3 min read

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands

Graham CLULEY

July 23, 2021

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands

Dutch police have arrested suspected members of a notorious cybercrime gang known as "Fraud Family," following a spate of sophisticated phishing attacks that have targeted users in the Netherlands and Belgium.

A 24-year-old man from Arnhem, suspected of developing and distributing phishing frameworks that collected data from unsuspecting banking customers, was arrested on Tuesday and was scheduled to be brought before a magistrate in Rotterdam today.

Also arrested was a 15-year-old boy from the town of Loenen aan de Vecht, suspected of selling the phishing panels which could have made it easy for criminals with minimal technical knowledge to launch convincing phishing attacks and even bypass two-factor authentication (2FA.)

Security experts at Group IB believes that the people arrested are part of a "Fraud-as-a-service" criminal ring known as "Fraud Family."

As researchers describe in a blog post, Fraud Family have created an infrastructure involving phishing kits and web admin panels that allow criminals to interact in real-time with a phishing website.

For instance, a victim might be sent a message via email, SMS, or WhatsApp which includes a link to a phishing website.  The message may claim to be a notification from an online marketplace, a bank, or other service that requires attention from the unsuspecting user.

If clicked, the links take the user to a phishing page which looks virtually identical to a legitimate banking website, with a request for the user to login - providing their personal and banking information.

Of course, most banking users have their accounts protected by more than just a simple username and password today - such is the prevalence of phishing scams - and so the fraudsters are able to interact with the user in real-time via an admin panel, stealing information and credentials throughout.

As Group IB describes, as victims enter their credentials on a phishing site the fraudsters are informed of the activity:

"The crooks who use this phishing infrastructure get access to a web panel that interacts, in real time, with the phishing site. When victims submit their banking credentials, the phishing site sends them to the fraudster-controlled web panel. This one actually notifies the miscreants that a new victim is online. The scammers can then request additional information that will help them to gain access to the bank accounts, including two factor authentication tokens, and personal identifiable information. While the phishing site is waiting for further instructions from the attackers, the unsuspecting victim is looking at a "Please wait..." screen."

In short, a fraudster can use information given to them by the victim to attempt to break into a banking account, and additionally request in real-time any further information that the bank requires to complete the login process - such as a 2FA code or even engage in a live online chat posing as customer support.

Promoting itself on Telegram, Family Fraud has been renting out its services to criminals for as little as €200 a month.  Thousands of subscribers have joined the Telegram channels operated by the group, suggesting large sums may have been made from the criminal activity.

Fascinatingly, even the Dutch police have appeared in the group's Telegram channel - publicising the arrest of suspected gang members.

According to police, a firearm, telephones, and computers were seized in the searches at the suspects' properties.  In addition the source code of the phishing panel is said to have been found.

Internet users are advised to remain extremely wary of unsolicited links that they are sent, and only enter information on webpages which they are confident are legitimate.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

FTC Says Companies Operating Health Apps and Connected Devices Must Inform Users of Data Breaches FTC Says Companies Operating Health Apps and Connected Devices Must Inform Users of Data Breaches
Silviu STAHIE

September 17, 2021

1 min read
Owner of DDoS-as-a-service Websites Found Guilty, Faces up to 35 Years in Prison Owner of DDoS-as-a-service Websites Found Guilty, Faces up to 35 Years in Prison
Silviu STAHIE

September 17, 2021

1 min read
Do Mobile Security Solutions Really Work or Are They a Scam? Do Mobile Security Solutions Really Work or Are They a Scam?
Filip TRUȚĂ

September 17, 2021

2 min read