UK Police

The 'iSpoof' online spoofing service has been dismantled following an international law enforcement investigation that also led to the arrest of 146 people, including the suspected mastermind of the operation.

Over a hundred of these arrests, including that of the platform's leader, were made by London's Metropolitan Police.

iSpoof offered cybercriminals so-called "spoofing" servers which allowed them to mask their phone numbers with one belonging to a trusted organization, making it appear to the victims as if their bank called them.

This call number spoofing made it possible for the crooks to conduct social engineering, phishing, and carry out "bank helpdesk" scams, stealing money, banking account credentials, and one-time codes.

"The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords," Europol said on Thursday.

"The users were able to impersonate an infinite number of entities (such as banks, retail companies, and government institutions) for financial gain and substantial losses to victims."

According to the announcement of the Metropolitan Police, between June 2021 and July 2022, iSpoof was used to make 10 million fraudulent calls worldwide.

Europol reports that iSpoof caused approximately $120,000,000 in losses, with the service's operators raking in estimated profits of $3,850,000 in the last 16 months.

Uncovering iSpoof

The cybercrime department of the Dutch police says it found the servers hosting iSpoof in Almere, a small town near Amsterdam, during a bank helpdesk fraud investigation.

This led to a new investigation focusing on the service, which led to the discovery of the iSpoof operator's location in London. They then informed Scotland Yard, which started its own in-depth investigation into the suspect.

Next, the police in the Netherlands placed a "tap" on the servers in Almere and gathered insight into how the service worked and who used it.

The UK police say the covert operation of tracking iSpoof closely started in June 2021, helping the law enforcement authorities map the criminal network.

Europol got involved in August 2021 to help the UK police collect evidence and intelligence from global law enforcement partners.

In the framework of its analytical work, Europol was able to identify additional users of the iSpoof service, a number of which were already known for their involvement in other high-profile cybercrime investigations at the European level. — Europol

The owner of iSpoof was arrested on Sunday, November 6, 2022, in East London, and known iSpoof websites like "ispoof.cc" and "ispoof.me" were seized.

Seizure banner on ispoof.cc
Seizure banner on ispoof.cc (BleepingComputer)

The administrators of the servers in Almere, two men, aged 19 and 22, were also arrested. The Dutch police underline they're now deanonymizing more service users based on evidence collected from the seized servers.

Following iSpoof's takedown, the service's users from dark web forums have been advised to "throw everything away."

Related Articles:

Police dismantle pirated TV streaming network that made $5.7 million

Police seize over 100 malware loader servers, arrest four cybercriminals

Europol takes down 593 Cobalt Strike servers used by cybercriminals

Alleged Scattered Spider sim-swapper arrested in Spain

Police arrest Conti and LockBit ransomware crypter specialist