Scotland Yard on trail of thousands who bought ID fraud tools

12 Jun 2012

Thousands of internet users who downloaded ID fraud packages that helped them to create fake documents and IDs online are being hunted by London’s Metropolitan Police.

It is estimated that 11,000 users of the UK website Confidential Access accessed tools to help them create items such as false bank statements, wage slips, driving licences and other documents.

Some users spent more than stg£20,000 on fraudulent documents while others went on to commit acts of fraud totalling more than stg£1m with the materials, according to Sophos.

Seven of the gang’s top brass were arrested following a two-and-a-half year investigation. Six of them were sentenced on Friday at Southwark Crown Court, while one escaped prosecution because he’s terminally ill.

Jason Place and Barry Sales ran the business from what police call “comfortable villas” in Alicante, Spain.

Authorities broke the case by analysing servers seized from Hong Kong.

“The ‘painstaking’ analysis eventually led to officers breaking what they called ‘highly sophisticated’ encryption codes,” Sophos’ Lisa Vaas explained in the Sophos Naked Security blog.

“Playing cat and mouse, Confidential Access responded by setting up servers in Holland. The police eventually got their hands on these servers, as well,” Vaas added.

Sophisticated fraud

One of the top-end products was called the Platinum Profile. This cost stg£5,500 and came complete with instructions on how to commit identity fraud. They also had a profile called the 100pc Creditmaster profile which was exclusive to VIP members of the website. This would usually cost stg£2,000. However, if the customer successfully committed fraud with the Creditmaster profile, Confidential Access would ask for 50pc of the customer’s first fraud or threaten to wreck the credit profile.

Web chat forums were a key part of the fraud, providing clients with information, advice and coaching them on how to use the profiles and commit fraud. Some of the forums were free but others came at a cost.

Det-Insp Tim Dowdeswell from the London Metropolitan Police said: “This was a sophisticated operation which has netted millions of pounds over the years. These cyber-criminals not only provided the tools to commit fraud, they instructed their clients in how to use them to make the maximum amount of money, while ruining real people’s credit histories into the bargain.

“We have already brought many of their students in crime to court and will continue to work with other police forces and partners to bring those people who bought and used these identities in their own frauds to justice,” Dowdeswell said.

Identity fraud image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years