Three men plead guilty to running OTP Agency, a website that enabled criminals to bypass banking security and commit fraud. The NCA’s investigation revealed over 12,500 victims and potential earnings of up to £7.9 million.
Three UK men have admitted to running a sophisticated criminal enterprise that provided fraudsters with the tools to bypass bank security measures and plunder personal accounts. The operation, known as OTP Agency (website: OTP.Agency), offered subscription-based services that allowed criminals to intercept one-time passcodes (OTPs) and other sensitive information, effectively opening the door to widespread financial fraud.
Callum Picari, Vijayasidhurshan Vijayanathan, and Aza Siddeeque operated the website, which was available through various subscription packages. A basic plan, costing £30 per week, allowed users to bypass multi-factor authentication on platforms like HSBC, Monzo, and Lloyds, facilitating unauthorized transactions. The elite plan, priced at £380 per week, granted access to Visa and Mastercard verification sites, offering broader capabilities for financial theft.
The National Crime Agency (NCA) investigation revealed that the group targeted over 12,500 individuals between 2019 and 2021. While the exact financial gains remain unclear, estimates suggest the operation could have generated millions of pounds in illicit profits.
Evidence obtained by the NCA included panicked messages between Picari and Vijayanathan following a 2021 article by KrebsOnSecurity exposing their activities. The messages revealed a conscious effort to cover their tracks and obstruct the investigation, highlighting the group’s awareness of the severity of their crimes.
The trio initially denied involvement but ultimately pleaded guilty to conspiracy to make and supply articles for use in fraud. Picari also admitted to money laundering charges. Their sentencing is scheduled for November 2024.
Three men have admitted running a website enabling criminals to circumvent banking anti-fraud checks.
— National Crime Agency (NCA) (@NCA_UK) August 31, 2024
An NCA investigation showed that https://t.co/Gedby7jyq5 was run by Callum Picari, Vijayasidhurshan Vijayanathan, and Aza Siddeeque.
Full story ➡️ https://t.co/zdK8Z0pqzr pic.twitter.com/wbu5eTLpTW
NCA officials emphasized the significant threat posed by such criminal services and their commitment to disrupting these operations. They urged the public to remain vigilant against phishing attempts and suspicious requests for personal information, advising direct contact with financial institutions to verify any unexpected communications.
This case serves as a stark reminder of the evolving tactics employed by cybercriminals and the importance of robust security measures to protect against financial fraud.
RELATED TOPICS
- 1 in 5 Youth Engage in Cybercrime, NCA Finds
- NCA’s LockBit Takedown: Arrests and Recovery Tool Revealed
- UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions
- Mastermind Behind iSpoof Fraud Site Sentenced to 13 Years in the UK
- UK Teenagers Face Trial for Hacking Nvidia, Rockstar Games, Revolut