The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks.
The cybercrime unit of the Ukrainian police has arrested a group of cybercriminals who managed to steal payment card data from at least 70,000 people by setting up mobile fake top-up services.
The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens. Once obtained the data, crooks used it to empty their victims’ bank accounts.
One of the members of the group set up his own servers to operate the fraudulent scheme, he also hired three citizens who acted as so-called money mules (individuals that removed the funds from the accounts and transferred them to other accounts under the control of the gang or supported cash out). The money mules maintained a percentage of profit for each operation they carried out.
“Users entered bank card details on phishing sites in order to top up their mobile account or make a transfer. Thus, the attacker received payment information from more than 70 thousand people. Later, using this data, the group members embezzled citizens’ money.” reads the announcement published by the Ukrainian Cyberpolice. “The organizer also used paid marketing and analytical resources to bring these sites to the forefront of search services, as well as advertise services on social networks.”
The police raided the houses of the five suspects and seized 2 million hryvnias ($70,000) in cash, mobile phones, flash drives, bank cards, and computers. According to a preliminary investigation, the group stole more than 5 million hryvnias ($175,000) from the victims.
The arrested people now face criminal charges under Part 2 of Art. 361 (Unauthorized interference in the work of computers, automated systems, computer networks or telecommunications networks) and Part 3 of Art. 190 (Fraud) of the Criminal Code of Ukraine. The members of the gang face up to eight years in prison.
“Cyberpolice reminds you to check the URL carefully, as any inaccuracies can mean that the user has been caught on a phishing site. Do not enter third-party resources or disclose bank card details, especially CVV, PIN and card expiration date.” concludes the announcement.
(SecurityAffairs – hacking, phishing)