Six people have been arrested as a part of a worldwide investigation into the theft of £22 million of cryptocurrency.

 Five men and one woman from Bath, Wiltshire, Amsterdam and Rotterdam have been arrested after a 14 month police investigation. Police believe the group of fraudsters have been running a ‘typosquatting’ where a well-known online cryptocurrency exchange is spoofed or recreated to imitate the genuine site. This gave fraudsters access to victims bitcoin wallets, stealing their funds and login details.

Detective Inspector Louise Boyce from the SW RCCU said: “Today’s warrants were the result of 14 months of investigation by my team, closely assisted by colleagues in Europol, Eurojust, the Joint Cybercrime Action Taskforce (J-CAT) and the National Crime Agency (NCA). The investigation has grown from a single report of £17k worth of bitcoin stolen from a Wiltshire-based victim to a current estimate of more than 4000 victims, in at least 12 countries.  We expect that number to grow. As part of today’s operation, we’ve seized a large number of devices, equipment and valuable assets with huge support from our colleagues in Avon and Somerset Police, Wiltshire Police, Tarian and the South East ROCU. Devon and Cornwall and the Metropolitan Police also provided vital help in the form of their two cyber dogs, who played key roles in searching suspects’ homes.” The fraudsters have been arrested on suspicion of committing computer misuse and money laundering.

What is Typosquatting?

 Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.

Hackers often create fake websites that imitate the look and feel of your intended destination so you may not realise you’re at a different site. Sometimes these sites exist to sell products and services that are in direct competition with those sold at the website you had intended to visit, but most often they are intended to steal your personal identifiable information, including credit cards or passwords.

These sites are also dangerous because they could download malicious software to your device simply by visiting the site. So you don’t even need to click on a link or accept a download for dangerous code to install on your computer, smartphone or tablet. This is called a drive-by download and many typosquatters employ this as a way to spread malicious software whose purpose is to steal your personal information.

In some cases, typosquatters employ phishing in order to get you to visit their fake websites. For example, when AnnualCreditReport.com was launched, dozens of similar domain names with intentional typos were purchased, which soon played host to fake websites designed to trick visitors. In cases like this, phishing emails sent by scammers spoofing a legitimate website with a typosquatted domain name make for tasty bait.

In order to protect yourself against typosquatters:

1. Pay close attention to the spelling of web addresses or websites that look trustworthy but may actually be close imitations of the online retailer you are looking for.

2. Instead of typing the web address into your computer, make sure you have a safe search tool.

3. Don’t click on links in emails, texts, chat messages or social networking sites.

4. Invest in a comprehensive security solution.