Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label UK Police. Show all posts

International Cyber Fraud Ring Busted By London Police

 

UK Police stated that they have infiltrated a massive phishing website on the dark web that has defrauded tens of thousands of individuals, and learned that university students have turned to cyber fraud as a way to increase their revenue. 

LabHost was a cyber fraud emporium that allowed users to create realistic-looking websites from major names such as big institutions, ensnaring victims all around the world, including 70,000 in the United Kingdom. It has been in operation from 2021. 

Victims entered private data, some of which were used to steal money, but the site's creators also profited by selling details to fraudsters on the dark web.

According to the Metropolitan police, the majority of the victims were between the ages of 25 and 44, and they spent the majority of their time online. Police believe they apprehended one of the site's major suspected masterminds this week, among 37 individuals held in the UK and abroad.

The Metropolitan Police reported that arrests were made at Manchester and Luton airports, as well as in Essex and London. Policing in the UK is under pressure to prove that it is effectively combating the rise in cyber fraud.

The site's infiltration is a drop in the ocean compared to the scope of the problem, but police seek to shake criminals' confidence in their ability to act with impunity and intend to shut down more cyber fraud sites. 

In the midst of struggles for resources against other criminal objectives like protecting children and bolstering what is often viewed as inadequate protection of women, fraud and cybercrime are seen as difficult crimes for law enforcement to solve. 

The Met is currently enjoying its success. The main users of the website have been arrested, and 25,000 victims have been notified in the UK. Some of the users won't be arrested, though, since investigators don't know who they really are.

LabHost collected 480,000 debit or credit card data, and 64,000 pin numbers, and generated £1 million from 2,000 customers who paid up to £300 a month in Bitcoin for membership fees. As a “one-stop-shop for phishing,” it promoted itself.

It included a teaching video on how to use the site to conduct crimes, similar to one on how to use a new consumer product. The video stated that the show takes five minutes to install and that "customer service" was available if there were any issues. It concluded by urging its criminal users, "Stay safe and good spamming.”

Android Users Beware: Glitch in 999 Call Feature Raises Concerns

 

Users of Android phones have been alerted by the UK police about a potentially hazardous bug in the 999 emergency call feature. Authorities are worried that some Android devices could unintentionally mute emergency calls, endangering lives. Law enforcement organizations and technological businesses are both taking immediate measures to solve the issue.

According to reports, the glitch occurs when users accidentally press the power button on their Android devices multiple times while attempting to call emergency services. This action activates the phone's silent or vibrate mode, preventing the user from alerting emergency responders effectively. It is crucial to note that in emergency situations, every second counts, and any delay or impediment in making a distress call can have dire consequences.

The UK police have reached out to Google, the company behind the Android operating system, to address this critical issue. Authorities have requested that Google investigate the glitch and implement necessary measures to prevent accidental activation of the silent mode during emergency calls. The timely response and cooperation from Google are vital to rectifying this flaw and ensuring the safety of Android users.

Law enforcement agencies are urging Android phone owners to be cautious while dialing emergency services. It is recommended to double-check the phone's volume settings before making a call to 999. Additionally, users should avoid repeatedly pressing the power button, as this action may trigger the silent mode inadvertently.

The glitch has raised concerns among emergency service providers, who rely on quick and accurate information to respond effectively to emergencies. Any delay or disruption in receiving distress calls can significantly impact the response time and potentially jeopardize lives. It is therefore imperative for both technology companies and smartphone users to remain vigilant and prioritize the reliability and functionality of emergency services.

In response to these concerns, Google has acknowledged the issue and assured the public that they are actively investigating the matter. The company is working to identify the root cause of the glitch and develop a solution to mitigate its impact. Users are advised to install software updates promptly, as these updates often include bug fixes and security patches that address such issues.

While the glitch affects a specific group of Android users, it serves as a reminder of the importance of thorough testing and quality assurance in technology development. Issues like this highlight the need for continuous monitoring and improvement to ensure the safety and reliability of devices and services.

Criminal Digitisation: How UK Police Forces Use Technology

 


Researchers and law enforcement communities have yet to fully understand cybercrime's scope and implications, even though it is a growing issue. As a result of the perception that the police were ill-equipped to deal with these types of crimes, according to reports issued by the UK government, victims of cybercrime are unlikely to report the crimes immediately. These reports also identify a lack of cybercrime knowledge among police officers according to the reports. 

In recent days, there have been numerous reports of people falling victim to online fraudsters despite being cautious about doing so. Marc Deruelle almost became one of them due to his actions. He was eager to visit Liverpool this May for the 2023 Eurovision Song Contest. He didn't immediately suspect that someone contacting him via WhatsApp was the receptionist at the accommodation he'd booked online. However, a few days later, he received a call from someone claiming to be the receptionist so he decided to contact them.  

It was good that Deruelle's bank noticed something was going on. It refused to permit £800 to be transferred to Uganda at the last moment. The situation has not been as fortunate for other victims. 

As late as 2022, a woman from North Wales forwarded almost £2,000 over Whatsapp to a scammer pretending to be her daughter and pretending to be based out of Nevada. The mother of two from North Lanarkshire, Scotland, told STV News how she sold her home to repay the loans she had invested in a bogus cryptocurrency investment scheme advertised on Facebook. Jennifer said she had to sell the house to pay. To invest in the bogus scheme, scammers coerced her into taking out further loans - and ultimately she owed £150,000 for the scam. 

