• Donate
    TheWindowsForum.com needs donations to stay online!
    Love TheWindowsForum.com? Then help keep it alive by sending a donation!

'iSpoof' service dismantled, main operator and 145 users arrested

WELCOME TO THEWINDOWSFORUM COMMUNITY!

Our community has more than 63,000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.

AFFASocial

Ultimate Donator
VIP
Jun 26, 2021
740
482

'iSpoof' service dismantled, main operator and 145 users arrested​

  • November 24, 2022
  • 06:04 AM
  • 0

UK Police

The 'iSpoof' online spoofing service has been dismantled following an international law enforcement investigation that also led to the arrest of 146 people, including the suspected mastermind of the operation.
Over a hundred of these arrests, including that of the platform's leader, were made by London's Metropolitan Police.
iSpoof offered cybercriminals so-called "spoofing" servers which allowed them to mask their phone numbers with one belonging to a trusted organization, making it appear to the victims as if their bank called them.
This call number spoofing made it possible for the crooks to conduct social engineering, phishing, and carry out "bank helpdesk" scams, stealing money, banking account credentials, and one-time codes.
"The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords," Europol said on Thursday.
"The users were able to impersonate an infinite number of entities (such as banks, retail companies, and government institutions) for financial gain and substantial losses to victims."
According to the announcement of the Metropolitan Police, between June 2021 and July 2022, iSpoof was used to make 10 million fraudulent calls worldwide.
Europol reports that iSpoof caused approximately $120,000,000 in losses, with the service's operators raking in estimated profits of $3,850,000 in the last 16 months.

Uncovering iSpoof​

The cybercrime department of the Dutch police says it found the servers hosting iSpoof in Almere, a small town near Amsterdam, during a bank helpdesk fraud investigation.
This led to a new investigation focusing on the service, which led to the discovery of the iSpoof operator's location in London. They then informed Scotland Yard, which started its own in-depth investigation into the suspect.
Next, the police in the Netherlands placed a "tap" on the servers in Almere and gathered insight into how the service worked and who used it.
The UK police say the covert operation of tracking iSpoof closely started in June 2021, helping the law enforcement authorities map the criminal network.
Europol got involved in August 2021 to help the UK police collect evidence and intelligence from global law enforcement partners.
In the framework of its analytical work, Europol was able to identify additional users of the iSpoof service, a number of which were already known for their involvement in other high-profile cybercrime investigations at the European level. — Europol
The owner of iSpoof was arrested on Sunday, November 6, 2022, in East London, and known iSpoof websites like "ispoof.cc" and "ispoof.me" were seized.
Seizure banner on ispoof.cc
Seizure banner on ispoof.cc (BleepingComputer)
The administrators of the servers in Almere, two men, aged 19 and 22, were also arrested. The Dutch police underline they're now deanonymizing more service users based on evidence collected from the seized servers.
Following iSpoof's takedown, the service's users from dark web forums have been advised to "throw everything away."
 
I have seen a lot of domains that got taken down for malicious purposes. I didn't read the full article but i think that we are talking something like trojan/RAT/Spyware, right?
Nope to fake Caller ID info. I.E. A scam center in India or some other country that allows this activity looks like they are calling from your telephone area and exchange and gets your CC or bank account info for nefarious uses under the excuse they are fixing your computer, verifying a fraud purchase on your account (ha-ha), etc.
Since the bank moratorium against Russia, Russian criminals are forced to only accept bitcoin which is ironic and pretty much slams the door on the aforementioned scam.
 
Was a time when I would say China hackers were the most out of all the rest but make no mistake #1 India spent more time hacking and creating SPAM SCAM USERS on my server than anyone. #2 is China, #3 is Singapore.
 
Keep in mind that collection agencies use spoof call centers all the time in the US illegally in many cases.

Example you get a call from a process server who has papers to serve and the so called process server will give you a case # and a phone # to get any questions answered you must call the person handling the case who is actually a COLLECTOR lying to get you to pay the debt.

So in most cases its the Collection Agency conducting illegal activities not the call center.

In fact most agencies use this particular site


It allows you to show what # the person is calling from Customizable feature Show whatever # you wish.

It allows custom messages for machine EXAMPLE A process server leaves a generic message for everyone.

So in many cases the call center is doing nothing wrong. SPOOFING is not illegal.

Many doctor offices use these services for appointment reminder calls and many other types of companies as well.
 
Last edited:
So in many cases the call center is doing nothing wrong. SPOOFING is not illegal.

Many doctor offices use these services for appointment reminder calls and many other types of companies as well.
I don't know about that. 3 weeks ago I greeted 3 Homeland Security agents at our main office in regards to numbers issued to our customers from our number block were being spoofed.
Granted there have been all kinds of schemes to fraudulently issued fake caller ID.
I long for the analog Capt. Crunch days (2600 Hz tone) and you could blow whatever DTMF code and spoof whatever you wanted
 
Back