On 22nd February 2022, Ukrainian Police officials arrested a group of threat actors that were involved in a phishing campaign.
They used a mobile replenishment service as their disguise to conduct various scams involving 70,000 stolen victim data.
The Cyber Police department and the National police came together on this issue which seemed to have made a loss of five million hyrvnias (Ukrainian Currency).
The threat actors were a group of five people including an organizer who created and administered more than 40 phishing websites to obtain details about credit cards from victims. The phishing websites were similar to that of the mobile operator’s website which made the users enter their card details for topping up their account or making a bank transfer.
Through phishing websites, the attacker has collected information from more than 70,000 people and used it to steal money from those accounts.
The police also stated that the organizer also used paid marketing and analytical resources to make SEO for the phishing websites and make it forefront the search results as well as on social media.
The group also involved three citizens to transfer their illegal funds as a result that they also receive a profit for each fraudulent operation.
The police also seized computer equipment, mobile phones, flash drives, bank cards and also confiscated 2 million hryvnias in cash.
Cyber police also remind the citizens to check on the URL before entering their sensitive information like bank details, CVV, PIN, and card expiry date.