences. They set up a temporary crime group based on expertise and when a crime has been committed, they are reorganising themselves.”

He also said the online aspect of fraud means we’re now in a place where someone can be sitting at home and quickly shift from one country to another to attack different targets.

A spokesperson for the Cyber Defence Alliance said: “We have together, once again, been able to disrupt a major international criminal platform and prevented more people falling victim to these scams.

“In the digital world we live in, our alliance will continue to work with law enforcement to combat the growing threat of online fraud which impacts millions of people across the globe.”