Saturday, January 25, 2025
Homecyber securityScammers Offering Fraud-as-a-service to Other Scammers to Drain Victims Funds

Scammers Offering Fraud-as-a-service to Other Scammers to Drain Victims Funds

Published on

SIEM as a Service

Follow Us on Google News

Scammers no longer need to possess technical expertise or devise intricate fraud schemes.

The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even inexperienced fraudsters to prey on unsuspecting victims.

This article delves into the workings of a sophisticated scam gang specializing in classifieds-website scams.

It highlights the gang’s roles and tools and how individuals can protect themselves from falling victim to these schemes.

The Anatomy of a Scam Gang

According to a report by Kaspersky, at the heart of every scam gang is a well-organized structure, with each member playing a crucial role in executing fraudulent activities.

The gang’s key person is the founder or topic starter, who oversees the entire operation.

This individual manages a team that includes the following:

  • Coders: Responsible for developing and maintaining Telegram channels, chats, and bots that facilitate the scam.
  • Refunders: Posing as fake support agents, they handle any issues that arise during the scam.
  • Carders: Tasked with withdrawing money from the victim’s bank account.
  • Workers: These individuals find ads, respond, and persuade victims to open phishing links.

Additional roles, such as marketers, motivators, and mentors, are included in more sophisticated operations.

These members run promotional campaigns, provide moral support, and train workers.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Communication within the gang primarily occurs through private groups and chats on Telegram, with the channel we investigated boasting around 15,000 members.

Of these, only five were mentors, while the majority were workers—pawns in the grand scheme of the scam.

A bot creates links for two types of scam at a time: seller scam (2.0) and buyer scam (1.0)
A bot creates links for two types of scam at a time: seller scam (2.0) and buyer scam (1.0)

The Telegram Bot: A Scammer’s Best Friend

The Telegram bot is one of the most powerful tools at the disposal of these scam gangs.

These bots automate much of the scamming process, making it easier for workers to execute their tasks efficiently.

For instance, a Telegram bot we discovered can generate up to 48 unique, personalized phishing ads at a time in four languages for six different classified websites.

The bot simultaneously creates links for two types of scams: seller scam (2.0) and buyer scam (1.0).

The bot tells the worker everything the victim does — in detail
The bot tells the worker everything the victim does — in detail

Once the phishing links are generated, workers use the bot to send them to the victim’s email, instant messaging account, or SMS inbox.

When a victim opens a phishing link, the bot sends a notification saying “Mammoth online,” indicating that the scam will likely succeed.

The bot provides real-time updates on the victim’s actions, allowing the worker to track the scam’s progress.

If the victim takes the bait and makes a payment, the bot calculates the worker’s share of the proceeds and identifies the carder who will withdraw the funds.

The Lucrative World of Scam Gangs

The financial rewards for scam gangs can be substantial.

Workers, who are the gang’s primary earners, pay commissions to the mastermind, mentor, and carder and are refunded.

According to internal chat logs, the gang we investigated earned over two million US dollars between August 2023 and June 2024.

However, these figures are self-reported and may be inflated to motivate workers.

A bad day for the scammers — but a happy one for the whole humanity
A bad day for the scammers — but a happy one for the whole humanity

Despite the potential for high earnings, scam gangs face limitations imposed by banking regulations.

For example, the gang operating out of Switzerland is restricted by local banking rules, which prevent them from stealing more than 15,000 Swiss francs (approximately 16,700 US dollars) at a time.

Workers also have a minimum withdrawal amount, typically not bothering with cards with less than 300 Swiss francs (333 US dollars) in the associated account.

Protecting Yourself from Turnkey Phishing

Turnkey phishing, facilitated by FaaS, poses a significant threat to individuals.

However, the protection measures remain consistent with those for other types of phishing.

Here are some tips to safeguard yourself:

  • Use reliable security software to prevent following phishing links.
  • Follow safe online selling rules to avoid falling for scams.
  • Restrict communication with buyers and sellers on classified sites to protect your details.
  • Use virtual cards with transaction limits for online purchases, and avoid storing significant amounts in linked accounts.
  • Stay informed about the latest scams to recognize and avoid them.

By staying vigilant and adopting these protective measures, individuals can reduce their risk of becoming victims of turnkey phishing scams.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...