• 16shop Phishing-As-A-Service Platform Taken Down - on ScamsNOW.com

ScamsNOW!

The SCARS Institute Magazine about Scam Victims-Survivors, Scams, Fraud & Cybercrime

2025 SCARS Institute 11 Years of Service

16shop Phishing-As-A-Service Platform Taken Down

By Interpol & SCARS Editorial Team – Society of Citizems Against Relationship Scams Inc.
16shop Phishing-As-A-Service Platform Taken Down

Interpol Coordinated Takes Down 16shop Phishing-As-A-Service Platform Used By 70,000 People

16shop Notorious phishing platform shut down, arrests in international police operation

In a remarkable triumph over cybercriminal activity, the curtains have fallen on the nefarious phishing-as-a-service platform known as 16shop. This decisive outcome emerged from a comprehensive international effort led by Interpol.

The Story

In the aftermath of this concerted operation, a 21-year-old Indonesian individual, alleged to be the orchestrator of the platform, now faces apprehension. Two additional individuals, linked to the platform’s activities, have also been captured—one located in Indonesia and the other in Japan. Seizing the opportunity, law enforcement agencies secured electronic devices and opulent belongings belonging to the suspects.

A significant player in this operation was cybersecurity investigators Group-IB, which revealed that 16shop’s arsenal of hacking tools had been circulating within the underbelly of cybercrime forums since at least November 2017. Disturbingly, these tools were distributed to over 70,000 users across 43 countries. The malevolent potential of these tools empowered hackers to deftly manipulate unsuspecting individuals through email scams, systematically extracting personal and financial information for illicit gains.

Among these tools were meticulously crafted phishing kits, strategically designed to extract credentials and payment details from users of esteemed services such as Apple, PayPal, Amazon, American Express, and Cash App. Marketed at reasonable costs ranging from $60 to $150, the pricing fluctuated based on the prestige of the targeted brand. For instance, the Amazon kit was nearly $90 more affordable than its American Express counterpart.

The enormity of 16shop’s impact is illuminated by the staggering creation of over 150,000 phishing domains. Group-IB, headquartered in Singapore, unveiled a client base that systematically victimized individuals across diverse countries including Germany, Japan, the U.S., France, the U.K., and Thailand. Strikingly, while the masterminds hailed from Asia, the platform’s infrastructure was upheld by servers hosted through a U.S.-based company.

The sinister power of phishing-as-a-service tools lies in their ability to automate cyberattacks. Interpol underscored the accessibility of these tools, enabling “any person to leverage this type of service to launch a phishing attack with a few clicks.” Even individuals with modest cyber skills can propagate phishing pages at scale, thanks to these turnkey kits—a revelation that Group-IB brought into sharp focus.

In the wake of this triumph, the lesson is clear: unity and unwavering commitment can pierce the veil of cybercrime, illuminating a safer digital landscape for all.

According to INTERPOL

The platform sold hacking tools to compromise more than 70,000 users in 43 countries

SINGAPORE – A notorious ‘phishing-as-a-service’ (PaaS) platform known as ‘16shop’ has been shut down in a global investigation coordinated by INTERPOL, with Indonesian authorities arresting its operator and one of its facilitators, with another arrested in Japan.

The three arrests, which concluded with actions against a suspect last month, was made possible due to the intensive intelligence-sharing between the INTERPOL General Secretariat’s cybercrime directorate, national law enforcement in Indonesia, Japan and the United States and private sector partners including Cyber Defense Institute, Group-IB, Palo Alto Networks Unit 42 and Trend Micro, with added support from Cybertoolbelt.

The PaaS platform sold ‘phishing kits’ to hackers seeking to defraud Internet users through email scams where victims typically receive an email with a pdf file or link that redirects to a site requesting the victims’ credit card or other personally identifiable information. This information is then stolen and used to extract money from the victims.

Phishing is considered the most prevalent cyber threat in the world, and it is estimated that up to 90 per cent of data breaches are linked to successful phishing attacks, making it a major source of stolen credentials and information.

“Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.”
Bernardo Pillot, INTERPOL’s Assistant Director of Cybercrime Operations
“In recent years, we have seen an unprecedented increase in both the number of cyber threats and their sophistication, with attacks becoming more tailored as criminals aim for maximum impact, and maximum profit,” added Assistant Director Pillot.

Luxury vehicles

The PaaS platform was flagged by analysts in INTERPOL’s cybercrime division during an ongoing project researching cyber threats in the ASEAN region, supported by Japan’s National Police Agency.

Assisted with information from an array of private sector partners, the INTERPOL team was soon able to determine the identity and probable location of the platform’s administrator. As the platform’s registration indicated, he was based in Indonesia.

Because the platform’s servers were hosted by a company based in the United States, analysts liaised with the INTERPOL National Central Bureau in Washington and the Federal Bureau of Investigation to secure key information for Indonesian investigators.

The INTERPOL team compiled and dispatched a criminal intelligence report to the Indonesian National Police’s Directorate of Cyber Crimes, which allowed national law enforcement to arrest the administrator, a 21-year-old man, seizing electronic items and several luxury vehicles in the process.

