Scammers no longer need to possess technical expertise or devise intricate fraud schemes.
The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even inexperienced fraudsters to prey on unsuspecting victims.
This article delves into the workings of a sophisticated scam gang specializing in classifieds-website scams.
It highlights the gang’s roles and tools and how individuals can protect themselves from falling victim to these schemes.
The Anatomy of a Scam Gang
According to a report by Kaspersky, at the heart of every scam gang is a well-organized structure, with each member playing a crucial role in executing fraudulent activities.
The gang’s key person is the founder or topic starter, who oversees the entire operation.
This individual manages a team that includes the following:
- Coders: Responsible for developing and maintaining Telegram channels, chats, and bots that facilitate the scam.
- Refunders: Posing as fake support agents, they handle any issues that arise during the scam.
- Carders: Tasked with withdrawing money from the victim’s bank account.
- Workers: These individuals find ads, respond, and persuade victims to open phishing links.
Additional roles, such as marketers, motivators, and mentors, are included in more sophisticated operations.
These members run promotional campaigns, provide moral support, and train workers.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
Communication within the gang primarily occurs through private groups and chats on Telegram, with the channel we investigated boasting around 15,000 members.
Of these, only five were mentors, while the majority were workers—pawns in the grand scheme of the scam.
The Telegram Bot: A Scammer’s Best Friend
The Telegram bot is one of the most powerful tools at the disposal of these scam gangs.
These bots automate much of the scamming process, making it easier for workers to execute their tasks efficiently.
For instance, a Telegram bot we discovered can generate up to 48 unique, personalized phishing ads at a time in four languages for six different classified websites.
The bot simultaneously creates links for two types of scams: seller scam (2.0) and buyer scam (1.0).
Once the phishing links are generated, workers use the bot to send them to the victim’s email, instant messaging account, or SMS inbox.
When a victim opens a phishing link, the bot sends a notification saying “Mammoth online,” indicating that the scam will likely succeed.
The bot provides real-time updates on the victim’s actions, allowing the worker to track the scam’s progress.
If the victim takes the bait and makes a payment, the bot calculates the worker’s share of the proceeds and identifies the carder who will withdraw the funds.
The Lucrative World of Scam Gangs
The financial rewards for scam gangs can be substantial.
Workers, who are the gang’s primary earners, pay commissions to the mastermind, mentor, and carder and are refunded.
According to internal chat logs, the gang we investigated earned over two million US dollars between August 2023 and June 2024.
However, these figures are self-reported and may be inflated to motivate workers.
Despite the potential for high earnings, scam gangs face limitations imposed by banking regulations.
For example, the gang operating out of Switzerland is restricted by local banking rules, which prevent them from stealing more than 15,000 Swiss francs (approximately 16,700 US dollars) at a time.
Workers also have a minimum withdrawal amount, typically not bothering with cards with less than 300 Swiss francs (333 US dollars) in the associated account.
Protecting Yourself from Turnkey Phishing
Turnkey phishing, facilitated by FaaS, poses a significant threat to individuals.
However, the protection measures remain consistent with those for other types of phishing.
Here are some tips to safeguard yourself:
- Use reliable security software to prevent following phishing links.
- Follow safe online selling rules to avoid falling for scams.
- Restrict communication with buyers and sellers on classified sites to protect your details.
- Use virtual cards with transaction limits for online purchases, and avoid storing significant amounts in linked accounts.
- Stay informed about the latest scams to recognize and avoid them.
By staying vigilant and adopting these protective measures, individuals can reduce their risk of becoming victims of turnkey phishing scams.
"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo