Thirty-six websites used to sell stolen bank account details have been taken down following an investigation by the Serious Organised Crime Agency (SOCA).
In addition, two British men suspected of making large-scale purchases of stolen data from such sites were arrested yesterday, and the UK’s Dedicated Cheque and Plastic Crime Unit (DCPCU) seized a number of computers suspected of being used to facilitate offences under the Fraud Act.
An Automated Vending Cart (AVC) operator, based in Macedonia, has also been arrested by the Macedonian Ministry of Interior Cyber Crime Unit.
SOCA, working with the FBI and the US Department of Justice, identified the web domains as specialising in selling stolen payment card and online bank account details.
The sites used e-commerce type platforms, known as Automated Vending Carts (AVCs), which allow criminals to sell large amounts of stolen data quickly and easily.
People trying to access the sites will now be directed to a screen stating that the web domain has been seized by law enforcement.
SOCA has been monitoring the use of AVCs globally. Over the past two years, it has recovered more than 2.5 million items of compromised personal and financial information, which it has passed on to UK and overseas financial institutions to help prevent potential fraud taking place against the affected accounts.
Lee Miles, head of cyber operations for SOCA, said: “Our activities have saved business, online retailers and financial institutions potential fraud losses estimated at more than half a billion pounds, and at the same time protected thousands of individuals from the distress caused by being a victim of fraud or identity crime.”
As well as working with the FBI, SOCA worked with the BKA in Germany, the KLPD in the Netherlands, the Ukraine Ministry of Internal Affairs, the Australian Federal Police and the Romanian National Police.