Classiscam Scam-as-a-Service Nets Cybercriminals $64.5 Million Since 2019
The Classiscam scam-as-a-service program has managed to accumulate a staggering $64.5 million in illicit earnings since its emergence in 2019, according to a report by cybersecurity company Group-IB.
Evolving Tactics, How Classiscam Went from Classified Sites to Worldwide Fraud
Initially, Classiscam campaigns began on classified sites, where scammers would post counterfeit advertisements and employ social engineering tactics to persuade users to make payments for non-existent goods via bank card transfers. Over time, these campaigns have evolved and can now operate on various platforms such as online marketplaces and carpooling websites.
A significant majority of victims, approximately 62.2%, are located in Europe, with the Middle East and Africa at 18.2%, and the Asia-Pacific region at 13%. The countries with the highest number of fraudulent transactions reported in Classiscam chats are Germany, Poland, Spain, Italy, and Romania.
Classiscam, discovered in 2019, encompasses 1,366 distinct groups on Telegram and initially targeted Russia before expanding its operations globally, reaching 79 countries, and impersonating 251 brands. Its rise coincided with the COVID-19 pandemic in 2020, which led to a surge in online shopping, providing fertile ground for cybercriminals.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
The scammers employ various methods, including social engineering, to trick users into purchasing falsely advertised products or services, directing victims to automatically generated phishing websites. To evade link blocking, the scammers transfer conversations to instant messaging apps. Phishing pages are created in real-time using Telegram bots.
In addition, certain campaigns targeting specific countries feature fake login pages for local banks. Victims’ login credentials entered on these pages are collected by scammers who then access the accounts to transfer money to their control.
The Classiscam operation employs a complex backend infrastructure involving various roles, including workers and bombers, supporters, money mules, developers, and administrators. These actors facilitate the scam’s execution and oversee recruitment and day-to-day operations.
Recent Classiscam operations have introduced a balance check, completed by the victim on phishing web pages, to assess the victim’s bank account balance and determine the amount they can charge to the card.
Stealer Malware Emergence, The Shifting Landscape of Classiscam Scammers
Notably, some groups within Classiscam have transitioned from traditional attacks to launching stealer campaigns. These groups utilize stealer malware to collect passwords from browser accounts, indicating a shift in tactics.
Trending: Offensive Security Tool: BruteSpray
As the stealer malware becomes more sophisticated, it not only lowers the entry barrier for financially motivated cybercrime but also serves as a precursor to more advanced threats such as ransomware and espionage.
These revelations coincide with a United Nations report exposing organized criminal gangs coercing over 200,000 individuals in Southeast Asia, particularly in Cambodia and Myanmar, into participating in various online scams. These scams encompass romance-investment fraud, crypto fraud, and illegal gambling, generating billions of dollars annually.
Many victims have been subjected to forced labor, sexual violence, torture, and arbitrary detention. While most victims are men, women and adolescents are also targeted, often coming from professional backgrounds with advanced degrees and computer literacy.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: thehackernews.com