Eight arrested over Royal Mail ‘smishing’ scam

The arrests come weeks after researchers found a 645% increase in Royal Mail-related phishing scams

Police officers from the Dedicated Card and Payment Crime Unit (DCPCU) have arrested eight people in relation to a Royal Mail text phishing, or 'smishing', scam.

The eight arrested individuals are suspected of attempting to commit financial fraud and impersonating the Royal Mail by sending out fraudulent texts and emails which link to phishing websites.

The arrests come weeks after researchers from Check Point Software reported a 645% increase in Royal Mail-related phishing scams, with March being the biggest month for attacks on record.

The DCPCU, which is a specialist unit of the City of London and Metropolitan Police, conducted a series of early morning operations across London, Coventry, Birmingham and Colchester, resulting in eight male suspects being arrested. Seven have since been released under investigation, with one suspect charged and remanded into custody ahead of their court appearance.

The DCPCU, which is funded by the banking and cards industry, also managed to recover numerous customers' financial details, enabling these bank accounts to be protected. 

Commenting on the arrests, DCI Gary Robinson, who leads the DCPCU, said that the "ongoing investigations are now underway" and that the unit and the Royal Mail "will continue to work together to bring those committing smishing scams to justice".

"The success of these operations shows how through our close collaboration with Royal Mail, the financial services sector, and mobile phone networks, we are cracking down on the criminals ruthlessly targeting the public," he added.

Related Resource

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Prevent fraud and phishing attacks with DMARC - whitepaper from MimecastDownload now

Meanwhile, Stephen Ritter, CTO at digital identity verification provider Mitek, called for organisations within the technology and finance sector to "step up to the challenge" in fighting scammers.

"All too often, industry experts are quick to blame consumers for "falling" for scams – but this blame game needs to stop," he said. "To fight misinformation, Twitter and Facebook started flagging posts that weren't backed up by fact, and the problem has improved significantly. Why can't we do the same for fraudulent activities on our phones?"

According to Ritter, digital service providers such as "messaging apps, mobile manufacturers, email providers, or mobile networks" should use artificial intelligence to warn users "when a suspicious link or message is shared".

"Often, you might not notice a dubious link, or the unknown number it's sent from – but your phone, messaging service, or network could. A simple flag ('This link could be fraudulent') would go a long way to protecting consumers. And all it takes is AI and machine learning algorithms that are trained to spot scams before they reach the consumer," he said.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021