UK cybercops hook "copycat" phishing-scam suspect

The UK's cyberpoliceforce claims progress is being made in the ongoing investigation into organised criminal gangs running increasingly sophisticated phishing email scams that attempt to lure people into revealing their bank account details.

The claim follows the arrest by the National Hi-Tech Crime Unit (NHTCU) of a 21-year-old man from Lytham St Anne's in Lancashire suspected of targeting customers of the Co-operative Bank's online banking service Smile in a "copycat" phishing attack. The bank reported the attack to the NHTCU in March.

Despite the arrest, the man is not believed to be connected to the organised crime group behind the global wave of phishing scams targeting bank customers in the UK, US, Australia and New Zealand.

A spokeswoman for the NHTCU would not reveal details of the investigation but said it is "ongoing" and that "progress is being made". She said it has not stalled but details are not being released because they could jeopardise the case.

DCS Len Hynds, head of the NHTCU, said in a statement: "The message is clear. Do not try this at home, we will find you. Anybody who thinks that they can copy a scam and get away with it is sorely mistaken."

Conflicting reports emerged over whether any customer accounts were compromised. While Smile denied that any had been, the NHTCU said they believed that some were.

Phil Garlick, director of operations at Smile, said in a statement: "We regularly remind customers via secure messages and on our website not to respond to emails of this kind as we would never ask customers to send personal information about their Smile account to us in this way."

Security expert Chris McNab, technical director at Matta Consulting, said trying to catch the culprits at the source is like trying to find a needle in a haystack.

"It is practically impossible to fully stop this at the source and you'll still have naive users clicking on the links. These scammers at the end of the day could be anywhere," he said.

The best way of tackling phishing, he argued, is for the banks to act reactively. "The banks are taking this seriously and looking at putting in automated systems to keep track of domain registrations and associated websites, as well as email monitoring. Obviously they have then got to try and shut the sites down as quickly as possible."

ZDNet UK's Matt Loney contributed to this report