Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1876+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. UK Charges Five Suspects Linked to Russian Coms Call Spoofing Platform
UK Charges Five Suspects Linked to Russian Coms Call Spoofing Platform
NEWS

UK Charges Five Suspects Linked to Russian Coms Call Spoofing Platform

The UK National Crime Agency has charged five suspects following an investigation into Russian Coms, a major criminal caller ID spoofing platform responsible for over 1.8 million scam calls targeting victims across the UK and globally, enabling fraudsters to impersonate banks, government agencies, and trusted organizations.

Dylan H.

News Desk

July 13, 2026
7 min read

The UK National Crime Agency (NCA) has charged five individuals in connection with Russian Coms, a large-scale criminal platform that offered caller ID spoofing as a service and was used to make more than 1.8 million scam calls. The investigation, which involved coordination with international partners, marks a significant law enforcement action against the telephony fraud infrastructure that underpins billions of dollars in global fraud losses annually.


What Is Russian Coms?

Russian Coms was a criminal platform-as-a-service that allowed customers to spoof the caller ID presented to call recipients — making it appear that calls originated from legitimate numbers belonging to banks, government agencies, law enforcement, or other trusted organizations. The platform was used by fraud gangs to impersonate:

  • UK high-street banks — convincing victims they were speaking with their own bank's fraud department
  • HMRC (HM Revenue and Customs) — threatening arrest for fictitious tax debts
  • Police services — falsely claiming victims were suspects in investigations to coerce compliance
  • NHS and other public services — gaining victim trust for medical or benefits scams

The caller ID spoofing capability removed one of the key friction points in telephone fraud: even cautious victims who know to verify callers will often trust a number that matches their bank's official contact number displayed on the back of their card or official website.


Scale of the Operation

The NCA investigation revealed the scale of Russian Coms was significant:

MetricValue
Total scam calls facilitated1.8 million+
Primary markets targetedUK, with international reach
Charges filed5 individuals
Investigating agencyNational Crime Agency (NCA)

The 1.8 million call figure reflects calls made through the platform's infrastructure — individual fraud losses across those calls are not publicly reported, but telephone fraud in the UK cost victims an estimated £1.2 billion in 2024 according to UK Finance, with authorised push payment (APP) fraud driven significantly by social engineering calls being a major component.


The Five Suspects

The NCA charged five individuals following the investigation. Specific identities and charges were announced through official NCA channels, with the charges relating to facilitating criminal use of the spoofing platform and associated fraud offences. The suspects face charges including:

  • Computer Misuse Act offences for operating or using unauthorized telecommunications infrastructure
  • Fraud Act offences for conspiracy to commit fraud by false representation
  • Potentially Proceeds of Crime Act charges if financial benefit from the platform is established

How Call Spoofing Platforms Work

Criminal call spoofing services operate as a tiered criminal ecosystem:

TIER 1: Platform Operators (Russian Coms)
  - Maintain telephony infrastructure (VoIP gateways, SIP trunks)
  - Operate web/app interface for customers to select spoof number
  - Provide call management, recording, and scripting tools
  - Charge per-minute or per-credit fees to fraud customers
 
TIER 2: Fraud Gang Customers
  - Purchase credits or subscriptions to the spoofing service
  - Use spoofed numbers during social engineering calls
  - Convince victims they are speaking with legitimate organizations
  - Direct victims to transfer money, provide OTPs, or disclose credentials
 
TIER 3: Victims
  - Called by the fraud gang using a familiar, trusted number
  - Trust is established via the spoofed caller ID
  - Manipulated into financial transfers or credential disclosure

The Technical Reality of Caller ID Spoofing

Caller ID spoofing exploits the SS7 (Signalling System No. 7) protocol — a telecommunications signalling standard designed in the 1970s with essentially no authentication. VoIP gateways that bridge the internet to the public telephone network (PSTN) can inject arbitrary caller ID values at the point where the call enters the traditional telephone network.

Legitimate use cases exist (businesses displaying a main switchboard number), but criminal services offer this capability with no verification, enabling impersonation of any number globally.


