According to the police, the conmen have sent messages in the names of several companies. The hoax messages were sent last week. A recipient of such a message should not click onto the proposed website.In what is perhaps the most successful Internet phishing scheme of all time, the actions of Finnish criminals in acquiring bank access codes is continuing to expand, targeting female victims specifically.

Since last spring, the conmen have withdrawn credits and made bank transfers worth around half a million euros using Finns' bank access codes they have acquired.

The amount has grown by approximately 100,000 euros after the police reported news about the incident less than a month ago. The police has managed to reclaim approximately 190,000 euros.

"The criminal activity still continues, unfortunately," says Detective Superintendent Jukkapekka Risu from Helsinki Police.

The criminals gained bank access codes from Finns by sending text messages and e-mails in the name of debt collection agencies and Customs, among others.

Such messages state that the recipient has left an invoice unpaid and will receive a payment default entry unless the payment is made immediately. The victim is then led to sign in with their bank access codes on the website created by the conmen.

In reality, the unpaid invoice does not exist.

If the person receiving such a message signs in with their bank access codes on the hoax website, the conmen have withdrawn credits or transferred money from their bank account.

"Small loans worth over 400,000 euros have been taken out. Recently, bank access codes of the victims have been used more for transferring money from their bank accounts, instead of taking small loans. Money transfers have been made for at least 50,000 euros," Detective Superintendent Risu tells.

It is now women who are targeted by the phishing.

"Within the last month, 95 per cent of the victims have been women," Risu confirms.

He does not have a definite explanation for why the conmen operate this way.

"Women are maybe more diligent when it comes to paying bills."

During the summer, the conmen have started to use several different company names referring to debt collection:,,, ja, to name a few.

Previously this year, the same perpetrators have sent messages in the names of Lindorff, Svea Perintä, Perintäpalvelu, Customs, and Itella.

Six people have been imprisoned for felonious money laundering or for being suspected for having committed such an act. The main suspect for the whole hoax, a young Finnish man, has been convicted in absentia. The wanted man has a history of web fraud for which he has previously done some time for.

In addition, he has managed to remain in hiding from the fraud trial in relation to the web auction, with charges for 300 frauds and 30 hackings awaiting him. These crimes are suspected to have taken place in 2011 and 2012. is a part of the Sanoma Corporation, to which Helsingin Sanomat also belongs.

Lasse Kerkelä – HS
Mari Storpellinen – HT
Image: Poliisi