Over 100 arrests have been made following a huge Fraud scam, commonly known as iSpoof, which has swept the UK.
Currently, the British Police have identified 70,000 British people who have been affected by the plan and will be notifying them over the coming week that they have fallen victim to this attack. However, the total number of victims is believed to be around 200,000.
iSpoof provided criminals with an easy way to spoof their caller ID. This means that criminals could use this service to make their phone number appear as a legitimate business number to the caller. With a fee of between £150 – £5000 and little technical knowledge needed to execute this attack, many people were able to perform it. The iSpoof website had around 59,000 total accounts purchased on it since its launch in December 2020.
The most common, and often most damaging, attack this caused was criminals pretending to be a representative from a trusted UK bank. This often caused the victims to hand over important information, like personal details and even one-time passcodes to access bank accounts.
The service was promoted and marketed in the Criminal world advertising how easy it was to use for such a low price. This was done through common marketing methods like promotional videos and posts to encrypted forums hosted on apps such as Telegram.
This service has been taken down by the FBI and is no longer accessible to any Cyber Criminal.
Anyone who believes that they were affected by this attack has been advised to log an official crime report online by the police. They have also said that they will contact victims by SMS to provide evidence.
Whilst the iSpoof service is no longer active, according to the NCSC Annual Review for 2022 this year has seen a rise in the commercial availability of malicious tools (such as iSpoof). This means that there is an ever increasing need for Cyber Education for both businesses and individuals who use any service online.
We are here to help.
Cyber Wise is a service designed to imitate the most common, and avoidable, types of attack as well as provide comprehensive training on internet security for your team members. If you would like to find out more, please get in touch to discuss how we can help.