More than 100 people have been arrested in the UK’s biggest ever fraud operation after a website police described as a “one-stop spoofing shop” is used by scammers to scam people through fake bank phone calls Britain’s millions of pounds are used to steal.
It is estimated that more than 200,000 potential victims were targeted through the iSpoof fraud website, which was taken down this week by Scotland Yard’s cybercrime unit with the help of authorities in the US and Ukraine.
Around 20 people were being contacted every minute of the day by scammers hiding behind false identities created using the site and it is estimated criminals may have stolen close to £50m. The actual amount is likely to be higher than Danger! Often understated.
One victim was defrauded of £3 million, while the average amount stolen was £10,000. It is estimated that the shopkeepers of the scam made around £3.2 million over a period of 20 months.
The fraudsters paid iSpoof, which was founded in December 2020, for a service that allowed them to hide their phone number and pretend to be calling from a trusted organization, such as a bank or tax office. The scammers used bitcoin to pay for the service.
They would then trick people into handing over money or giving them access to their bank accounts. Around 10 million spoofed calls were made through iSpoof globally in the year to August, of which around 3.5 million were made in the UK. Of those, 350,000 calls lasted longer than one minute and were made to 200,000 individuals.
Users of the service, which was shut down this week, believed they were anonymous. However, this was not the case, and so far over 100 people have been arrested as part of Operation Widespread, mainly in London.
The arrests include Tijai Fletcher, the suspected mastermind behind the website, who is described by police as living a “lavish” lifestyle.
Fletcher, 34, of Western Gateway, east London, has been charged with making or supplying articles for use in fraud, taking part in the activities of an organized crime group and proceeds of crime cases on 7 November. He was remanded in custody and is due to next appear at Southwark Crown Court on 6 December.
The Met, which led the operation, launched an investigation into iSpoof in June 2021, working with international law enforcement agencies including the US, the Netherlands and Ukraine to shut down the website.
Investigators penetrated the website – which had 59,000 users – and discovered 70m rows of data and bitcoin records, allowing them to begin tracing the suspects.
Because the pool of suspects is so large, the investigation initially focused on users from the UK and those who spent at least 100 bitcoins to access the site.
Det Supt Helen Rance, who leads Cybercrime for the Met, said: “By removing iSpoof we have prevented further crimes and fraudsters from targeting future victims.
“Our message to criminals using this website is that we have your details and we are working hard to find you, wherever you are.”
Police have a list of phone numbers targeted by iSpoof hoaxers and will be contacting potential victims via text on Thursday and Friday. None of the messages received after November 25 were from the police, it warned.
The text message would ask victims to visit the Met Office’s website to provide more information about their experience. This will not include a clickable link.
Anyone who has not been contacted by the Met but believes they have been the victim of a number-spoofing scam should report the incident to Action Fraud.
The police force said it plans to use the proceeds Crime Work to recover the money where possible.
Met Police Commissioner, Sir Mark Rowley, said: “By removing the equipment and systems that enable Fraudsters are duping gullible people on a large scaleThis operation shows how determined we are to target corrupt individuals often with the intention of exploiting the vulnerable.