An Australian Federal Police (AFP) investigation has helped to arrest a person who is allegedly behind one of the world’s largest phishing scams. It’s estimated the phishing package was responsible for around 50% of all scams in Australia in 2019.
In 2018, the AFP’s Cybercrime Operations unit looked into a series of phishing scams from information provided by Australian banking institutions.
It appeared that a Universal Admin (U-Admin) kit was being used to steal bank login details and intercept transactions. This resulted in millions of dollars being stolen from Australian bank accounts.
The AFP worked closely with its international partners and shared information with the National Police of Ukraine and the FBI. Offshore investigations eventually resulted in the arrest of a 31-year-old man in Ternopil, Ukraine last week, according to the press release.
The scam software stole tens of millions of dollars from 11 countries. Police also allege that the person conducted demonstrations of how to use his illegal products for other criminals on the Darknet.
“The arrest in the Ukraine is a clear message to cybercriminals everywhere; it doesn’t matter if you live in Australia or across the world, the AFP is working with its domestic and international partners to tackle the global threat of cybercrime and your activities are being targeted by multiple law enforcement agencies,” said AFP Cybercrime Operations Commander Chris Goldsmith.
How did the phishing scam work?
According to the AFP, U-Admin is a phishing framework used by cybercriminals that enables them to steal login details from bank account holders.
The developer allegedly created the tools needed to send thousands of SMS scams containing links to replica bank websites. This could come in the form of a message asking a user to confirm their login details with a link to a fake website.
Once the user clicked on the link and entered their details, the criminals would gain control of both their bank account and the authentication code.
This phishing kit gives the offender two ways of stealing money from an account holder. They can log in and transfer funds out of the bank account or they can intercept any future transactions by changing the recipient’s details.
Commander Goldsmith encouraged Australians to report any suspected scams or suspicious activity in their bank accounts.
“The AFP encourages any Australian who believes they have been the victim of a phishing scam or notices anomalies in their banking transactions to contact their bank and also report the matter using Report Cyber at the cyber.gov.au.”