A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison.
Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud and possessing and transferring criminal property.
iSpoof, which was available as a paid service, allowed fraudsters to mask their phone numbers and masquerade as representatives from banks, tax offices, and other official bodies to defraud victims.
The help desk scam purported to warn targets of suspicious activity on their accounts and tricked them into disclosing sensitive financial information or transferring money to accounts under the threat actor’s control.
According to the U.K. Metropolitan Police, the criminals assumed false identities as representatives of various banks such as Barclays, Santander, HSBC, Lloyds, Halifax, First Direct, Natwest, Nationwide, and TSB.
“The website offered a number of packages for users who would buy, in Bitcoin, the number of minutes they wanted to use the software to make calls,” the Met said in a statement.
The total losses to victims in the U.K. alone is said to be more than £48 million ($59.8 million), with total global losses estimated to be at least £100 million ($124.6 million).
iSpoof was dismantled in November 2022 as part of a coordinated law enforcement exercise, resulting in the arrest of Fletcher and 168 other individuals linked to the operation.
Fletcher is believed to have made around £1.7 – £1.9 million ($2.1 – $2.3 million) in illicit proceeds, in addition to owning a Range Rover, a Lamborghini Urus, and high-end watches from Rolex and Audemars Piguet.
Zero Trust + Deception: Learn How to Outsmart Attackers!
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!
“Fletcher spent time marketing iSpoof on the Telegram Channel, The iSpoof Club,” the Met noted. “Fletcher set up the channel to promote iSpoof and would update users and promote updates and developments to the website.”
A search of his home after his arrest in November 2022 uncovered more than 30 mobile phones and a number of SIM cards that were used to pull off the scheme.
“By setting up iSpoof, Fletcher created a gateway for thousands of criminals to defraud innocent victims out of millions of pounds,” Detective Superintendent Helen Rance said. “Meanwhile he was living a luxury lifestyle benefitting from the profits.”