Police have stormed a number of airports across the UK to break up a global cyber scam gang that defrauded 70,000 Brits.
The UK-founded website LabHost, which had been used to defraud victims on an industrial scale, was infiltrated by the Metropolitan Police leading to 37 arrests around the world, including at Manchester and Luton airports.
The site was set up in 2021 by a criminal network and enabled criminals to create their own scam websites designed to trick innocent victims into revealing personal information such as email addresses, passwords, and bank details.
By the beginning of 2024, more than 40,000 fraudulent sites had been created through LabHost, which generated just under £1 million in payments from criminal users paying a monthly subscription fee.
As many as 70,000 UK victims were tricked by scamming set up through LabHost, which obtained 480,000 card numbers, 64,000 PINs and more than one million passwords globally.
The UK-founded website LabHost, which had been used to defraud victims on an industrial scale, defrauding 70,000 Brits. Pictured is a screen grab of the LabHost website page
The website now shows this message after the gang behind the scheme was infiltrated by the Metropolitan Police leading to 37 arrests around the world
This picture shows a man being arrested by Met Police at an airport in the UK in connection with the LabHost scam
These items were seized by the Met after arresting one suspected gang member in Bromley
Criminal subscribers to LabHost were able to log on to the service and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.
LabHost even provided templates and an easy to follow tutorial allowing would-be fraudsters with limited IT knowledge to use the service and set up phishing websites.
Phishing is a form of scam where attackers deceive people into revealing sensitive information by masquerading as a legitimate person.
By the beginning of 2024, more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee to LabHost.
LabHost provided its subscribers with fake profiles for 170 companies to trick victims, including 47 based in the UK.
Those subscribing to the ‘worldwide membership’, meaning they could target victims internationally, paid between £200 and £300 a month. Since creation, the site has received just under £1 million in payments from criminal users.
Work apprehending the gang behind LabHost began in June 2022 after detectives received crucial intelligence about the site’s activity from the Cyber Defence Alliance – a group of British-based banks and law enforcement agencies which work together to share intelligence.
The Met joined forces with the National Crime Agency, City of London Police, Europol, Regional Organised Crime Units (ROCUs) across the country and other international police forces to put an end to the gang’s harmful scheme.
They also worked with a number of tech companies including Intel 471 and Microsoft to bring down the platform.
Between Sunday, April 14 and Wednesday April 17 a total of 37 suspects were arrested across the UK and by international law enforcement agencies.
This included arrests at both Manchester and Luton airports, as well as in Essex and London. Over 70 addresses were searched both in the UK and across the world.
Shortly after the arrests were made on Wednesday, LabHost and its linked fraudulent sites were disrupted and existing information was replaced with a message stating law enforcement had seized the services.
Pictured is the LabHost mascot, a snide looking rat holding a briefcase with a dollar sign on it
This picture shows the login page of the LabHost website. At the start of 2024, LabHost had 2,000 registered users
This image show details of LabHost’s ‘worldwide membership’, which allowed users to target victims internationally by paying between £200 and £300 a month.
Following the Met’s intervention, 800 users subscribed to LabHost received a video message, nicknamed LabHost wrapped, telling them that police ‘know who they are and what they’ve been doing’.
Criminals users were shown how much they’ve paid to LabHost, how many different sites they’ve accessed and how many lines of data they’ve received, according to data obtained by the Met.
These users will continue to be investigated by detectives over the coming weeks and months.
Meanwhile, detectives have so far contacted up to 25,000 victims in the UK to tell them their data has been compromised after using scamming sites set up through LabHost.
Detectives have so far established that just under 70,000 individual UK victims have entered their details into one of LabHost’s fraudulent sites, but said the total number of victims is likely to be even higher.
The Met said that each victim has been given advice about next steps and how to further protect their data, while a team of officers will also be on hand to provide personalised support to any victims who want further help and advice.
Dame Lynne Owens, deputy commissioner of the Metropolitan Police Service, said: ‘You are more likely to be a victim of fraud than any other crime.
‘In addition to the financial impact, it undermines the public’s confidence in the tools and technology they need to use in daily life. Our collective approach should ensure suspects feel that same level of distrust in their own criminal environment.
‘Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.
‘But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source.
‘Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.’
Adrian Searle, director of the National Economic Crime Centre in the NCA, said: ‘Fraud is a terrible crime that impacts victims both financially and psychologically, undermining our collective trust in others and the online services on which we all rely.
‘Together with cyber crime, it makes up around 50% of all crime in England and Wales. Recognising the scale and nature of the threat, law enforcement are working evermore closely together, both here and overseas, to target the fraudsters and the technology they are exploiting.
‘This operation again demonstrates that UK law enforcement has the capability and intent to identify, disrupt and completely compromise criminal services that are targeting the UK on an industrial scale.’