3 min read

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands

Graham CLULEY

July 23, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands

Dutch police have arrested suspected members of a notorious cybercrime gang known as "Fraud Family," following a spate of sophisticated phishing attacks that have targeted users in the Netherlands and Belgium.

A 24-year-old man from Arnhem, suspected of developing and distributing phishing frameworks that collected data from unsuspecting banking customers, was arrested on Tuesday and was scheduled to be brought before a magistrate in Rotterdam today.

Also arrested was a 15-year-old boy from the town of Loenen aan de Vecht, suspected of selling the phishing panels which could have made it easy for criminals with minimal technical knowledge to launch convincing phishing attacks and even bypass two-factor authentication (2FA.)

Security experts at Group IB believes that the people arrested are part of a "Fraud-as-a-service" criminal ring known as "Fraud Family."

As researchers describe in a blog post, Fraud Family have created an infrastructure involving phishing kits and web admin panels that allow criminals to interact in real-time with a phishing website.

For instance, a victim might be sent a message via email, SMS, or WhatsApp which includes a link to a phishing website.  The message may claim to be a notification from an online marketplace, a bank, or other service that requires attention from the unsuspecting user.

If clicked, the links take the user to a phishing page which looks virtually identical to a legitimate banking website, with a request for the user to login - providing their personal and banking information.

Of course, most banking users have their accounts protected by more than just a simple username and password today - such is the prevalence of phishing scams - and so the fraudsters are able to interact with the user in real-time via an admin panel, stealing information and credentials throughout.

As Group IB describes, as victims enter their credentials on a phishing site the fraudsters are informed of the activity:

"The crooks who use this phishing infrastructure get access to a web panel that interacts, in real time, with the phishing site. When victims submit their banking credentials, the phishing site sends them to the fraudster-controlled web panel. This one actually notifies the miscreants that a new victim is online. The scammers can then request additional information that will help them to gain access to the bank accounts, including two factor authentication tokens, and personal identifiable information. While the phishing site is waiting for further instructions from the attackers, the unsuspecting victim is looking at a "Please wait..." screen."

In short, a fraudster can use information given to them by the victim to attempt to break into a banking account, and additionally request in real-time any further information that the bank requires to complete the login process - such as a 2FA code or even engage in a live online chat posing as customer support.

Promoting itself on Telegram, Family Fraud has been renting out its services to criminals for as little as €200 a month.  Thousands of subscribers have joined the Telegram channels operated by the group, suggesting large sums may have been made from the criminal activity.

Fascinatingly, even the Dutch police have appeared in the group's Telegram channel - publicising the arrest of suspected gang members.

According to police, a firearm, telephones, and computers were seized in the searches at the suspects' properties.  In addition the source code of the phishing panel is said to have been found.

Internet users are advised to remain extremely wary of unsolicited links that they are sent, and only enter information on webpages which they are confident are legitimate.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

2.2 Million Patients Affected by Data Breach in Pediatric Software Vendor 2.2 Million Patients Affected by Data Breach in Pediatric Software Vendor
Silviu STAHIE

December 07, 2022

1 min read
Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read