A multi-million pound internet banking fraud which drained thousands of pounds from the UK accounts of innocent victims was cracked by police yesterday.
A gang of Eastern Europeans made £2 million a month from online accounts by stealing victims log-in details using sophisticated software which can be bought for just £300 over the internet.
They made £6m in just three months and detectives believe they could have reaped as much as £20m in the highly organised scam
Arrested: One of the alleged suspects is led away from his home following an early morning raid by police from the Police Central e-crime unit.
Handcuffed: Another suspect is taken away for questioning over the alleged £20m scam
The mastermind, who detectives believe is an adept IT expert, was among 19 arrested yesterday in a series of dawn raids across London.
He and his team targeted hundreds of victims who had weak security on their computers and accessed their user names and passwords despite tight security systems put in place by the banks on their internet sites.
Police were alerted by high street banks who were alarmed a sudden surge in fraud.
Investigators from Scotland Yard’s e-Crime Unit [pls keep unit name] discovered that the gang were hitting vulnerable computers using software which is described in the industry as a ‘Trojan horse’ because it infiltrates the computer without the user realising.
The system called ‘Zeus’ or ‘Zbot’ infects victims’ personal computers, waits for them to log onto a list of specifically targeted banks and financial institutions and then steals their personal credentials, forwarding the data to a server controlled by criminals.
Scammer's den: Paraphernalia from the flat where the arrests were made. Those involved are alleged to have use 'trojan horse' software to commit their crimes
After the gang had taken over victims’ online bank accounts, they would take out several thousands pounds and place it in a ‘drop’ account before withdrawing the cash.
They recruited dozens of ‘mules’ who would allow them to use their accounts to pay the money into in return for payment.
By using scores of different bank accounts to deposit the money, they hoped to evade being caught.
Detectives have so far pinpointed over 600 British bank accounts which were defrauded but believe hundreds have been targeted.
Unremarkable: Despite the money made from the fraud, the ringleaders lived in a three-bedroom house in Chingford, Essex
The ringleader, in his 20s, and his wife, an accomplice in the scam, were arrested in an unremarkable third-floor flat in Chingford, Essex, yesterday morning.
Another couple, also part of the gang, were also arrested at the property.
The ‘nerve centre’ where the ringleader ran his empire from was simply a laptop on a desk in his front room. In front of it lay a notebook where figures of money had been carefully written in pencil.
In all, officers arrested 15 men and four women aged between 23 and 47 on suspicion of the Computer Misuse Act, Proceeds of Crime Act and Fraud Act offences . Inquiries are ongoing to ascertain whether they are in the country illegally.
Among them, two were also arrested on suspicion of possession of a firearm found at one of the properties. They are all in custody for questioning.
Detective Chief Inspector Terry Wilson, who led the investigation, [pls keep name and as much of quote as possible] said: ‘We’ve worked closely with UK banks through our Virtual Taskforce approach to gather information and evidence which has resulted in today’s arrests.
Wake up call: Detectives ram their way in to arrest the fraudsters. In total 15 men and four women were taken into custody
'We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent peoples’ accounts, causing immense personal anxiety and significant financial harm - which of course banks have had to repay at considerable cost to the economy.
'Online banking customers must make sure their security systems are up to date and be alert to any unusual or additional security features requested which is at variance with their normal log-on experience. Greater public awareness and education will make it harder for personal details to be compromised and for this type of fraud to be carried out.'
Martin Muirhead, chairman of the Virtual Task Force, said: 'This is an excellent example of how to bring to bear the resources and expertise of multiple agencies and public / private organisations in the UK. This is pioneering work led by the Metropolitan Police Service.”