Gardai reel in phishing fraud suspects
OPERATION DISRUPTS CRIMINAL SITE LABHOST
TWO men have been arrested and cash, cryptocurrency and electronic items as well as a Rolex watch were seized in an operation targeting organised fraud.
As a result of the arrests and seizures, gardai and international law enforcement agencies have severely disrupted LabHost, one of the world’s largest phishing-as-a-service platforms.
The searches were carried out at 12 searches at locations in Dublin, Kildare and Waterford on Tuesday and Wednesday as part of Operation Stargrew.
Stargrew targeted individuals suspected of involvement in organized fraud, where bulk “phishing” or “smishing” text messages are sent out, designed to deceive people into providing their personal data and credentials for the purposes of fraud.
Many of these purport to be from banks and service providers.
This year-long operation, coordinated at the international level by Europol, resulted in the compromise of LabHost’s infrastructure.
The LabHost platform, previously available on the open web, has been shut down, and now displays a law enforcement splash page.
Rolex
As part of the Irish operation, €42,000 in cash, €10,000 in cryptocurrency, 82 smartphones, 25 computers, nine tablet devices and a Rolex watch were seized.
An Garda Siochana said: “Two males were arrested during the course of the operation. One of the males arrested has been charged, and will appear before the courts at a later date.”
Approximately 116 users are suspected of using this LabHost website and web service who have a connection to Ireland.
Gardai have now identified more than 150,000 instances of a person responding to a phishing link, and this link is suspected to be associated with the 116 users.
The above LabHost users were primarily targeting Irish residents (135,000 people) but have also targeted people in other countries including Australia, Finland, United Kingdom, New Zealand, Austria, Norway, Estonia and many other countries.
The typical wording of phishing text message infers that some action is promptly required on the behalf of the recipient of the message.
These smishing/phishing messages are designed to pressurise recipients to respond to the message, to prevent their bank being defrauded, or to prevent a bill from increasing, or to pay a bill such as a customs charges.
Text messages are sent to potential victims and, when the person clicks a link in the message, they are deceived into giving data to the criminals.
Once the victim clicks on the URL link, they are directed onto a fake website that resembles the genuine website.