Scam-as-a-Service has arrived, and it is making a killing.
An organized scamming operation composed of 40 groups operating in Europe, post-Soviet satellite countries, and the U.S. made at least $6.5 million in 2020, according to a report from Group-IB—a Singapore-based cyber-intelligence company.
The automated scam-as-a-service operation, dubbed “Classiscam,” according to Fox News, is designed to steal money and payment data.
The scheme uses Telegram bots and provides scammers with ready-to-use pages that imitate the brand names of popular international classifieds and marketplaces, including Leboncoin, Allegro, OLX, FAN Courier, and Sbazar, Group-IB noted, adding that it has sent notifications alerting all of the affected brands.
Telegram bots, which are typically innocuous, are Telegram accounts operated by software (not people) and often have AI features, according to Telegram.
About 20 groups are reported to operate in Bulgaria, the Czech Republic, France, Poland, Romania, the U.S., and post-Soviet countries, while 20 groups work in Russia, Group-IB said.
The scheme—which initially targeted popular delivery brands—is now “growing rapidly” in other regions around the world, Group-IB reported.
“Having fine-tuned their operations in European countries…scammers are now trying to win the U.S. market,” a Group-IB spokesperson told Fox News in an email.
“Classiscam’s popularity lies in its simplicity and ability to scale the scam,” the Group-IB spokesperson said.
“The automated management…through Telegram chat bots constantly attracts new members, who simply need to send a link with the bait product to the Telegram chatbot to get a complete phishing kit including courier service, payment, and refund URLs,” the spokesperson said.
Recommendations for combating these groups include double-checking the URL before providing login and payment details on certain websites. If the site is only a couple of months old, it is very likely that it is a scam or a phishing page.