Gardaí raid ‘smishing factory’ and find 10,000 scam texts a day – linked to fake websites – were sent from phones
27th June 2022
Detectives have uncovered what is described as a “smishing factory” during a planned search in the Tallaght area in which €40,000 in cash was seized as well as the same amount of money discovered in a bank account.
A suspect aged in his 20’s was arrested and questioned under anti-gangland legislation for a number of days before being released without charge last Friday.
Smishing is a type of scam which sees fraudsters use text messages to trick targeted recipients into clicking a link.
The investigation is being led by Blackrock gardaí who are being backed up by specialist officers from the Garda National Economic Crime Bureau (GNECB).
“This is considered a very significant operation and it is the first time that anything on this scale has been found in relation to the smishing scam in Ireland,” a senior source said.
Gardaí found ten phones during the raid which when analysed showed that they had sent around 10,000 smishing messages in one day.
A laptop which was also seized revealed that it controlled a number of fake websites linked to the text message scam.
A file will now be prepared for the DPP in relation to the suspect who was released late last week and investigators will attempt to prove the seized €80,000 is the proceeds of crime.
The arrest followed the seizure of around ten mobile phones by the GNECB during a planned raid in Blanchardstown earlier this month – all of those devices were on ‘airport mode’ when detectives raided the property.
Details of the discovery of the ‘smishing factory’ come as latest Central Statistics Office (CSO) figures reveal the number of fraud incidents almost doubled in a year to March.
Fraud crime, largely driven by unauthorised transactions and attempts to obtain personal or banking information online or by phone, nearly doubled to 17,354 incidents in the year to the end of March 2022.
Commenting on the release, Jim Dalton, Statistician in the Crime & Criminal Justice Section, said: “Recorded Crime statistics for the year ending in March 2022 showed that the number of fraud incidents recorded on An Garda Síochána (AGS)’s PULSE database nearly doubled over the period.
“There were 17,354 frauds recorded in the 12-month period compared to just 9,219 in the previous year, an increase of 88%.
“The increase was largely driven by unauthorised transactions and attempts to obtain personal or banking information online or by phone.”
Both searches this month are part of Operation Skein in which gardaí have identified over 700 suspects with 203 people arrests and 98 people charged in investigations led by the GNECB.
Local gardaí have arrested 145 of those with 54 detained under gangland legislation and 149 for money laundering and other offences.
In total €31 million stolen in the scams has also been identified as being laundered through Irish banks accounts.
Such has been the success of Operation Skein that other European police forces are planning in using it as best practice with senior GNECB detectives giving presentations on the investigation to international police forces.
Smishing – a combination of the words “SMS” and “phishing” – is a scam where fraudsters use mobile phone text messages to trick you into opening a malicious attachment or link.
Gardaí are advising people to be wary of text messages – even if they are contained within the thread of previous genuine text from a financial institution and never click on links – as by doing so you may be accessing cloned websites.
If a person is expecting a delivery and receives such a text, gardaí urge people to be very careful and pointed out that banking institutions will never send a text containing a link.
Sophisticated fraudsters use texts, calls and emails to trick members of the public into giving away their personal data, enabling the fraudsters to take over their bank account/devices or debit/credit card details.
Account Takeover Fraud is where an individual receives a text (smishing), call (vishing) or email (phishing) from a fraudster that appears to be from a bank, service provider, delivery company or Government agency and aims to take over their bank account, devices or debit/credit card details.
Using specialised software, fraudsters are often able to make it appear as though their texts, emails or calls are coming from legitimate addresses or phone numbers.
More than 3,500 incidents of account takeover fraud were reported to gardaí last year.
In 2020, just 544 were reported. Some 77% of those targeted were are aged 20-50. Just over half (52%) were female.