On January 29, 2025, a coordinated effort between law enforcement agencies in the U.S. and the Netherlands led to the takedown of 39 domains and their associated servers that were part of a network of online fraud marketplaces operated by Saim Raza, also known as HeartSender. These websites were found to be selling phishing toolkits and fraud-enabling programs, which had been used in business email compromise (BEC) schemes resulting in over $3 million in financial losses.
For the past five years, Raza’s marketplace had been providing cybercriminal tools like phishing kits, email extractors, and scam pages to organized crime groups. These tools were tailored to help criminals carry out large-scale phishing attacks, steal login credentials, and engage in other fraudulent activities. Raza went as far as offering instructional content to guide individuals in effectively using these malicious tools.
The operation, dubbed Operation Heart Blocker, was launched in response to the significant damage caused by these platforms, which had attracted a large number of criminal users. Authorities highlighted that these tools had made committing fraud more accessible to cybercriminals without requiring sophisticated technical skills. By dismantling these domains, law enforcement agencies aimed to disrupt the operations of a group known for facilitating digital fraud on a massive scale.
As part of the operation, individuals who may have had their credentials compromised by these platforms are urged to visit the police’s dedicated website to check if they were affected. This move comes on the heels of other notable takedowns, such as Cracked, Nulled, and StarkRDP, underscoring the global effort to combat online crime.
The ongoing battle against cybercrime requires continuous vigilance and cooperation among international law enforcement agencies to identify and dismantle criminal networks operating in the digital realm. Operation Heart Blocker serves as a reminder of the risks posed by online fraud marketplaces and the importance of collaborative efforts to combat them effectively. By targeting the infrastructure that supports these illicit activities, authorities aim to disrupt the operations of cybercriminals and protect individuals and businesses from falling victim to fraudulent schemes.