Messaging App Used to Lure Victims to Payment Card Stealing Sites
Cybercriminals are posting fake advertisements in European online marketplaces. Victims are targeted with Telegram bots that offer fraudulent products and services. The intention is to trick unsuspecting victims into clicking on links that lead them to fake online eCommerce sites or harmful websites.
The goal is to steal payment card numbers.
The average victim is scammed out of $120 USD.
Is estimated at cybercriminals deploying Classicam made at least $6.5 million USD in 2020.
“The scheme, dubbed Classiscam by Group-IB, is an automated scam as a service designed to steal money and payment data. The scheme uses Telegram bots that provide scammers with ready-to-use pages mimicking popular classifieds, marketplaces, and sometimes delivery services,” says a report by cyber security researchers at Group-IB.
Cybercriminals can buy Classiscam as a pre-packaged bundle including the phishing web pages and chatbot messages containing links with fake offers.
Classiscam was first spotted in Russia in 2019 by Cyber security researchers at Group-IB.
The scam chatbot supplies ten different pre-canned bots for use in various countries in scripts to use to send links to victims.
“We see that Classiscammers are now actively migrating from Russia to Europe and other countries. It’s not the first time when Russia serves as a testing ground for cybercriminals with global ambitions,” says Yaroslav Kargalev CERT-GIB deputy head
The scam has now been spotted targeting victims in Bulgaria, France, the Czech Republic, Poland, and Romania as well.
Classiscam Scam – How it Works
- Cybercriminals purchase advertisements on well-trafficked online marketplaces as well as classified advertisements
- Typical adverts contain offers for electronics including phones, laptops, and cameras
- Potential victims are directed to telegram to arrange for payment and delivery
- The cybercriminals may also impersonate customers so they can steal from the merchants too
Telegram is a popular messaging app that features encrypted messages and privacy for users. It has seen a recent increase in usage as users leave WhatsApp over privacy concerns.
This Telegram based phishing scam is not restricted to one group of cybercriminals. There are at least cybercriminal 40 groups using Classiscam scams.
How to Avoid a Messaging App Scam
Many online businesses legitimately use messaging apps such as WhatsApp, WeChat, and Telegram to complete transactions and arrange for delivery. However, not all marketplaces are legitimate.
- Always double-check the URL of the landing page before you input your payment information
- Never send your payment card number in a message to the seller. Always enter that information into an encrypted payment platform yourself.
- Try to negotiate terms so you receive the product first and pay after you have seen them
- Always be suspicious of anyone who is pressuring you to pay right away for a limited time offers for huge discounts