39 Websites of a Network Selling Tools Used in Fraud Shut Down in Pakistan
A network based in Pakistan that was selling hacking and fraud tools has had 39 websites shut down in a joint operation conducted by the U.S. Federal Bureau of Investigation (FBI) and the Netherlands Police. According to the U.S. Department of Justice and the FBI, this network was being run by Saima Reza, also known as “Heart Sender.” As part of the operation, the website heartsender.com was also taken down. According to investigators from the Netherlands Police, Heart Sender is the name of a group that was creating software used in online fraud.
The investigation started in 2020 when a fraud-related software was found on a suspect’s computer. Following this, the cybercrime team initiated an investigation. The report states that during the operation, the FBI collected documents showing that Saima Reza was managing cybercrime websites where fraud and hacking tools were being sold. According to the FBI, Reza’s network sold these tools to international criminal gangs, who used them to defraud people in the U.S., resulting in a loss of 3 million U.S. dollars.
The U.S. Department of Justice stated that although this network is based overseas, the websites they created made it easy for them to distribute hacking tools in exchange for money. The international criminal gangs used these tools to target business emails, tricking companies into transferring money to third parties. This money was actually being directed into the criminals’ accounts, leading to financial losses for the victims.
The Netherlands Police revealed that during their investigation, they obtained data from Heart Sender that included approximately 100,000 usernames and passwords, which cybercriminals likely exploited. This isn’t the first time Saima Reza or the Heart Sender group has been linked to hacking or online fraud activities. Former U.S. journalist and digital expert Brian Krebs has been writing about this network on his website for over a decade. According to a report published on his website, this cybercriminal group in Pakistan is also known as “Domain Manipulators.” Krebs first mentioned this group in 2015, stating that they operated hundreds of websites selling tools used for deceiving people and stealing their IDs and passwords.
Digital security experts say that the main objective of cybercriminals is to obtain users’ data in order to fabricate stories and gain financial benefits. Islamabad-based digital security expert Muhammad Asad Rehman told BBC Urdu that, in his opinion, most international cyberattacks begin with phishing. People are often targeted through email, WhatsApp messages, SMS, and even phone calls, manipulating them either emotionally or by offering financial incentives.
He explains that many people receive bulk emails aimed at collecting data, which is later misused. For example, a fraudulent Google form may be sent out under the guise of a government scheme, or personal details might be asked for via social media or bank account requests. Rehman points out that cybercriminals often create software or applications like remote access Trojans, which can be used to steal data from users’ mobile phones or laptops.
Cybersecurity experts suggest that the best way to protect oneself is not to download apps from untrusted or unknown sources and to avoid clicking on suspicious links in unknown emails or messages. They emphasize that we must understand that nothing in the world is free; if someone offers something for free, we should question why they are providing it and what their real intentions might be.