Fergal Parkinson
Published on: August 29, 2024
Over the last decade or so Russia’s intelligence services have been associated with everything from trying to sway the results of successive Western elections to creating the misinformation which fuelled the rioting that swept across the UK last week.
For most people, this makes Russia a rogue state fit only to be condemned – but for some among the digital fraudster classes this association with cybercrime makes the country an admirable role model.
This perhaps explains why the biggest fake phone gang ever uncovered in the UK was going by the brand name Russian Coms.
The gang had no connection with Russia other than apparently thinking the malevolent reach of its bot army on social media was pretty cool. But as an underworld marketing strategy – rolled out on platforms like Snapchat, Instagram, TikTok and Telegram – it evidently worked rather well.
Because, over a three-year period from 2021 until its organisers were arrested in London earlier this year, Russian Coms had been charging hundreds of users an initial payment of around £1350 followed by a monthly £350 subscription charge – all paid in crypto.
The gang was selling handsets that looked like ordinary mobile phones but could be used to make spoofed calls. These would appear to come from any number of their choosing – so call recipients could be persuaded they were being called by their own bank or another similarly trusted organisation.
On top of this number spoofing, additional services included a function that could alter callers’ voices and soften accents to make them more credible – and an ‘instant handset wipe’ feature that allowed all data to be deleted with a single swipe of the phone. Handy during a police raid.
The most common fraud they were used for involved spoofing the number of a victim’s bank before convincing them that their account had been subject to fraudulent activity and persuading them to transfer their assets to another account to ‘safeguard’ their savings. Instead, the money would disappear forever.
They were also used in romance frauds and other scams. And the scale of fraud connected to the gang’s tricksy handsets was really quite extraordinary.
They were used to make more than 1.3 million calls to some 500,000 UK phone numbers. And unlike some SMS or social media-based phishing scams, where the ratio of those approached to those deceived is very low, these were highly targeted and so equally highly effective – with a terrifyingly high hit rate.
They managed to defraud an astonishing 170,000 people in the UK alone. The average loss sustained by each has been calculated at almost £9,500 – with some victims losing hundreds of thousands of pounds.
And that was just the UK end of the operation.
Internationally, calls were made to people in 107 different countries, including the US, New Zealand, Norway and France.
So cracking the racket was an achievement that the National Crime Agency was proud of and it was duly announced to news channels earlier this month with some flourish.
But the grim reality is that other gangs offering the same service aren’t just going to follow in Russian Coms’ dodgy footsteps: they are almost certainly out there operating already. And the nightmare experience of being ripped off by someone you think you can trust is going to happen to many more people.
Well, the takeaway from this sorry saga has got to be: don’t believe that caller number on your phone’s screen. And tell your kids and your parents not to. Tell them and keep telling them.
I think most people by now have grasped the idea that you shouldn’t share a banking PIN number with anyone else, even your own bank. And neither should you believe that it’s your bank calling you just because someone says so and the number they appear to be calling from looks right.
You wouldn’t trust someone who turned up on your doorstep saying you needed to move thousands of pounds from one account to another to keep it safe. So you certainly shouldn’t believe a person saying the same over the phone just because you think you recognise the number they appear to be calling from.
It’s frustrating for mobile phone security specialists like ourselves to hear about these grim cases – because we would have been able to identify every one of these scams in a split second: our instant checks of live tel com data can and will provide an instant red flag for numbers like this which are not what they purport to be.
But your average victim never gets as far as checking the caller number – that’s how the scammers get away with it.
Banks are so well versed in these scams that they no longer make calls to customers unless by appointment in an attempt to undermine the plausibility of such calls.
So if someone calls you claiming to be from your bank, you are safe to hang up on them. And if you want to be certain then call the bank back on a recognised number – the one on the back of your bank card, ideally – and ask them if they’ve just called you. The answer will be that they haven’t. And the implication will be that you may just have saved yourself from becoming the latest victim of the new Russian Coms.
Last updated on October 9, 2024
"Phone number verification plays a critical role in helping to detect and prevent online fraud. TMT ID’s TeleShield product provides easy access to global mobile data, enabling us to enhance the actionable results of our MaxMind minFraud® services."
"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”
"Working with TMT’s TeleShield service has expanded our ability to detect fraud and minimise the risk to our business. TeleShield brings peace of mind and the opportunity to stop fraud before it affects our customers’ bottom line or the service."
"LATRO relies on TMT’s TeleShield to provide the most up to date and reliable numbering qualification information within our fraud reporting tools, enabling us to protect our customer’s revenues and empowering them to defend themselves against fraudulent numbers."
"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."
"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."
"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."
"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."
"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."
We provide the most comprehensive device, network and mobile numbering data available
Contact us > Chat to an expert >
