A Melbourne man must perform 200 hours of community service after he used a popular dark web phishing service to swindle two victims out of $35,000.
The 21-year-old man targeted 11 separate victims by using a dark web phishing platform that impersonated the websites of reputable organisations, including banks and government entities.
The Australian Federal Police (AFP) confirmed the man initially obtained just the personal information of his victims, including birth dates, addresses and phone numbers.
Following his arrest last April, however, investigators further identified a conversation on an encrypted message platform which contained images of multiple victims’ Medicare cards, passports, credit card details and taxation notices.
Using pilfered data, the man managed to steal a collective $34,990 from two of his victims.
“Cybercriminals will use any tools and tricks to exploit people for their own profit,” said AFP detective acting inspector Kris Wilson.
“In this case, it is mimicking trusted websites to swindle a significant sum of money.”
Fraudster given good behaviour order
Appearing before the Melbourne Magistrates’ Court on 3 March, the 21-year-old pled guilty to seven fraud-related charges.
These charges included one count of dishonestly obtaining or dealing with personal financial information belonging to another without their consent, which carries a maximum penalty of five years in prison, and another count of “obtaining a financial advantage by deception”, which carries a maximum penalty of 10 years’ imprisonment.
Sniffer dogs were brought into the arrested man's home. Photo: AFP
The young cybercriminal was ultimately given three months imprisonment to be served as a good behaviour order in community, alongside an 18-month community corrections order to perform 200 hours of community service.
He was finally ordered to pay $34,990 compensation to the Victorian State Government victims of crime fund, matching the amount taken from his victims.
“Victims in relation to this matter can apply to be compensated for their loss from this victim of crimes fund,” wrote the AFP.
Dark web’s one-stop-shop for phishing
The man conducted his scams through LabHost, a now-defunct cybercrime platform that the AFP alleges was marketed as a “one-stop-shop” for phishing scammers.
The platform – which was bought down in collaboration with global authorities last year – enabled its cybercriminal users to make fake replications of more than 170 websites from trusted brands and institutions.
Victims would be directed to these fraudulent websites via SMS or email prompts, where they would be asked to enter sensitive personal information and login details.
If they were successfully duped into entering login details to the malicious link, LabHost users would then attempt to pilfer usernames, passwords, security questions or one-time login codes to enact broader, targeted cyberattacks.
Furthermore, the platform provided seemingly idiot-proof guides which explicitly guided scammers on how to use victims’ login details for financial gain, such as enacting fraudulent tax refunds with stolen MyGov credentials.
By researching a Telegram handle attached to one of LabHost’s former tutorial documents, Information Age was able to locate a still-active cybercriminal channel selling “SMS spamming classes” and apparent data leaks as recently as last week, suggesting some of the defunct platform’s organisers have continued to conduct cybercriminal operations elsewhere.
“We urge Australians to be wary of phishing scams and ‘think before they click’,” said Wilson.
“Take your time when reading text messages and emails, look out for strange letters or symbols in hyperlinks and avoid any deal that seems too good to be true.”
At the time of last year’s global police takedown, LabHost sported more than 10,000 global active users and had targeted more than 94,000 victims in Australia.
The sting operation saw investigators from Australia’s Joint Policing Cyber Crime Coordination Centre take down fully 207 criminal servers, while Australian criminals were believed to be among LabHost's top three user countries.
