In a report released this week, security firm Group-IB has described a Russian-speaking scam operation that started targeting users of European marketplaces and classifieds. The scheme, dubbed Classiscam, is an automated scam as a service designed to steal money and payment data. Experts have so far identified at least 40 active Classiscam gangs that use scam pages mimicking popular classified, marketplace, and delivery companies with every one of them running a separate Telegram bot.
<div class=\"gs\"> <div class=\"\"> <div id=\":o1\" class=\"ii gt\"> <div id=\":o0\" class=\"a3s aiL \"> <div dir=\"ltr\"> <div class=\"gmail_quote\"> <div> <p>If it ain’t broke, don’t fix it! There is no incentive for cybercriminals to abandon a technique that still offers them substantial rewards with relatively small effort. The premise of Classiscam is fairly simple, but some groups have gone to the length of appointing fake customer service representatives to add credibility to their operations, which attests to their determination. We can expect that Classicscam cybercrime operations will try to replicate their success in the West, given the consistent monetary returns that they seem to be yielding for the cybercriminals behind them.</p> <p> </p> <p>The best thing users can do to protect themselves from this kind of fraud is to follow the principle that whenever something seems too good to be true, it probably isn’t. It would be best to validate special offers by searching for them manually, rather than trusting a promotion appearing on a website ad – especially if the page it appears on is not particularly secure. Just like phishing scams, these ad-based operations have a strong social engineering component, and the increased recognition of security awareness training as a defense tool is bound to make it a lot harder for attackers to trick users.</p> </div> </div> </div> <div class=\"yj6qo\"> </div> <div class=\"adL\"> </div> </div> </div> <div class=\"hi\"> </div> </div> </div>