Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142

European, US, Australian, Canadian and Ukrainian authorities have cooperated to take down a prolific online phone number spoofing service dubbed “iSpoof,” leading to the arrest of 142 individuals.

Authorities have taken down the websites that facilitated the service. The malicious platform enabled threat actors to impersonate trusted contacts or organizations to deceive victims into handing out sensitive information.

“The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords,” reads Europol’s announcement. “The users were able to impersonate an infinite number of entities (such as banks, retail companies and government institutions) for financial gain and substantial losses to victims.”

The perpetrators allegedly garnered over EUR 3.7 million within 16 months; the spoofing service caused more than EUR 115 million in losses to victims. The investigation also revealed that some iSpoof service users were already involved in other notorious cybercrime operations in Europe.

The internationally coordinated action took place this month and had 142 users and website administrators worldwide arrested. On Nov. 6, UK authorities arrested the main administrator of the website, and, two days later, US and Ukrainian authorities took offline the website and server.

“The arrests today send a message to cybercriminals that they can no longer hide behind perceived international anonymity,” said Europol’ Executive Director Ms Catherine De Bolle. “Europol coordinated the law enforcement community, enriched the information picture and brought criminal intelligence into ongoing operations to target the criminals wherever they are located. Together with our international partners, we will continue to relentlessly push the envelope to bring criminals to justice.”