In November 2022, we wrote about a multi-country takedown against a Cybercrime-as-a-Service (CaaS) system known as iSpoof.
Although iSpoof advertised openly for business on a non-darkweb site, reachable with a regular browser via a non-onion domain name, and even though using its services might technically have been legal in your country (if you’re a lawyer, we’d love to hear your opinion on that issue once you’ve seen the historical website screenshots below)…
…a UK court had no doubt that the iSpoof system was implemented with life-ruining, money-draining malfeasance in mind.
The site’s kingpin, Tejay Fletcher, 35, of London, was given a prison sentence of well over a decade to reflect that fact.
Show any number you like
Until November 2022, when the domain was taken down after a seizure warrant was issued to US law enforcement, the site’s main page looked something like this:
You can show any number you wish on call display, essentially faking your caller ID.
And an explanatory section further down the page made it pretty clear that the service wasn’t merely there to enhance your own privacy, but to help you mislead the people you were calling:
Get the ability to change what someone sees on their caller ID display when they receive a phone call from you. They’ll never know it was you! You can pick any number you want before you call. Your opposite will be thinking you’re someone else. It’s easy and works on every phone worldwide!
In case you were still in any doubt about how you could use iSpoof to help you rip off unsuspecting victims, here’s the site’s own marketing video, provided courtesy of the Metropolitan Police (better known as “the Met”) in London, UK:
As you will see below, and in our previous coverage of this story, iSpoof users weren’t actually anonymous at all.
More than 50,000 users of the service have been identified already, with close to 200 people already arrested and under investigation in the UK alone.