Arrests made and thousands of victims contacted after scammer site taken offline

Law enforcement agencies have arrested 37 suspects across the UK and around the world

George Lithgow
Thursday 18 April 2024 12:25 BST
A screengrab of an arrest in connection with the LabHost website (Metropolitan Police/PA)
A screengrab of an arrest in connection with the LabHost website (Metropolitan Police/PA) (PA Media)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A UK-founded website used to defraud victims on an industrial scale has been infiltrated – leading to scores of arrests around the world, the Metropolitan Police has said.

As many as 70,000 UK victims were tricked by the site’s scams, which obtained 480,000 card numbers and 64,000 PINs globally.

Law enforcement agencies have arrested 37 suspects across the UK and around the world, including at Manchester and Luton airports, as well as in Essex and London.

LabHost, a scammer site set up in 2021 by a criminal network, enabled users to set up phishing websites designed to trick victims into revealing personal information such as email addresses, passwords, and bank details.

Phishing is a form of scam where attackers deceive people into revealing sensitive information by masquerading as a legitimate person.

Criminal subscribers were able to log on and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.

LabHost even provided templates and an easy to follow tutorial allowing would-be fraudsters with limited IT knowledge to use the service.

At the end of the tutorial, a robotic voice told fraudsters: “Stay safe and good spamming.”

By the beginning of 2024, more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee.

LabHost provided its subscribers with fake profiles for 170 companies to trick victims, including 47 based in the UK.

Those subscribing to the “worldwide membership”, meaning they could target victims internationally, paid between £200 and £300 a month.

Since creation, the site has received just under £1 million in payments from criminal users.

Shortly after the platform was seized and disrupted, 800 users received a message telling them that police “know who they are and what they’ve been doing”.

Police hope they can dissuade former LabHost subscribers from further offending by creating the same level of fear about their information as their victims.

As part of Operation Stargrew, detectives have contacted up to 25,000 victims in the UK to tell them their data has been compromised.

Work began in June 2022 after detectives received crucial intelligence about LabHost’s activity from the Cyber Defence Alliance – a group of British-based banks and law enforcement agencies which work together to share intelligence.

In November 2022, the Met arrested more than 130 suspects as part of Operation Elaborate. An estimated 200,000 victims were targeted by a scam stealing millions from the public via fake bank phone calls.

Dame Lynne Owens, deputy commissioner of the Metropolitan Police Service, said: “You are more likely to be a victim of fraud than any other crime.

“In addition to the financial impact, it undermines the public’s confidence in the tools and technology they need to use in daily life. Our collective approach should ensure suspects feel that same level of distrust in their own criminal environment.

“Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.

“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source.

“Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.”

Adrian Searle, director of the National Economic Crime Centre in the NCA, said: “Fraud is a terrible crime that impacts victims both financially and psychologically, undermining our collective trust in others and the online services on which we all rely.

“Together with cyber crime, it makes up around 50% of all crime in England and Wales. Recognising the scale and nature of the threat, law enforcement are working evermore closely together, both here and overseas, to target the fraudsters and the technology they are exploiting.

“This operation again demonstrates that UK law enforcement has the capability and intent to identify, disrupt and completely compromise criminal services that are targeting the UK on an industrial scale.”

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in