Two men who pretended to be Netflix, Spotify and Apple to steal people’s details and sell them on for millions of pounds worth of cryptocurrency have been sentenced.
Gary Kelly and Craig Gorton stole credit card details, as well as names and addresses in a phishing email scam between 2017 and 2019.
They would impersonate the companies and then redirect people to enter their details on a bogus website, reports the Liverpool Echo.
It's estimated that they earned more than £140,000 in cryptocurrency by then selling off these details online.
Ian Whitehurst, prosecuting, said police analysis of the computers used by the pair found details for more than 64,000 credit cards and 24,000 Apple IDs were recovered and safeguarded.
Michael James, defending Kelly, said his client had fallen back into crime after a previous jail stint for fraud almost ten years ago.
He said Kelly, who is from Liverpool, viewed the scheme as a way of making money to support his family but now deeply regretted it.
Mr James said: “He could see no way of supporting his family and himself at that point. He then turned to the only thing he knew.
“That is not an excuse, of course, but that is where he was at that time.”
Mark Connor, defending Gorton, said his role in the scheme had been lesser and that he was “effective recruited by Kelly”.
Mr Connor said: “He told me he massively regrets getting involved in this enterprise. He said had the proposition been put to him today he would have had nothing to do with it.”
Have you fallen victim to a cyber scam? Let us know: mirror.money.saving@mirror.co.uk
He said the 30-year-old’s lack of previous convictions were a sign that he could be rehabilitated without a prison term.
Addressing Kelly, Recorder Bex said his previous convictions and heavier involvement in the scheme meant prison was the only option for him.
She said: “You now know that you can gain employment, you can support your family and I have no doubt that you can do that again.
“However, you know that I can not avoid sending you to prison today. I cannot do that.”
Recorder Bex ruled Gorton had a realistic prospect of rehabilitation in the community and he avoided prison.
Kelly, of Caldy Road, Liverpool, was jailed for 40 months.
Gorton, of Rochdale Old Road, Bury, received a two year sentence, suspended for the same period of time.
Anyone who believes they may have been affected is advised to:
Change your passwords if you have an Apple, Netflix or Spotify accounts
Run your email or phone number through Have I Been Pwned: Check if your email has been compromised in a data breach. If it displays as red, it will inform you of where the breach was identified. Don’t panic! Just change the passwords to the affected sites.
Apply Two Factor Authentication (2FA) where possible. This simply means adding extra encryption (security) to your accounts. - For further advice on creating secure passwords visit Cyber Aware - NCSC.GOV.UK
If you think you have victim of a scam, inform your bank immediately and report to Reporting fraud and cyber-crime | Action Fraud.
If you receive a unsolicited email or text and you are not sure whether it is a genuine message – #Take Five, go make a brew and go back to the email or message later. If you are unsure of it’s provenance, do not click on it. Think first – do you have this type of account? If you don’t, don't click on it. Forward the email to report@phishing.gov.uk or suspicious texts forward to 7726.
If you do have this type of account, only contact them through these trusted channels – do not click on links in the email or message.
Do not share passwords, bank account details, pins or online account details."