The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.
The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.
Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.
In light of this story, the cybersecurity community has been positive in hearing this news:
Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement.
“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.
“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies.
“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.
“One area of particular concern is the increasing tendency to see cybercriminals offering services to unskilled criminals who want to venture into cybercrime. This, along with the continued evolution of AI means that we must continue to build our cyber defences, staying aware of the latest threats and how we can protect ourselves. As the NCSC stated in their 2023 annual review “We have the information and tools at our disposal to defend ourselves. We just need to use them better.”
Martin Kraemer, security awareness advocate at KnowBe4: “News like this is important when they hit the national media. These stories are timely reminders that cybercrime is omnipresent, and it would be foolish to assume that one could not be a target.
“Cybercrime gangs are becoming more common. Law enforcement must reduce the accessibility and attractiveness of online fraud schemes. We must put a stop to the increasing trend of cybercrime turning into an opportunity business for aspiring cyber criminals. Sending out videos to all 800 users of the illegal services to scare them off is therefore a good step by law enforcement.
“Taking down cybercrime networks is the way to go. Shutting down websites alone will obviously not stop people, but seizing their services, and resources, and arresting key people will have an effect.
“Phishing-as-a-service offerings like LabHost contribute to the massive growth of phishing scams worldwide. The quality of these offerings is remarkable. They include entire tool sets to harvest a range of private information including credit card information, multi-factor authentication, or address information. The platform also offered features such as email phishing, SMS phishing, and even management of stolen credentials. Criminals use such service offerings to target businesses and private individuals. Organisations must assume responsibility for empowering their workforce by educating them to make smarter security decisions.
“It is great to see international law enforcement collaborations in taking down cybercrime groups. This is another important step. The first big takedown that tackles phishing after the Lockbit ransomware takedown earlier this year. Phishing is the most used attack vector and ransomware as the most common monetisation scheme are two important areas to tackle. Law enforcement is clearly stepping up the game and rightly so.”
Mayur Upadhyaya, CEO at APIContext: “The recent takedown of LabHost, a service used for online scams, highlights the evolving tactics of cybercriminals and the need for proactive security measures. APIContext commends the collaborative efforts of law enforcement and financial institutions.
“This case emphasises the critical role of robust API security. APIs are often gateways to sensitive data, and the LabHost incident demonstrates how criminals exploit vulnerabilities. Organisations must prioritise API security with advanced protocols to control and monitor access, preventing unauthorised activity like the creation of fake payment services seen in this case.
“Law enforcement’s use of behavioural psychology to deter criminals further emphasises the need for a multi-layered approach to cybersecurity. APIContext advocates for a combination of robust API management, real-time threat detection, and ongoing education to combat cybercrime. This incident serves as a reminder for all sectors to strengthen their defences with comprehensive security frameworks that address both technological and human vulnerabilities.”
Simon Newman, CEO, Cyber Resilience Centre for London & International Cyber Expo Advisory Council Member. “Phishing continues to be the most common type of cyber-attack used by cyber criminals and its impact can be devastating for victims. Clicking on a malicious link that encourages users to input personal information can be used by criminals to commit fraud. This is a fantastic result demonstrating the importance of international collaboration between law enforcement agencies around the world. It also shows the importance of reporting cyber-crime to the authorities with nearly 70,000 victims in the UK alone”
Brian Higgins, Security Specialist at Comparitech: “Crime as a Service (CaaS) has been around for a long time, going back to the days of off-the-shelf banking Trojans, but ever more inventive criminal enterprises constantly research contemporary attack vectors if they think there is money to be made. One more modern aspect of their targeting strategies is to match vulnerable communities with CaaS methodologies and products, as in this case predominantly messaging younger, more tech-immersed victims via Text. Whilst the size of this disrupted operation is fairly small in terms of profit, the tools employed by law enforcement show a distinct evolution in online fraud countermeasures, particularly behavioural science input and follow-up messaging. Multi-jurisdictional physical arrests are also an encouraging impact of any operation of this kind so the deterrent effect, whilst near impossible to quantify, could also be counted as a win for the agencies involved.”
Ian Nicholson, Incident Response Head, Pentest People; “In a ground-breaking move reminiscent of a high-stakes poker play, UK agencies led by the NCA and Police have adopted a novel approach with the takedown of the LabHost cyber gang. As part of their latest operation, authorities have sent personalised videos to the 800 cybercriminals identified during the investigation.
This approach is a direct and unmistakable sign to the cybercriminals that their illegal activities are not only being monitored but that their anonymity is compromised. It’s like the moment in a game when a bluff is called, and the game changes completely, this is at least the hope. Psychologists have suggested by laying out clearly that these criminals’ identities and actions, it will deter them from continuing their criminal activities, enhancing the overall effectiveness of cybercrime prevention.
In my opinion, this tactic is a positive step in the use of novel methods to combat digital fraud. By marrying psychological knowledge with law enforcement innovations we can show the criminal groups that there is nowhere to hide.
For anyone concerned that they may have been impacted by this gang or similar operations, it is imperative to act immediately. Change your passwords, do not reuse passwords, monitor your bank statements, and report any suspicious activity to the authorities.
Remember awareness is the first line of defence.”