The Dutch National Police website reports (in Dutch) that five persons have been arrested as suspects in a million euro ‘car phishing’ scam. Here is a translation of that report:
The police, the National Office of the Public Prosecutor and the banks investigate this criminal group within the context of the Electronic Crimes Taskforce (ECTF). There are 63 reports of ‘car phishing’ between August 2014 and the present.
The criminals sent a phishing email asking various bank account holders to click on a link and enter their bank account data there. Using this data, the criminals selected victims who have a lot of money on their account.
The woman suspect pretended to be a bank employee, sought contact with the account holder and asked for the victim’s cooperation in updating the data. Victims were deceived into providing authentication and signing credentials. It is believed that during such a call, the other suspects logged into the internet banking account of their victims. From there, they transfered large amounts directly to a car salesman, individual or garage.
CarsA straw man was already present at the car salesman at the time of the money transfer. As soon as the salesman confirmed reception of the money, the straw man got the car. The vehicle is often immediately resold, often at prices notably lower than the purchase prices.
Data storage devices and ‘calling instructions’
During the searches on Monday, various data storage devices where seized, such as computers, mobile phones, USB flash drives. In one of the premisses searched, ‘calling instructions’ were found for contacting the victims.
On Thursday June 18th the magistrate decided to extend the remand of the five suspects with 14 days.