Three jailed for multi-million pound phishing campaign

The Metropolitan Police Central eCrime Unit (PCeU) has claimed another victory in the fight against cyber crime with the conviction of three men found guilty of a co-ordinated phishing campaign which compromised over 10,000 credit cards and could have netted over £3m.

Ayodeji John Kareem, 38, Vincent Alonge, 31, and Babatunde Fafore, 41, were sentenced to a total of 13.5 years after pleading guilty at Snaresbrook Crown Court.

The convictions are thought to be the first in the UK connected with a phishing campaign, and came about after the PCeU's Operation Dynamophone investigation.

The three men managed to obtain the credit card and bank account details of countless victims via classic phishing techniques, sending out unsolicited emails claiming to be from the victims' banks and directing them to a fake web page where they were asked to confirm their details.

They stole over £599,000 from 900 bank accounts, and a possible £3.1m from 10,000 credit cards, according to the Met.

The PCeU found computer programs able to generate over 40 fake banking web pages on machines belonging to the trio, leading to their successful prosecution.

Detective inspector Colin Wetherill of the PCeU said that the convictions represented a significant step forward in the fight against cyber crime.

"In collaboration with law enforcement colleagues and industry partners in the UK and overseas we are working to identify and bring to justice those committing serious and organised offences of this nature online, and to reduce the harm they cause to innocent individuals and to the economy," he added.

"However, we all have a role to play in the protection of our private information and we would urge the public to exercise great care when supplying their personal details online, and to take the advice given at Get Safe Online."

While spam volumes have dropped since the high-profile takedown of the Rustock botnet earlier this year, phishing remains popular among cyber criminals given the widespread availability of DIY toolkits on the web.

A recent Symantec report put the UK as the fifth most popular location for phishing, accounting for about four per cent of attack attempts.