Security Experts:

U.K. Men Sentenced for Managing Online Forum for Fraudsters

A court in the U.K. sentenced six men for their roles in managing online forums that coached identity thieves in how to commit fraud.

The men were: Jason Place, 42, of Gravesend, Kent; Mark Powell-Richards, 59, Bickley, Kent; Allen Stringer, 57, Crossgates, Leeds; Michael Daly, 68, Erith, Kent; Jaipal Singh, 31, Wednesbury, West Midlands and Arun Thear, 22, West Bromwich, West Midlands. Each received various sentences, with Place garnering the stiffest – six years and nine months.

The arrests were part of an investigation spanning more than two years. According to authorities, Jason Place and Barry Sales – who prosecutors decided not to go after due to illness - ran operations for 'Confidential Access' together from Alicante, Spain, with employees based at locations around the UK monitoring the site and working on producing documents such as false bank statements, wage slips, driving licenses and utility bills.

A monthly subscription fee bought members access to user forums where they could discuss how to use the identity documents to commit fraud and seek advice. Access to the forums was controlled, with some forums only open to members who had spent a specific amount of money and had gained a specific level of trust. The top-tier members were classified as VIPs and were granted access to a forum called "The Black Marketplace", where incriminating topics were discussed and hidden from the general public and non-VIP members.

Among the products the ring offered was called the 'Platinum Profile,' which came complete with instructions on how to commit identity fraud. They also had a profile called the '100% Creditmaster,' which would usually cost £2000. However, if the customer successfully committed fraud with it, Confidential Access would ask for 50 percent of the customer's first fraud or threaten to wreck the credit profile.

The case was broken open with an analysis of servers seized from Hong Kong that led to the discovery of sophisticated encryption codes. Confidential Access responded by setting up servers in Holland that were eventually seized as well.

Of the 11,000 clients who used the company's services, some spent more than £20,000 on false documentation during the course of their business with the company, and some went on to commit fraud of their own – in some cases totaling more than £1 million, according to police.

Powell-Richards was sentenced to two years and three months; Stringer received to two years and three months; Daly was sentenced to 12 months suspended for two years and 250 hours of unpaid community service; Singh was sentenced to 18 months and Thear received six months suspended for two years and 150 hours unpaid community service.

"This was a sophisticated operation which has netted millions of pounds over the years," said Detective Inspector Tim Dowdeswell in a statement. "These cyber criminals not only provided the tools to commit fraud they instructed their clients in how to use them to make the maximum amount of money, whilst ruining real people's credit histories into the bargain. We have already brought many of their students in crime to court and will continue to work with other police forces and partners to bring those people who bought and used these identities in their own frauds to justice."

 

 

Subscribe to the SecurityWeek Email Briefing
view counter
view counter