Monday, October 7, 2024
Homecyber securityScammers Offering Fraud-as-a-service to Other Scammers to Drain Victims Funds

Scammers Offering Fraud-as-a-service to Other Scammers to Drain Victims Funds

Published on

Scammers no longer need to possess technical expertise or devise intricate fraud schemes.

The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even inexperienced fraudsters to prey on unsuspecting victims.

This article delves into the workings of a sophisticated scam gang specializing in classifieds-website scams.

- Advertisement - EHA

It highlights the gang’s roles and tools and how individuals can protect themselves from falling victim to these schemes.

The Anatomy of a Scam Gang

According to a report by Kaspersky, at the heart of every scam gang is a well-organized structure, with each member playing a crucial role in executing fraudulent activities.

The gang’s key person is the founder or topic starter, who oversees the entire operation.

This individual manages a team that includes the following:

  • Coders: Responsible for developing and maintaining Telegram channels, chats, and bots that facilitate the scam.
  • Refunders: Posing as fake support agents, they handle any issues that arise during the scam.
  • Carders: Tasked with withdrawing money from the victim’s bank account.
  • Workers: These individuals find ads, respond, and persuade victims to open phishing links.

Additional roles, such as marketers, motivators, and mentors, are included in more sophisticated operations.

These members run promotional campaigns, provide moral support, and train workers.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Communication within the gang primarily occurs through private groups and chats on Telegram, with the channel we investigated boasting around 15,000 members.

Of these, only five were mentors, while the majority were workers—pawns in the grand scheme of the scam.

A bot creates links for two types of scam at a time: seller scam (2.0) and buyer scam (1.0)
A bot creates links for two types of scam at a time: seller scam (2.0) and buyer scam (1.0)

The Telegram Bot: A Scammer’s Best Friend

The Telegram bot is one of the most powerful tools at the disposal of these scam gangs.

These bots automate much of the scamming process, making it easier for workers to execute their tasks efficiently.

For instance, a Telegram bot we discovered can generate up to 48 unique, personalized phishing ads at a time in four languages for six different classified websites.

The bot simultaneously creates links for two types of scams: seller scam (2.0) and buyer scam (1.0).

The bot tells the worker everything the victim does — in detail
The bot tells the worker everything the victim does — in detail

Once the phishing links are generated, workers use the bot to send them to the victim’s email, instant messaging account, or SMS inbox.

When a victim opens a phishing link, the bot sends a notification saying “Mammoth online,” indicating that the scam will likely succeed.

The bot provides real-time updates on the victim’s actions, allowing the worker to track the scam’s progress.

If the victim takes the bait and makes a payment, the bot calculates the worker’s share of the proceeds and identifies the carder who will withdraw the funds.

The Lucrative World of Scam Gangs

The financial rewards for scam gangs can be substantial.

Workers, who are the gang’s primary earners, pay commissions to the mastermind, mentor, and carder and are refunded.

According to internal chat logs, the gang we investigated earned over two million US dollars between August 2023 and June 2024.

However, these figures are self-reported and may be inflated to motivate workers.

A bad day for the scammers — but a happy one for the whole humanity
A bad day for the scammers — but a happy one for the whole humanity

Despite the potential for high earnings, scam gangs face limitations imposed by banking regulations.

For example, the gang operating out of Switzerland is restricted by local banking rules, which prevent them from stealing more than 15,000 Swiss francs (approximately 16,700 US dollars) at a time.

Workers also have a minimum withdrawal amount, typically not bothering with cards with less than 300 Swiss francs (333 US dollars) in the associated account.

Protecting Yourself from Turnkey Phishing

Turnkey phishing, facilitated by FaaS, poses a significant threat to individuals.

However, the protection measures remain consistent with those for other types of phishing.

Here are some tips to safeguard yourself:

  • Use reliable security software to prevent following phishing links.
  • Follow safe online selling rules to avoid falling for scams.
  • Restrict communication with buyers and sellers on classified sites to protect your details.
  • Use virtual cards with transaction limits for online purchases, and avoid storing significant amounts in linked accounts.
  • Stay informed about the latest scams to recognize and avoid them.

By staying vigilant and adopting these protective measures, individuals can reduce their risk of becoming victims of turnkey phishing scams.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Hybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware Detection

Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA,...

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been identified in the Cacti network monitoring tool that...

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware Detection

Criminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA,...

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

The researcher investigated the potential security risks associated with debugging dump files in Visual...

Cacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been identified in the Cacti network monitoring tool that...