A newly uncovered Russian-based cybercrime operation has helped classified ads scammers steal more than $6.5 million from buyers across the US, Europe, and former Soviet states.
In a report published today, cyber-security firm Group-IB has delved into this operation, which the company has described as a Scam-as-a-Service and codenamed Classiscam.
According to the report, the Classiscam scheme began in early 2019 and initially only targeted buyers active on Russian online marketplaces and classified ads portals.
The group expanded to other countries only last year after they began recruiting scammers who could target and have conversations with foreign-language customers. Currently, Classiscam is active in more than a dozen countries and on foreign marketplace and courier services such as Leboncoin, Allegro, OLX, FAN Courier, Sbazar, DHL, and others.
How Classiscam operates
But despite the wide targeting, Classiscam's modus operandi follows a similar pattern —adapted for each site— and revolvs around publishing ads for non-existing products on online marketplaces.
"The ads usually offer cameras, game consoles, laptops, smartphones, and similar items for sale at deliberately low prices," Group-IB said today.
Once users are interested and contact the vendor (scammer), the Classiscam operator would request the buyer to provide details to arrange the product's delivery.
The scammer would then use a Telegram bot to generate a phishing page that mimicked the original marketplace but was hosted on a look-a-like domain. The scammer would send the link to the buyer, who would fill it with their payment details.
Once the victim provided the payment details, the scammers would take the data and attempt to use it elsewhere to pu ..