Dutch police have arrested two people for their alleged involvement in a phishing fraud-as-a-service scheme, one of them a 15-year-old suspect and the other a 24-year-old due to appear in court on Friday.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

Authorities got an assist from security vendor Group-IB in the arrests for the “Dutch-speaking syndicate that develops, sells and rents sophisticated phishing frameworks,” according to the company. Group-IB had dubbed the syndicate and its “massive” operation “Fraud Family.”

The unnamed 24-year-old is accused of developing the phishing service kits, while the 15-year-old allegedly sold them. The younger suspect was released pending further investigation. Dutch police also said they searched a third 18-year-old suspect.

Group-IB said the Fraud Family operation, which has mainly hit victims in the Netherlands and Belgium since at least 2020 but perhaps as far back as 2018, is focused on stealing banking credentials. The criminals advertised their service to less-skilled cyber crooks on the encrypted messaging app Telegram, where Fraud Family’s eight channels have nearly 2,000 subscribers.

It’s a business model that has grown popular in the ransomware world, where developers lend other criminals their malware in exchange for a share of profits.

In one kind of attack using Fraud Family’s phishing infrastructure, the victim gets an email, text or WhatsAp message pretending to be a well-known real company, such as a local business that caters to home buyers. They contain links to information-stealing phishing websites, according to Group-IB.

Another, Group-IB said, involves contacting a seller listed in classified advertising, asking the seller to make a small e-commerce payment to “verify the seller is not a scammer” only for the e-commerce payment link to be a phishing site. When the victim selects their bank from the website’s list, it asks for their credentials.

Fraud Family gives the criminals access to a web panel that interacts with the phishing website, allowing them to ask for credentials including multi-factor authentication tokens.

Group-IB saw Fraud Family-related activity rise toward the end of 2020 and continuing into 2021, but similar-looking infrastructure has been advertised dating back to 2018.

The 15-year-old suspect was released from custody “pending further investigation,” police said. Dutch authorities have differentiated themselves by their willingness to let young suspects off with a warning. The Cyber Offender Prevention Squad, founded in the Netherlands with input from the U.K., aims to direct teenage hackers into a legtimate cyber career.

The post Dutch police bust alleged ‘Fraud Family’ phishing service members appeared first on CyberScoop.

By admin