"'Scam-as-a-Service' Scheme Spreads"
Researchers at the global threat hunting and adversary-centric cyber intelligence company Group-IB discovered a Russian-speaking scam-as-a-service operation called Classiscam. This operation, which started two years ago, now involves 40 interconnected gangs. These gangs operate in Russia, France, Poland, Romania, the US, and other countries. Group-IB reports that the groups are using fake online advertisements for products such as cameras, game consoles, laptops, smartphones, and more, to lure buyers into visiting phishing pages where they can harvest personal information and payment data. These groups made a total of at least $6.5 million in 2020. The brands spoofed by the Classiscam operation include the French marketplace Leboncoin, the Polish online brand Allegro, the Czech website Sbazar, and Romania's FAN Courier site. According to Group-IB, the criminal group expanded its operation in response to the significant increase in online shopping during the COVID-19 pandemic. The hackers behind Classiscam set up Telegram chatbots to automate the management and expansion of the scheme. These bots generate ready-to-use pages that mimic classified advertising, marketplace, and phishing URLs. This article continues to discuss the advancement of the Classiscam scheme regarding its operators, techniques, and tools.
BankInfoSecurity reports "'Scam-as-a-Service' Scheme Spreads"