An international police operation has dismantled an online spoofing service that allowed cybercriminals to impersonate trusted corporations to steal more than $120 million from victims. From a report: iSpoof, which now displays a message stating that it has been seized by the FBI and the U.S. Secret Service, offered “spoofing” services that enabled paying users to mask their phone numbers with one belonging to a trusted organization, such as banks and tax offices, to carry out social engineering attacks. “The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords,” Europol said in a statement on Thursday. “The users were able to impersonate an infinite number of entities for financial gain and substantial losses to victims.”
London’s Metropolitan Police, which began investigating iSpoof in June 2021 along with international law enforcement agencies, in the U.S., the Netherlands, and Ukraine, said it had arrested the website’s suspected administrator, named as Teejai Fletcher, 34, charged with fraud and offenses related to organized crime. Fletcher was remanded to custody and will appear at Southwark Crown Court in London on December 6. iSpoof had around 59,000 users, which caused $58.2 million of losses to 200,000 identified victims in the U.K., according to the Met Police. One victim was scammed out of $3.64 million, while the average amount stolen was $12,100.