BI.ZONE uncovers a new fraud scheme on classifieds websites
The scheme involves the attacker placing an advertisement on Avito or Youla. The item is offered at a low price and the potential buyer is tempted to respond to the ad. The victim learns that the seller is located in another town but can arrange for the item to be delivered. Once the buyer agrees to the up-front payment, they receive a link to a phishing page that mimics the interface of the legitimate payment application. The victim enters their card details and pays for the purchase. This done, the fraudsters delete their account on the platform and never interact with the user again.
BI.ZONE has detected over 20 Telegram channels which members are engaged in the scheme, including daily distribution of dozens of phishing messages on Avito and Youla. The average catch for a single gang is around 52,000 RUR per day, while the aggregate losses incurred by the victims are estimated at 1 million for the same period. Furthermore, there are channels created specifically for recruiting scammers. One of such channels has 13,500 members.
Fraudsters actively use the Telegram bot to automate their operations. It has a wide range of features, including the ability to create phishing emails and track successful phishing attempts based on confirmed payments. This significantly lowers the entry barriers and increases the number of fraudsters and attacks. BI.ZONE experts are investigating the scheme.
‘Attackers are becoming ever more sophisticated in their methods. They know very well how to lure their victims — most take the bait of heavily discounted iPhone offers. For many, such offers are too good to miss, but they also forget that such offers are also too good to be true. Do not become a victim of phishing, do not click on any links sent by the seller, even if they claim it necessary for the purchase. And always beware and look out for phishing indicators when browsing the net,’ commented Evgeny Voloshin, CSO of BI.ZONE.