Millions of people get phone calls from scammers and wonder who is at the other end.
Now we know: rather than someone in a call centre far away, a “bright young man” living in a lush flat in London has been unmasked as the mastermind behind so many of these calls.
Tejay Fletcher’s trial exposed how criminals with a simple website bypassed police, phone operators and banks to facilitate “fraud on an industrial scale”, scamming victims out of £100m of their hard earned cash.
Fletcher, 35, who ran the website iSpoof.cc, was jailed for 13 years and four months earlier this week following his arrest in 2019 in what is the biggest anti-fraud operation mounted in the UK.
The website allowed criminals to disguise their phone numbers in a process known as “spoofing” and trick unsuspecting people to believe they were being called by their bank or other institutions.
[…]
In 2020, he co-founded iSpoof.cc, which he built into what he called “the most sophisticated client spoofing platform available”, allowing scammers to change the number or identity displayed when they made calls so they appeared to be calling from a trusted organisation, often a bank or a bank’s fraud department.
[…]
His website was used for a large proportion of fraudulent activity in the UK – but copycats have since taken its place, and others are still falling victim to these types of scams, experts have warned.
How victims were scammed
The number of people using iSpoof swelled to 69,000 at its peak, with as many as 20 people per minute targeted by callers using the site.
More than 10 million fraudulent calls were made using iSpoof in the year to August 2022 – 3.5 million of them in the UK, the prosecution said. More than 200,000 victims in the UK – many of them elderly – lost £43m, while global losses exceeded £100m.
For a basic subscription fee of £150 a month, users got a set number of minutes to make automated bot calls using the website or app version. They could then pay extra for additional features
[…]
Often, victims would get an automated call prompting them to confirm a transaction on an account.
The website allowed them to intercept one-time passwords, which were “ironically” introduced by banks to increase their security measures, noted John Ojakovoh, prosecuting.
iSpoof offered scammers extra features that allowed victims to type in a telephone pincode after being prompted to do so by an automated call.
Users could also pay for the ability to monitor calls live, or place calls pretending to be from an establishment that had old card details on file and wanted new ones.
Scammers could control what the automated call would say to recipients and access tools such as voice recognition.
[…]
iSpoof had a channel on Telegram, a social media platform, which it used to communicate with its customers and promote itself, the prosecution said.
The Telegram channel also displayed advertisements from companies selling bank details.
Fletcher would use it to conduct “market research”, running polls to find out which features users wanted most.
[…]
Fletcher was not particularly tech-savvy, but he used a website called freelancer.com to hire programmers to make the “building blocks” of the site
[…]
His lawyer said he had initially set out to create a simple website, but his co-founder suggested ways the technology could be made more sophisticated, which spurred him on. In 2021, he and his co-founder “fell out” and Fletcher ousted him, replacing him with three other administrators that he appeared to be supervising.
[…]
When Fletcher assumed control of iSpoof, the profits received had a “meteoric rise” from 5 Bitcoin to 117, prosecutors said. Fletcher received 64.38 Bitcoin, worth just short of £2m.
How police cracked the case
Posing as iSpoof customers, police paid for a trial subscription in Bitcoin and tested the website. They traced the money they paid to iSpoof and eventually discovered that the “lion’s share” of the profits were going to Fletcher.
They obtained a copy of the website’s server, which revealed call logs that further incriminated Fletcher and the scammers using his website.
[…]
others are also being investigated. Some 120 suspected phone scammers have been arrested, 103 of them in London.
[…]
Source: How a 35-year-old weed smoker behind 10 million scam calls made his fortune
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft