Police Arrest Six Over £1m Phishing Scam

The Metropolitan Police Central e-Crime Unit (PCEU) has arrested six people as part of a crackdown on a phishing scam that reaped £1 million from students’ bank accounts.

The scam targeted students participating in government loan schemes, police said. The students received an email asking them to update their account details and directing them to a convincing-looking, fake website.

A degree of profitability

The fraudsters used the bank information to make withdrawals of £1,000 to £5,000 at a time, police said.

“A great deal of personal information was compromised and cleverly exploited for substantial profits,” said detective inspector Mark Raymond of the PCEU, in a statement. “We have today disrupted a suspected organised group of cybercriminals and prevented further loss to individuals and institutions in the UK. Today’s arrests demonstrate what can be achieved when a partnership approach is adopted to investigate Internet-based crime.”

The PCEU said they have been investigating the scam in co-operation with the Student Loan Company, the banking industry and Internet service providers starting from a tip-off in August.

On Thursday, the police arrested a 38 year old man in Bolton; a 26 year old man and a 25 year old woman in Manchester; a 25 year old man in Deptford, London; and a 49 year old woman and a 31 year old man in Stratford, London. Police also seized computers and equipment from premises in London, Manchester and Bolton.

The suspects are being held at police stations in central London, Manchester and Bolton on charges of conspiracy to defraud, money laundering, and offences under the Computer Misuse Act, police said.

Last month a study found that malware incidents had risen by 89 percent in the last three months, while phishing saw a drop of eight percent over the period.

Phishing fight

Facebook, Google and Microsoft are some of the global palyers who have fought back hard against cyber-thugs this quarter.

After the .tk top-level domain showed a 600 percent rise in phishing, Facebook joined the .tk registry, IID (Internet Identity), and the Anti-Phishing Alliance of China (APAC) to secure the top-level domain and reduce phishing from that domain by 40 percent. Google de-indexed the entire second-level domain co.cc, a hive of fraudulent activity, blocking 11 million co.cc websites from appearing in its search engine results, while Microsoft took down the Kelihos botnet, a network of 41,000 private computers infected with malicious software capable of sending billions of spam emails per day.

Traditional phishing attacks occur when online fraudsters try to access personal data such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an online exchange, while malware is malicious software installed on a computer, which enables cybercriminals to access and use that computer for criminal purposes.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago