View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 24, 2022

70,000 victims of iSpoof fraud to be contacted by the Metropolitan police

Known victims of the banking fraud will be contacted by officers over the next 24 hours, the Met said today.

By Claudia Glover

The Metropolitan Police is texting 70,000 fraud victims over the next 36 hours in the UK’s biggest anti-fraud operation to date. They have been targeted in a massive fraud campaign revolving around a tool called iSpoof, which was being utilised by scammers posing as banks and was taken down by the Met and international partners earlier this month.

The Metropolitan police will contact 70,000 victims in the biggest anti-fraud campaign in UK history. (Photo by Darren Baker/Shutterstock)

The UK’s Metropolitan Police is reaching out to the public to inform them they have been targeted. This anti-fraud campaign is operating in tandem with an ongoing bank fraud investigation, according to the BBC. There have been over 200,000 potential victims in the UK alone, with 70,000 of those connected to a single phone number belonging to a suspect who is in custody. These people will be contacted between midnight today (Thursday) and midnight on Friday with further information, the Met said.

iSpoof used to rob victims of up to £3m

The average amount of money lost to the scam is £10,000, with individual cases reaching as high as £3m. The total amount of money swindled from the public has been estimated at around £48m.

The tool at the centre of the scam that made this extraordinary level of success possible is called iSpoof. It has been described by the police as an online fraud shop used by scammers to impersonate financial institutions. At the height of its success as many as 20 people were targeting victims through it every minute.

The tool was created in December 2020 and at its peak had 59,000 users, who paid up to £5,000 per month in Bitcoin for access to its software. 

Those using iSpoof would impersonate UK banks including Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, Natwest, Nationwide and TSB. 

If the criminals got victims to believe they represented a bank, they would start to mine them for credentials and security information. Through the use of different fraud tools, they may have been able to access features such as one-time passcodes to clear accounts.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

How police stopped the iSpoof fraud

The tool was taken down on 7 November in a coordinated attack in co-operation with law enforcement agencies in Europe, the US, Ukraine and Canada. The domain now displays a note saying: “This website has been seized,” above the emblems of the Metropolitan Police, the US Department of Justice and the United States Secret Service.

As a result of the investigation, 142 people have been arrested, including the main administrator of the iSpoof website. 

Telegram channels that advertised the tool have received a message posted by the Met that reads, “On the 7th November 2022 International Law Enforcement took down Several months ago we gained access to its servers and obtained customer data. This is a warning: Using spoofing services for criminal purposes is illegal.

“Did you make some criminal spoof calls? One-hundred and forty-two people have already been arrested. The investigation regarding user data is ongoing. Don’t be surprised when more visits follow.” The message is signed Metropolitan Police Service.

Metropolitan commissioner Sir Mark Rowley said: “The exploitation of technology by organised criminals is one of the greatest challenges for law enforcement in the 21st century. Together with the support of partners across UK policing and internationally, we are reinventing the way fraud is investigated.

“The Met is targeting the criminals at the centre of these illicit webs that cause misery to thousands. By taking away the tools and systems that have enabled fraudsters to cheat innocent people at scale, this operation shows how we are determined to target corrupt individuals intent on exploiting often vulnerable people.”

Read more: UK phishing attacks targeting the cost of living crisis are on the rise

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.