Earlier this year, the NCA released the Cyber Crime Assessment 2016. This highlights the need for more partnerships between law enforcement and the private sector to fight cybercrime. Even though cybercrime accounts for only a small proportion of all reported crimes in the U.K., the National Crime Agency has found that cybercrime has overtaken all other types of crime, accounting for 36 percent of all reported crimes, and 17 percent of crimes committed with computers.

There is no denying the fact that cybercrime reports have been growing in the U.K. One explanation for this may be that the British are becoming more skilled at detecting this kind of crime than they used to be. According to the report, there is a conclusion that there is increasing evidence of cybercrime occurring in the U.K., as it was briefly covered in the most recent Crime Survey for England and Wales conducted by the U.K. Office of National Statistics last year. 

As of 2022, fraud will account for more than 40% of all crimes in England and Wales, making it the most common crime committed in the country.    

Moore believes that, when the government launched Action Fraud in 2009, the government had the right intentions. However, the government did not realize how fast fraud would grow, Moore explains. As a result, Moore and Hamilton believe that law enforcement may have lacked funds and expertise. This has caused law enforcement officers to struggle to keep up with cybercrime's rapidly evolving pace, an issue that has left them struggling to keep up. As a result, it has been challenging for public agencies, particularly rural police departments, for a long time to recruit and retain cybersecurity professionals. There is not much money to be made by the police and the local government. As an IT professional, why on earth would you stay in the police force when you can join the private sector if you’re in cybersecurity?   

Despite the growing scale and complexity of cybercrime as well as the intensifying attacks, the report concludes that "so far, the visible financial losses and damage do not have the potential to significantly impact the value of a company's equity over the long run." Cyber attacks on businesses in the UK have not been as damaging and as publicly visible as the ones that were carried out on the Target retail chain in the United States. 

A large, multinational European company would probably be hard-pressed to conceal a breach of the same magnitude as the breach at Target in 2013 if it was similar to that breach. Generally speaking, European nations have not been required to comply with the same kind of data breach disclosure laws on the books in nearly every state in the United States. U.S. companies are forced to publicly acknowledge data breaches each week by laws in effect in nearly every U.S. state.

As the new General Data Protection Regulation of the European Union comes into force, companies that conduct business in Europe or with European customers will be required to provide written notification if, as a result of a breach of security, personal data was accidentally or unlawfully destroyed, lost, altered, or unauthorizedly disclosed, or access was unauthorized. 

As it stands, there may still be some time before British businesses start coming forward about data breaches, especially since the GDPR requirements won't fully come into effect until 2021. Although the GDPR requirements will not take full effect until April 2018, the implementation is expected to take place sooner rather than later.   

UK Police Arrested Online Criminal Marketplace That Advertised Stolen Personal Credentials


UK police has arrested 21 malicious actors across the United Kingdom who were the part of nationwide cyber crackdown targeting customers of WeLeakInfo.com. Now-defunct online service which was previously giving access to data hacked from other Networks. According to the National Crime Agency, “those 21 people have been arrested across the Nation as part of an operation targeting customers of an online criminal marketplace were using stolen personal credentials to commit further cyber and fraud offences’’. 

All men those have been arrested aged between 18 and 38, out of 21 – 9 people have been detained under Computer Misuse Act offences, another 9 people under for Fraud offences, and remaining 3 under investigation for both the aforementioned. National Crime Agency has also seized £41,000 in bitcoin from the individuals. 

As per the sources, the UK National Crime Agency (NCA), the US Federal Bureau of Investigation (FBI), the Netherlands National Police Corps, the Police Service of Northern Ireland and the German Bundeskriminalamt, were working in unison and it was in January 2019 when they seized the domain of WeLeakInfo.com. 

Launched in 2017, WeLeakInfo was selling access to hacked information for the past three years. Reportedlu, the hackers behind the online service obtained data from over 10,000 Data breaches and cemented its name as brilliant underground hacking space. 

Furthermore, WeLeakInfo also offered subscription plans allowing users unlimited access to sensitive information. The plans were categorized as following– one day ($2), one week ($7), one month ($25), or three months ($70). Even cheap subscription plan was giving huge access to information, apprentice-type hackers were getting hold of huge cache of data and were using credentials for further criminality, including cyber attacks and fraud offences. 

Following the domain's seizure in January, in connection with running the site, two 22-year-old men, were arrested one from the Northern Ireland and another from the Netherlands.

NCA said, besides customers of WeLeakInfo, certain evidence revealed that other cybercrime tools such as remote access Trojans (RATs) and crypters were also being purchased. 

In the context, Paul Creffield, head of NCA’s National Cyber Crime Unit, said: “Through the identification of UK customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offences. The NCA and UK law enforcement take such offences extremely seriously and they can result in huge financial loss to victims. We were also able to pin point those on the verge of breaking the law and warn them that should they continue, they could face a criminal conviction. Cyber skills are in huge demand and there are great prospects in the tech industry for those who choose to use their skills legally’’.