The Metropolitan Police have shut down a secretive website that made almost a million pounds helping criminals carry out cyber scams.
37 people around the world have been arrested in connection with the dark web platform LabHost.
The website gathered personal data from tens of thousands of people in the UK.
Here’s everything you need to know about LabHost and the cybercrime underworld.
What is LabHost?
LabHost started in late 2021 as a ‘phishing-as-a-service’ platform.
It had more than 2,000 criminal customers who used the platform to create and run online scams.
What is phishing?
Phishing is a type of online scam where a criminal sends fake emails or messages pretending to be from a reputable company in order to collect personal information.
Some criminals gather financial information such as bank details to steal money, while others might phish for sensitive information that they can use to blackmail the victim.
Users paid for memberships which cost up to £300 a month and gave them access to different fraudulent websites.
The service meant that criminals without coding or IT skills could still set up scam web pages.
LabHost even offered tutorials on how to run fake websites and told users to ‘stay safe and good spamming’.
Criminals could also request bespoke websites imitating respected brands.
LabHost hosted more than 40,000 fraudulent websites to lure thousands of victims.
Criminals imitated the webpages of major banks, as well as brands like Spotify and postal services like DHL.
The fake websites requested people’s personal information, like card numbers, passwords and security question answers.
For example, a scammer might send a victim a text message pretending to be a postal service.
The text might claim that the victim had a package that was unable to be delivered.
If the victim clicked the link in the text, they would be taken to a fake webpage and asked to enter their personal details, like passwords or bank details. But the web page would be run by LabHost.
The platform made just under £1 million in profits from criminal users.
Who used LabHost?
A number of scammer used the platform, but perhaps more surprisingly, the Met Police said that it was also used by university students trying to make ends meet.
DI Oliver Richter told the Guardian: ‘A lot of these users, they are younger, they’re at university, they are very likely to go on to perhaps perfectly legitimate careers.
‘They see this, because it is so easy to do, as something that is anonymous.
‘They are entering into this, I think, not fully understanding the risks and potential outcomes.’
Who did LabHost target?
The Met Police say that there are just under 70,000 individual UK victims who entered their details on one of LabHost’s fraudulent websites.
The majority of the victims were ages 25 to 44 years old.
The service gained access to 480,000 card numbers and 64,000 personal identification numbers.
It also gained access to more than a million passwords.
The Met Police have so far contacted 25,000 victims in the UK.
Adrian Searle, Director of the National Economic Crime Centre (NECC) in the NCA, said that cybercrime and fraud make up around 50% of all crime in England and Wales.
If you think that you have been a victim of fraud, you should report it to Action Fraud online or via their telephone reporting line on 0300 123 2040.
What did the Metropolitan Police do?
The Metropolitan Police started investigating LabHost in June 2022.
The operation was a partnership between the Met, the UK National Crime Agency, Europol and Regional Organised Crime Units across the UK.
On Thursday, they disrupted LabHost and the fraudulent websites connected with it.
37 suspects have been arrested in the UK and by international law enforcement agencies.
Some of the suspects were arrested at Manchester and Luton airport.
70 addresses have also been searched and hundreds of criminals have been contacted to let them know that they are under active investigation in connection with LabHost.
It’s not the first crackdown on cybercriminal gangs in recent months.
In February 2024, the National Crime Agency disrupted the activity of LockBit, one of the world’s most dangerous cybercrime groups, who conducted ransomware attacks.
Dame Lynne Owens, Deputy Commissioner of the Metropolitan Police Service, said: ‘You are more likely to be a victim of fraud than any other crime.’
‘Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.’
How to protect yourself from scams
Irvin Shillingford, Regional Manager for Northern Europe at cloud security provider Hornetsecurity, said that the LabHost bust is an important reminder that phishing scams can affect anyone.
He added that maintaining strong personal cybersecurity practices is essential to protecting yourself from online scams.
‘While implementing measures such as two-factor authentication is a positive step, additional action is necessary,’ he said.
He said that business leaders needed to actively engage with the issue.
‘Ongoing training that raises awareness of various types of attacks, consistently updating passwords and being cautious when using work devices for personal activities will significantly reduce the risk of succumbing to new phishing attacks.’
