A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users.
Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.
The organization operated a phishing-as-a-service (PhaaS) platform called iServer, which had over 2,000 registered users.Crooks targeted at owners of mobile devices that were attempting to regain access to their phones and were phished in the process.
“Europol has supported European and Latin American authorities in dismantling an international criminal network engaged in unlocking stolen or lost mobile phones through a phishing platform.” reads the press release published by Europol.
Law enforcement and judiciary authorities from Spain, Argentina, Chile, Colombia, Ecuador and Peru took part in the operation.
According to Europol, there were 483 000 victims worldwide, mainly Spanish-speaking nationals from European, North American and South American countries.
The law enforcement operation, code named called “KAERB,” was conducted between 10 and 17 September and resulted in 17 arrests. The police performed 28 searches and seized 921 electronic devices, including mobile phones, vehicles and weapons.
“The illicit activity of the criminal structure dedicated to Crime as Service began with the theft of telephone terminals, which they unlocked using combined and simultaneous phishing, smishing and vishing techniques with which they obtained the access credentials to the device from their victims in order to take over their digital life.” reported the Spanish police. “The computer platform they used is estimated to have unlocked 1,300,000 stolen high-end telephone devices.”
The criminal ring created and marketed an online service to unlock stolen high-end mobile phones. The gang relied on over 5,300 fake websites to imitate real phone company pages, sending SMS messages to victims whose phones had been stolen. According to the Spanish police, the criminal network unlocked approximately 1.3 million devices, including 30,000 in Spain. The criminals profiled victims using their stolen personal belongings and OSINT techniques to obtain phone numbers for targeted smishing and vishing attacks. Victims were tricked into entering unlock codes on fraudulent websites, believing they could recover their stolen devices, but the codes were collected and used by the criminals.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, phishing scheme)