Following the successful apprehension of the administrator, further information was shared between the National Police Agency of Japan and the Indonesian National Police resulting in the identification and arrest of two facilitators.

“Phishing isn’t a new phenomenon, but when the crime-ware is being offer widely on subscription and to automate phishing campaigns, it enables any person to leverage this type of service to launch a phishing attack with a few clicks,” said Brigadier General Adi Vivid Agustiadi Bachtiar, Director of the Indonesian National Police’s Cyber Crime Investigation.

“This operation is only successful as we work closely with various stakeholders from the law enforcement community as well as the private sectors, to uproot the root problem to stop the crime-ware being offered as a service and also stopping more people from falling victim to phishing attacks,” added Brigadier General Adi Vivid Agustiadi Bachtiar.

INTERPOL’s cybercrime directorate brings together cyber experts from law enforcement and industry to gather and analyze all available information on criminal activities in cyberspace to provide countries with coherent, actionable intelligence.

Resources:

More:

-/ 30 /-

What do you think about this?
Please share your thoughts in a comment below!

More ScamsNOW.com Articles

SCARS LINKS:   AgainstScams.org    RomanceScamsNOW.com    ContraEstafas.org    ScammerPhotos.com    Anyscam.com    ScamsNOW.com

reporting.AgainstScams.org    support.AgainstScams.org    membership.AgainstScams.org    donate.AgainstScams.org    shop.AgainstScams.org

youtube.AgainstScams.org    linkedin.AgainstScams.org    facebook.AgainstScams.org

ARTICLE RATING

0
(0)

TABLE OF CONTENTS

CATEGORIES

MOST POPULAR COMMENTED ARTICLES

 

POPULAR ARTICLES

U.S. & Canada Suicide Lifeline 988

16shop Phishing-As-A-Service Platform Taken Down

ARTICLE META

Published On: August 14th, 2023Last Updated: August 14th, 2023Categories: Uncategorized0 Comments on 16shop Phishing-As-A-Service Platform Taken DownTotal Views: 841Daily Views: 11158 words5.8 min read

WHAT PEOPLE ARE TALKING ABOUT LATEST SITE COMMENTS

See Comments for this Article at the Bottom of the Page

Important Information for New Scam Victims

Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
SCARS Institute now offers a free recovery program at www.SCARSeducation.org
Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery

If you are looking for local trauma counselors, please visit counseling.AgainstScams.org

If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines

 

Statement About Victim Blaming

Some of our articles discuss various aspects of victims. This is both about better understanding victims (the science of victimology) and their behaviors and psychology. This helps us to educate victims/survivors about why these crimes happened and not to blame themselves, better develop recovery programs, and help victims avoid scams in the future. At times, this may sound like blaming the victim, but it does not blame scam victims; we are simply explaining the hows and whys of the experience victims have.

These articles, about the Psychology of Scams or Victim Psychology – meaning that all humans have psychological or cognitive characteristics in common that can either be exploited or work against us – help us all to understand the unique challenges victims face before, during, and after scams, fraud, or cybercrimes. These sometimes talk about some of the vulnerabilities the scammers exploit. Victims rarely have control of them or are even aware of them, until something like a scam happens, and then they can learn how their mind works and how to overcome these mechanisms.

Articles like these help victims and others understand these processes and how to help prevent them from being exploited again or to help them recover more easily by understanding their post-scam behaviors. Learn more about the Psychology of Scams at www.ScamPsychology.org

 

SCARS INSTITUTE RESOURCES:

If You Have Been Victimized By A Scam Or Cybercrime

♦ If you are a victim of scams, go to www.ScamVictimsSupport.org for real knowledge and help

♦ Enroll in SCARS Scam Survivor’s School now at www.SCARSeducation.org

♦ To report criminals, visit https://reporting.AgainstScams.org – we will NEVER give your data to money recovery companies like some do!

♦ Follow us and find our podcasts, webinars, and helpful videos on YouTube: https://www.youtube.com/@RomancescamsNowcom

♦ Learn about the Psychology of Scams at www.ScamPsychology.org

♦ Dig deeper into the reality of scams, fraud, and cybercrime at www.ScamsNOW.com and www.RomanceScamsNOW.com

♦ Scam Survivor’s Stories: www.ScamSurvivorStories.org

♦ For Scam Victim Advocates visit www.ScamVictimsAdvocates.org

♦ See more scammer photos on www.ScammerPhotos.com

You can also find the SCARS Institute on Facebook, Instagram, X, LinkedIn, and TruthSocial

 

Psychology Disclaimer:

All articles about psychology and the human brain on this website are for information & education only

The information provided in this and other SCARS articles are intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.

Note about Mindfulness: Mindfulness practices have the potential to create psychological distress for some individuals. Please consult a mental health professional or experienced meditation instructor for guidance should you encounter difficulties.

While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.

Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.

If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.

Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here

If you are in crisis, feeling desperate, or in despair, please call 988 or your local crisis hotline.

 

More ScamsNOW.com Articles

 

A Question of Trust

At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish. Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors’ experience. You can do Google searches, but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.

 

TOP OF PAGE

Leave A Comment

Your comments help the SCARS Institute better understand all scam victim/survivor experiences and improve our services and processes. Thank you

Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.