Law Enforcement Context

The NCA action against Russian Coms is part of a broader international effort to disrupt the telephony fraud infrastructure. Recent related operations include:

OperationOutcome
iSpoof takedown (2022)Metropolitan Police + international partners; platform had 59,000+ users; 120+ arrests globally
OTP Agency disruption (2021)NCA action against bot service providing OTP interception for fraud gangs
Russian Coms (2026)NCA charges 5 suspects following platform investigation

These platforms are not isolated tools — they form part of a Fraud-as-a-Service (FaaS) ecosystem where criminals can purchase every component of a fraud campaign: identity data, spoofing infrastructure, money mule networks, and money laundering services.


Impact on Victims

Telephone fraud enabled by caller ID spoofing causes severe financial and psychological harm. Victims of bank impersonation fraud frequently lose life savings, and the psychological manipulation involved — which often includes threats of arrest or fabricated emergency scenarios — can cause lasting emotional trauma.

Authorised Push Payment (APP) fraud — where victims are tricked into willingly transferring money to fraudster-controlled accounts — is particularly damaging because victims authorize the transfer themselves, historically making it harder to recover funds. UK banks are now required under Payment Systems Regulator (PSR) rules to reimburse APP fraud victims up to £85,000, with cost sharing between sending and receiving banks.


Protecting Yourself and Your Organization

For Individuals

  1. Treat inbound calls with suspicion regardless of the displayed number — caller ID can be faked
  2. Hang up and call back using a number you independently verify (from official website or card back) — never use a number provided by the caller
  3. Your bank will never ask for your full PIN, password, or ask you to move money to a "safe account"
  4. Police and HMRC do not demand immediate payment by phone — these calls are always fraudulent
  5. Register with the Telephone Preference Service (TPS) — reduces some cold call volume, though criminal operations ignore this
  6. Report suspicious calls to Action Fraud (UK) at actionfraud.police.uk or 0300 123 2040

For Telecoms and Organizations

  1. Implement STIR/SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted information using toKENs) — cryptographic attestation of caller ID for VoIP calls
  2. Deploy call analytics that flag anomalous spoofed number patterns
  3. Staff training on call verification procedures — employees handling financial transactions should follow strict callback verification protocols

Key Takeaways

  1. Five charged — NCA investigation into Russian Coms results in criminal charges against five individuals
  2. 1.8 million+ scam calls — the scale underscores how criminal spoofing platforms industrialize telephone fraud
  3. Caller ID is not authentication — the core lesson: a familiar number displayed on your phone does not mean the caller is legitimate
  4. FaaS ecosystem — Russian Coms is one component in a broader fraud-as-a-service criminal economy; disruption requires sustained pressure on multiple platform types
  5. STIR/SHAKEN adoption — regulatory push for cryptographic caller ID attestation is the long-term technical fix; adoption is progressing but uneven globally

References

  • BleepingComputer — UK charges suspects linked to Russian Coms call spoofing platform
  • NCA — National Crime Agency
  • Action Fraud — Report Fraud
  • UK Finance — Fraud the Facts 2025
  • Ofcom — Tackling Nuisance Calls and Texts
#NCA#UK#Russia#Call Spoofing#Fraud#Law Enforcement#Telecommunications

Related Articles

Over 20,000 Crypto Fraud Victims Identified in International Crackdown

An NCA-led international law enforcement operation has identified more than 20,000 cryptocurrency fraud victims across the UK, US, and Canada, marking one...

3 min read

INTERPOL Arrests 5,800 Suspects in Operation First Light 2026 Global Fraud Bust

A 3.5-month INTERPOL-led operation spanning 97 countries resulted in 5,811 arrests, $293 million seized, and 142,000 victims identified — targeting...

4 min read

Police Arrest 5,800 Suspects and Seize $293M in Global Anti-Fraud Crackdown

A sweeping international law enforcement operation spanning 97 countries resulted in the arrest of 5,811 suspects and the seizure of $293 million in...

3 min read
Back to all News