Hackers Steal Credit Cards From Classified Sites Via Phishing

Share post:

Threat analysts at Group-IB have uncovered a new credit card theft campaign aimed at stealing credit cards from sellers on classified sites via phishing.

The campaign ongoing in Singapore was recently discovered in March 2022 and is seen as part of a global operation called “Classicscam,” which was uncovered as early as 2020.

According to Group-IB, Classicscam is a fully automated “scam as a service” platform that target users of classified websites who try to sell or buy something listed on the sites.

The criminal network now has 38,000 registered users, who receive about 75% of the stolen amounts, while the platform administrators receive a 25% cut. It targets banks, cryptocurrency exchanges, delivery companies, moving companies and other types of service providers.

While it has previously been seen in Russia, Europe and the United States, the new campaign in Singapore uses 18 domains that served as a space for Telegram bots to create phishing pages.

In order to carry out an attack, the attackers approach the seller of an item with a fake intention to buy, then send them the URL of a generated phishing page. If the seller clicks on it, they will be taken to a malicious page, which deceives them that the payment has been completed.

The seller is asked to enter full card details in order to receive the money for the purchase. Next, the victim is sent a fake OTP page, while the Classicscam service uses this to log in to the real bank portal via a reverse proxy.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways