Security Experts:

Three Arrested in UK for Bank Phishing Scams

Three men were arrested on Monday in the UK for their part in a Phishing scam that targeted various banks. The case marks the first joint effort between the PCeU and SOCA Cyber, as they prepare for full integration next year.

The three men, one Nigerian and two Romanian nationals, have been taken to a Central London police station for questioning, after being arrested in a Central London hotel on Monday. They were picked up on charges for Conspiracy to Defraud and Money Laundering.

Acting on reports that more than 2,000 Phishing pages were posted to the Web; police investigated and discovered that all of the Phishing sites were mimicking legit banking institutions, and that the three men had already used the pages to access accounts. As is the usual, the victims were lured to the Phishing sites via email.

"This is the first joint operation between the PCeU and SOCA Cyber as we move towards full integration and inception of the National Cyber Crime Unit on 1 October 2013,” said the head of PCeU, Detective Superintendent Charlie McMurdie, in a statement.

“The dynamic nature and successful outcome of this operation, which has prevented distress and financial loss to numerous UK victims, clearly demonstrates the benefit of brigading resources and expertise in this increasing and specialist area of criminality.”

In related news here at home, Bank of America customers are being warned to ignore emails reporting of account suspensions. The Phishing scheme, initiated from accounts that claiming to represent “Cardholder Services” has been observed hitting thousands of inboxes within the last week.

According to data from PhishTank, which tracks Phishing emails and related scams, the website being used in the scam is almost an exact clone of the legitimate BofA portal. 

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.