iSpoof bank scam 'mastermind' arrested in UK's biggest ever fraud probe

Some 70,000 Brits will be contacted by police from today after potentially falling victim to the country’s biggest ever scamming operation. 

It comes after a website used to defraud up to 200,000 people in the UK out of at least £50million was shut down following an international probe involving Scotland Yard, the FBI and European law enforcement agencies. 

Scammers paid a subscription to iSpoof.cc to use technology that let them appear as though they were phoning victims from banks such as Barclays, NatWest and Halifax.

Do you think you were targeted by the iSpoof scam? Have you received a notification of fraud from the police?

Email rory.tingle@mailonline.co.uk 

A total of 59,000 criminals paid subscriptions of between £150 and £5,000 to use the technology, making £3.2million for the site’s owners while they scammed vast sums from unsuspecting victims. 

The majority of victims (40 per cent) were in the US, followed by Britain (35 per cent). Many in Australia and other European countries were also targeted. 

The British suspected mastermind behind the site, Teejai Fletcher, 34, from east London, has been charged with fraud and is in custody following his arrest earlier this month. A court date is set for two weeks’ time. 

The average loss to victims was £10,000 each, with one losing more than £3million to fraudsters using the service, Scotland Yard said, adding that there had been more than 100 arrests in Britain alone in recent weeks. 

So far £48million of losses have been reported to Action Fraud, but the real figure is likely to be far higher. 

The Metropolitan Police plans to send mass text messages to 70,000 victims today and tomorrow asking them to get in touch to give evidence.

Anyone trying to access the iSpoof website is met with a message saying it has been 'seized' (pictured)

Anyone trying to access the iSpoof website is met with a message saying it has been ‘seized’ 

TikTok user posts a video with the caption 'RIP to all you iSpoof users' earlier this month as dozens were arrested across the UK. There is no suggestion the TikTok user was involved in the scam

TikTok user posts a video with the caption ‘RIP to all you iSpoof users’ earlier this month as dozens were arrested across the UK. There is no suggestion the TikTok user was involved in the scam

In a slick video to advertise to would-be criminals on encrypted messaging app Telegram, iSpoof branded itself 'the number one spoofing service'

In a slick video to advertise to would-be criminals on encrypted messaging app Telegram, iSpoof branded itself ‘the number one spoofing service’

Alongside graphics of people working at computers, a promotional video (pictured) said: 'iSpoof was made by spoofers, for spoofers.' Referencing the bank details scammers hoped their victims would type in during their calls, it adds: 'Pick up the digits the targets type, and see it displayed on your dashboard.'

Alongside graphics of people working at computers, a promotional video (pictured) said: ‘iSpoof was made by spoofers, for spoofers.’ Referencing the bank details scammers hoped their victims would type in during their calls, it adds: ‘Pick up the digits the targets type, and see it displayed on your dashboard.’

How the iSpoof website scammed tens of thousands of people around the world 

The iSpoof website – described as ‘an international one stop spoofing shop’ –was created in December 2020 and at its peak had 59,000 users paying between £150 and £5,000 for its services, according to the Met.

It enabled subscribers, who could pay in Bitcoin, to access so-called spoofing tools which made their phone numbers appear as if they were calling from banks, tax offices and other official bodies.

Some of the UK’s biggest consumer banks – including Barclays, HSBC, Santander, Lloyds, Halifax – were the mostly commonly imitated.

Combined with customers’ bank and login details illegally obtained elsewhere online, the criminals were then able to defraud their victims.

‘They would worry them [about] fraudulent activity on their bank accounts and tricked them,’ explained Detective Superintendent Helen Rance, who leads on cyber crime for the Met.

She noted that people contacted would typically be instructed to share six-digit banking passcodes allowing their accounts to be emptied.

The Met said in the year to August, suspects paid to access the website and made more than 10 million fraudulent calls worldwide.

Around 40 percent were in the United States, while more than a third were in the UK targeting 200,000 potential victims there alone.

Fraud detection agencies have so far recorded £48million in losses in the UK, with the largest single theft £3million and the average £10,000.

