UK police have dismantled a gang that provided a technology service enabling criminals to use fraudulent text messages to defraud victims
Britain’s Metropolitan Police announced on Thursday 18th April 2024 that the ‘LabHost‘ website had been utilised by 2,000 criminals to pilfer personal details from users.
The police have reportedly identified approximately 70,000 UK individuals whose details were compromised via LabHost’s websites. The websites of LabHost have been disrupted and now displays a notice indicating that the services have been seized by law enforcement.
They have arrested 37 people worldwide and are contacting victims affected by the scam.
Phishing scam
Officers say younger people who grew up with the internet were the most likely to fall for the ‘phishing’ scam.
What is ‘phishing’
‘Phishing’ is a type of social engineering attack where perpetrators trick individuals into disclosing sensitive information or downloading malware. This often entails the use of deceptive emails or messages that mimic reputable entities, luring users to input their login details on counterfeit websites.
See Wikipedia definition.
The technology enabled scammers without technical expertise to inundate victims with deceptive messages aimed at eliciting online payments.
Authorities focused on the gang’s website, LabHost, which facilitated the despatch of these messages and steered victims towards counterfeit websites. These sites mimicked authentic online payment or shopping platforms.
ID theft
This operation allowed the perpetrators to pilfer personal identity details, including 480,000 card numbers and 64,000 PIN codes. It was referred to as ‘fullz data‘ in criminal circles, according to the police.
The exact amount of money stolen remains unknown. However, detectives estimate that the LabHost site generated close to £1 million ($1.25 million) in profits.