Metropolitan Police unravel global scam: LabHost’s massive fraud exposed

A sprawling criminal enterprise originating in the UK, dedicated to defrauding individuals on a massive scale, has been dismantled following a successful infiltration, according to the Metropolitan Police.

The website, known as LabHost, orchestrated elaborate scams that ensnared approximately 70,000 victims in the UK alone. Globally, it harvested 480,000 card numbers and 64,000 PINs through its nefarious schemes. Law enforcement agencies have apprehended 37 suspects across various locations, including Manchester, Luton airports, Essex, and London.

LabHost, established by a criminal syndicate in 2021, facilitated the creation of phishing websites aimed at duping individuals into divulging personal data such as email credentials, passwords, and financial information. Phishing, a deceptive tactic wherein perpetrators impersonate legitimate entities, was the modus operandi employed.

Subscribers to this criminal enterprise gained access to a user-friendly interface where they could select from pre-existing fraudulent sites or request custom pages mimicking trusted brands like banks, healthcare providers, and postal services. LabHost even offered templates and tutorials, catering to aspiring fraudsters with minimal technical acumen.

The tutorial’s conclusion featured a robotic voice encouraging fraudsters with the ominous phrase, “Stay safe and good spamming.” By early 2024, over 40,000 fraudulent sites had been spawned, with 2,000 users paying monthly subscriptions. LabHost also supplied its clientele with counterfeit profiles for 170 companies, 47 of which were UK-based, to further deceive victims.