The FBI dismantled a major phishing operation that helped criminals steal millions of credit card records. Here’s what happened and what you can do to better protect your personal information.
Table of Contents
What Happened?
The service had been active for about three years and helped cybercriminals create fake websites and phishing campaigns. Phishing is a tactic where criminals trick people into revealing passwords, payment card details, or other personal information through fake messages and websites.
The FBI said it seized multiple servers, a Telegram bot, cryptocurrency funds, and infrastructure used by the group. Authorities also redirected thousands of phishing pages to an FBI warning page.
At the same time, Google filed a civil lawsuit against the operation and said it was working with telecommunications companies to block fraudulent text messages.
Who Was Affected and What Information Was Stolen?
The FBI said Outsider Enterprise was used to create roughly 9,000 fake websites and more than one million phishing URLs.
Authorities reported that criminals used the service to steal more than 3.8 million credit card records. The operation was linked to approximately $1.9 billion in losses.
Google also said attackers sent around 2.5 million fraudulent text messages to Android users during a two-week period.
Public reports focused mainly on stolen credit card information. Additional details about affected individuals were not shared publicly.
Credit card information can be valuable to criminals because it may be used for unauthorized purchases or sold to other criminals online.
It is also important to remember that many people never hear about the incidents where their information was stolen. Some data breaches receive little attention, yet the stolen information can still be used months or years later.
If you are not sure whether your information was leaked somewhere online, automatic monitoring can help you spot problems earlier.
Futureproof monitors your data for leaks 24/7 and helps you reduce scam risks with simple, clear steps.
Futureproof monitors your information for data leaks 24/7 and guides you with clear steps to keep it safer from scams.
Run a free checkHow Did the Phishing Operation Work?
Outsider Enterprise operated as a phishing-as-a-service platform.
Phishing-as-a-service is a criminal business model where cybercriminals sell or rent tools that help other criminals launch phishing attacks.
The service provided fake websites that looked like trusted companies. Victims were directed to these sites through fraudulent text messages.
When someone entered their payment card details, passwords, or account information, the data was sent directly to criminals.
The FBI said the operation also used a Telegram bot to store stolen information and manage phishing campaigns.
At Futureproof, Kevin explains digital safety in simple words, with clear tips and zero fluff. He holds a degree in information technology and studies fraud trends to keep his tips up-to-date.
In his free time, Kevin plays with his cat, enjoys board-game nights, and hunts for New York’s best cinnamon rolls.
