U.K. cybercrime investigators claimed victory with the sentencing of three men on Monday following the prosecution of an organized phishing gang.
The three men were accused of running up to 40 fake bank websites designed to harvest the credentials of online banking customers. They stole £599,000 (US$958 million) from bank accounts and committed more than £570,000 in credit card-related fraud, according to the Metropolitan Police Central e-Crime Unit (PCeU). Authorities are still trying to trace and confiscate the cash losses.
Ayodeji John Kareem, 38, of London, was sentenced to five years and five months. He pleaded guilty to conspiracy to defraud and conspiracy to acquire and use criminal property. Babtunde Fafore, 41, of Ireland, received five years and seven months. Fafore pleaded guilty to the same charges as Kareem.
Vincent Alonge, 31, of London, pleaded guilty to possession of a false identity document and possession of articles for use in fraud. He received two and a half years.
The PCeU, which called the investigation "Operation Dynamophone," characterized the convictions in a news release as "believed to be the first prosecutions in the U.K. involving such detailed evidence of an organized phishing operation."
Police said they found computer scripts used to run the fake banking websites when the men were arrested in August 2010 at locations in London and Navan, County Meath, Ireland. It's believed the three obtained details on more than 900 bank accounts and 10,000 credit cards.
Police said that 1,400 of the credit card accounts had been fraudulently used amounting to £570,000 losses, but the total amount of losses could be more than £3 million. The group lured victims to their fake website through spam, where victims were asked to confirm their account details.
Send news tips and comments to firstname.lastname@example.org
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.