Six people from the UK and Ireland have been arrested in connection to a phishing scam.
Police allege that the suspects used spam emails and websites made to look like official bank sites to trick up to 20,000 victims out of their account and credit card details.
The arrested are believed to be members of an ‘Internet crime gang’ responsible for up to £3 million worth of online theft. "We have taken this action to shut down an organised criminal network running an online phishing and account take-over operation,” said Detective Inspector Colin Wetherill of the Metropolitan Police.
A recent report from security software vendor BitDefender (.pdf) highlighted a new style of phising attack in which a form asking the victim to enter their details is attached to a spam email, rather than hosted on a spoof website.
“As both webhosting companies and the anti-malware industry have allocated extensive resources to suspending or blocking phishing pages, cyber-criminals now focus on sending messages with the phishing form attached to the email,” it said. “Furthermore, since attachments are much easier to be analyzed, in a recent Visa phishing wave forms were encrypted.”