‘Because fraud is vastly under-reported, the full amount is believed to be much higher,’ the Met said.

Those behind the site earned almost £3.2 million from it, the force added.

Only around 5,000 British victims have so far been identified.

However, the Met’s investigation has yielded the phone numbers of more than 70,000 potential victims who have yet to be contacted.

Det Supt Helen Rance, of the Met, said fraudsters would first buy victims’ bank details on the dark web to make their approach more convincing, then used iSpoof to make a fake bank phone call to clear out their accounts, she said.

Scammers made ten million fraudulent calls after the site was set up in December 2020, with 35 per cent of the victims in Britain, 40 per cent in the US and the rest scattered across Europe and Australia.

At one point as many as 20 people every minute were being targeted by callers using technology bought from the site. 

Suspected mastermind Mr Fletcher was accused of fraud and participating in organised crime on November 7. He was remanded in custody and will appear at Southwark Crown Court on December 6.

In a slick video to advertise to would-be criminals on encrypted messaging app Telegram, iSpoof branded itself ‘the number one spoofing service’.

Alongside graphics of people working at computers, it said: ‘iSpoof was made by spoofers, for spoofers.’ 

Referencing the bank details scammers hoped their victims would type in during their calls, it adds: ‘Pick up the digits the targets type, and see it displayed on your dashboard.’ 

It continues: ‘Send spoof SMS messages and much more… our state of the art system handles auto-calling with custom hold music and convincing call centre background sound.’ 

It boasts that the scamming technology works ‘on both Android and iOS’ and said would-be users can sign up for free and pay monthly in Bitcoin to ‘stay totally anonymous’.

In a Telegram channel used by administrators and users of iSpoof, subscribers were told to ‘change the last digit’ when posing as a tele-caller from a bank. 

One message read: ‘Seems some people are very stupid and don’t understand the majority of bank numbers are blocked and cannot be used… if your mind is not creative enough or your skillset does not allow you to perform without a specific number then you should pack your bags and get a job at a grocery store.’ 

It added: ‘If I find you complaining about caller ID without changing a last digit etc or wasting our time this can be a reason you get barred from our service.’  

DSI Rance, who leads on cyber crime for the Met, explained how iSpoof users would defraud their victims. 

She said: ‘They would worry them (about) fraudulent activity on their bank accounts and tricked them.’ 

She said that people contacted would typically be instructed to share six-digit banking passcodes allowing their accounts to be emptied.

In a Telegram channel used by administrators and users of iSpoof (pictured), subscribers were told to 'change the last digit' when posing as a tele-caller from a bank

In a Telegram channel used by administrators and users of iSpoof (pictured), subscribers were told to ‘change the last digit’ when posing as a tele-caller from a bank

The Met launched ‘Operation Elaborate’ in June last year, partnering with Dutch police who had already started their own probe after an iSpoof server was based there.

A subsequent server operating in Kyiv was shuttered in September, while the site was permanently disabled on November 8.

The next day, a TikTok user posted a video with the caption: ‘RIP to all you iSpoof users’, while one of his followers commented on November 11: ’50 people bagged already’, next to a laughing emoji. There is no suggestion the TikTok user was involved in the scam. 

On November 7, the Met had charged suspected ringleader Mr Fletcher with fraud and organised crime group offences.

‘It’s fair to say that he was living a lavish lifestyle,’ DSI Rance said, adding that the investigation remained ongoing.

‘Instead of just taking down the website and arresting the administrator, we have gone after the users of iSpoof,’ she added.

‘By taking down iSpoof we have prevented further offences and stopped fraudsters targeting future victims.

‘Our message to criminals who have used this website is we have your details and are working hard to locate you, regardless of where you are.’

Two other suspected administrators outside the UK remain at large, the force added.

Metropolitan Police Commissioner Sir Mark Rowley said the number of potential UK victims was ‘extraordinary’, adding: ‘What we are doing here is trying to industrialise our response to the organised criminals’ industrialisation of the problem.’

source