Skip to main content

Selling something online? Watch out for this clever new scam

A credit/debit card stealing scheme that was initially discovered in 2020 has now been detected in Singapore.

As reported by Bleeping Computer, threat analysts at cybersecurity company Group-IB link it to “Classicscam,” a global operation that has targeted individuals in Europe, Russia, and the U.S.

An individual holding a phone and card.
Karl Tapales/Getty Images

Phishing sites that imitate Singaporean classifieds sites are created and spread via Telegram, which is becoming an increasingly popular platform for hackers, drug dealers, and cybercriminals in general. A total of 18 phishing-related domains connected to the scheme were uncovered.

Recommended Videos

Furthermore, with the use of one-time passcodes (OTPs) associated with someone’s bank, scammers aim to divert the funds away from the victim and into their own accounts.

The threat actors initially contact the seller of an item on these classified sites to mention they want to buy it, after which an URL of the phishing site is sent.

Should the seller fall for the bogus URL and follow through, the site they load will resemble the classifieds portal, stating that the payment for buying the item has been processed successfully.

The seller is reportedly required to provide their full card details to receive the amount owed to them for selling their item, including their name, card number, expiration date, and the CVV code.

An infographic detailing an online scam.
Image source: Group-IB/Bleeping Computer Image used with permission by copyright holder

From here, the seller is given a doctored OTP (one-time password) page, which is when the scammer can then use that through a reverse proxy on the actual bank portal.

Classicscam operates as an automated “scam as a service,” which is undoubtedly popular among the hacking community. It primarily attempts to focus on users of classified sites, but its efforts also extend to banks, cryptocurrency exchanges, delivery companies, and moving companies to name a few.

In order to promote its services and for operational purposes, Classicscam is spread through Telegram channels — there’s said to be around 90 active rooms at the moment. Since it launched during 2019, it’s reported that it has been behind $29 million in damages.

Group-IB highlights how the network is home to 38,000 registered users, all of whom receive around 75% of any stolen proceeds. Platform administrators, meanwhile, take the remaining 25% cut.

Although Group-IB has tracked down and blocked 5,000 malicious endpoints over the last three years, that hasn’t negatively affected Classicscam’s activity.

Ilia Rozhnov, Group-IB’s head of digital risk protection team, commented on the sophisticated nature of the scheme.

“Classiscam is far more complex to tackle than the conventional types of scams. Unlike the conventional scams, Classiscam is fully automated and could be widely distributed. Scammers could create an inexhaustible list of links on the fly. To complicate the detection and takedown, the home page of the rogue domains always redirects to the official website of a local classified platform.”

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Hackers’ Cyber Monday deals will be unbelievably good
An Illustration shows a programmer busy with a laptop and several monitors.

Cyber Monday is one of the biggest shopping days of the year, following Black Friday, and since the reason for the sale day is to push online shopping, you should be particularly wary about hackers creating fake deals that seem unbelievably good. If it sounds too good to be true, it probably is.

Despite our best instincts, it's hard to pass up a huge discount on an exciting present and as the year starts winding down to the end, the pressure is on to find a nice gift to give your loved ones for the holidays. This adds up to a perfect recipe for hackers to take advantage of eager shoppers with an enticing bargain.

Read more
Hackers target your holiday shopping with new phishing scam
Woman using a laptop next to a latte.

It's easy to get fooled by this new and devious, holiday-themed phishing attack that offers free prizes. But the old caution that “if it sounds too good to be true, it probably is” continues to be proven correct in this case.

What makes this trick so effective is the elaborate methods used to conceal its nefarious purpose and to reassure you, the potential victim, that it’s perfectly OK to proceed. This phishing attack has actually been active since September and is ongoing, targeting holiday shoppers seeking special offers.

Read more
A new phishing scam pretends to be your boss sending you an email
A Dell laptop connected to a hard drive on a couch.

One of the latest email scams is a simple yet masterful ploy that gets companies to give up money under the guise of communicating with senior members of an organization within an email chain.

As reported by ZDNet, the scam is called a business email compromise (BEC) campaign and is described as a prompt where a nefarious actor, disguised as a company boss, sends an email that looks like a forwarded email chain, with instructions to an employee to send money. Targets of this type of scam are typically employees in the finance department or someone who has the ability to send wire transfers.

Read more