Above is a picture of Grant West, at the young age of 25 he has already achieved:
78 million usernames and passwords
£2.5 million of ill gotten gains
A 10 year and 8 month jail sentence
And is the first UK criminal to have almost a £1 million in bitcoin confiscated.
At Reassura, we regularly send alerts about new phishing campaigns where fraudsters send out incredibly authentic emails or texts messages masquerading as trusted brands such as Tesco, HMRC, DVLA, Costa Coffee etc etc. However, we have never written about how successful these campaigns are, who is behind them and what the costs can be.
Most of Grants gains came from phishing campaigns where he pretended to be Apple, Uber, Sainsburys, Ladbrokes, Asda and Argos to target their customer details. His Just Eat campaign netted him 165,000 Just Eat customer details, including 63,000 credit card details. Grant then sold these details on the dark web.
We read about this dark web and hear it mentioned in films but not many actually know what it is, or if just a mythical baddie like Spectre in the Bond movies. Unfortunately, the dark web is a real thing, in terms of what it is, its best thought of as a collection of websites that exist in networks not accessible by using tradional browsers. Criminals use these sites to sell drugs, data and other unsavoury items. Grant West managed to make over 47,000 separate sales over the dark web, from this statistic alone we can see big and real the dark web actually is.
So, what can we learn from Grant Wests story? Firstly, it’s a great reminder to be extra careful with our personal information, phishing campaigns are growing evermore sophisticated and realistic and we need to stay vigilant. Secondly, many people assume these criminals are based in Eastern Europe or Nigeria but as we can see from Grant, we have plenty of home grown fraudsters. And finally, keep talking about the subject, the more of our friends we make aware and share information, the safer we all become.