Several police forces, including the Royal Canadian Mounted Police (RCMP), are conducting a major operation Wednesday in the Montreal area targeting LabHost, one of the largest, international phishing scam platforms in the world.
Search warrants were carried out on Monday and are expected to continue this week in Quebec against users of the platform, which authorities say targeted one million Canadians.
Quebec provincial police say the platform targeted 292,000 victims in the province by imitating financial and government institution websites and tricking people into handing over sensitive and banking information.
Phishing attacks typically attempt to steal money, people’s identities, or their personal information on websites that purport to be legitimate.
The police investigation, known as Project NOVA, is a collaboration between the Sûreté du Québec (SQ), the RCMP National Cybercrime Coordination Centre (NC3), the Canadian Anti-Fraud Centre (CAFC) and several Quebec police forces in Montreal, Laval, Longueuil, Terrebonne, Blainville, Trois-Rivières, Deux-Montagnes and Thérèse de Blainville.
The SQ said investigators have identified more than 2,600 users of LabHost, two-thirds of which are in Quebec.
The phishing-as-a-service provider is the largest phishing platform in Canada.
“An extensive amount of personal information, including sensitive banking credentials, was stolen and trafficked by criminal users of the platform,” the RCMP said.
More than 10 search warrants have been conducted since Monday and more than 118 “enforcement actions” have targeted suspected users who face fines, warning letters, and “in-person engagements,” the Mounties say.
“Prior to being disabled by law enforcement, LabHost was one of the world’s largest phishing-as-a-service providers, offering a range of illicit services for a monthly fee payable only by cryptocurrency. Cybercriminals impersonated more than 75 Canadian organizations – including major banks and government institutions – to defraud Canadians into giving up personal information and banking credentials,” according to the RCMP.
As of Thursday, the SQ said it seized:
- Nearly 200 mobile phones;
- Approximately 115 bank cards;
- More than 50 false documents;
- More than 260 SIM cards;
- More than 60 prepaid cards;
- Nearly 20 luxury items (Rolex watches, handbags, jewellery, eyeglasses) worth nearly $150,000;
- Nearly $345,000 in Canadian currency;
- More than $190,000 in counterfeit U.S. currency;
- $17,000 in cryptoactive wallets;
- Nearly 15 computers;
- Nearly 60 templates for making counterfeit driver’s licences and manufacturing equipment;
- Various burglary and car theft tools.
Project NOVA marks the first NC3 operation targeting LabHost users in Canada.
Victims are asked to contact their local police station immediately and report the incident to the CAFC using their online reporting system or by phone at 1-888-495-8501.
