Arrests made over UK “smishing” texts scam
UK police have made eight arrests following a series of early morning operations targeting individuals suspected of sending out “smishing” texts. These scam messages aim to steal people’s personal and financial details by directing recipients to fake versions of websites of trusted organisations, such as Royal Mail.
The arrests formed part of a week of action led by officers from the Dedicated Card and Payment Crime Unit (DCPCU), a specialist City of London and Metropolitan police unit funded by the banking and cards industry, in partnership with Royal Mail and the telecoms industry.
Operations were conducted across London, Coventry, Birmingham and Colchester resulting in eight male suspects being arrested on suspicion of fraud. The suspects are believed to have been involved in sending out scam texts primarily posing as Royal Mail, which claim the recipient needs to pay an outstanding postage fee for a parcel or input their details to rearrange a delivery.
During the searches, valuable intelligence was gathered and several devices suspected of being used in smishing scams were seized. The unit also recovered numerous customers’ financial details, enabling these bank accounts to be protected.
Seven of those arrested have been released under investigation, with one suspect charged and remanded in custody ahead of a court appearance.
The police have said that ongoing investigations are expected to result in further arrests and charges.
Detective Chief Inspector Gary Robinson, head of the DCPCU, commented: “The success of these operations shows how through our close collaboration with Royal Mail, the financial services sector, and mobile phone networks, we are cracking down on the criminals ruthlessly targeting the public.”
Commenting on the success, Stephen Ritter, CTO at digital identification specialist, Mitek, said: “The Royal Mail smishing scams are another example proving that fraudsters are using more sophisticated methods than ever before. All too often, industry experts are quick to blame consumers for ‘falling’ for scams – but this blame game needs to stop. The onus should now be on technology and finance organisations to step up to the challenge.”
Ritter is calling on digital service providers – messaging apps, mobile manufacturers, email providers, and mobile networks – to warn people when a suspicious link or message is shared. “Often, you might not notice a dubious link, or the unknown number it’s sent from – but your phone, messaging service, or network could. A simple flag (‘This link could be fraudulent’) would go a long way to protecting consumers.” Artificial intelligence (AI) and machine learning (ML) algorithms could spot scams before they reach the consumer.
In the future, technologies such as behavioural biometrics could be used to track fraudsters’ behaviour and movements around the web, to build a digital footprint of their activity and figure out if they are really who they say they are. Ritter added, “legislation also plays a role, and initiatives like the UK’s Online Safety Bill are a welcome step forward. For now, however, we have to rely on the tools we already have at our disposal – and use them to stamp out scams before they hit our inboxes.”
Read next: Navigating a cyber-normal world