Scammers Watch Out: You’re Being Scammed
- By CDOTrends editors
- December 19, 2022
Scams have been around for a long time, with criminals always finding new ways to deceive and gain from unsuspecting victims. However, cybercriminals appear to be targeting each other with these same tactics.
According to a new report from cybersecurity solutions company Sophos, scammers defrauded each other out of millions of dollars and then took their complaints to arbitration rooms to settle disputes about these scams.
Sophos, a cybersecurity solutions company, revealed that cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about those scams, as reported in its first of a four-part series “The Scammers Who Scam Scammers on Cybercrime Forums.”
The report highlighted classic techniques — some dating back decades, such as typosquatting, phishing, backdoored malware, and fake marketplaces — which attackers have used to carry out scams against each other before taking their complaints about the scams to arbitration rooms.
During 12 months, Sophos examined approximately 600 scams that resulted in threat actors losing more than USD2.5 million to each other, just on three forums — with claims ranging from USD2 to USD160,000.
The three forums that Sophos X-Ops experts investigated for this report included Exploit and XSS, two Russian-language cybercrime forums that provide Access-as-a-Service (AaaS) listings, and BreachForums, an English-language cybercrime forum and marketplace specializing in data leaks. All three sites have dedicated arbitration rooms.
This resolution process has provoked occasional mayhem among the “plaintiffs and defendants,” with some criminals disappearing or calling their accusers “rippers” instead — a form of retaliation by which they attempt to sour calls-to-action on other scams. Despite this, the practice of scammers scamming scammers is still a lucrative business.
“While investigating cybercriminal scams, we stumbled upon an entire sub-economy that includes not just lower-tier criminals but some of the most prominent ransomware groups. And these scams aren’t always just financially motivated. Personal beefs and rivalries were common. We also found incidents where scammers would scam the scammers who scammed them. In one case, we found a trolling contest set up to get revenge on a scammer trying to trick users into paying USD250 to join a fake underground forum. The ‘winner’ of the contest received USD100,” said Matt Wixey, a senior threat researcher at Sophos.
Sophos also discovered that the arguments and arbitration process left behind a wealth of untapped intelligence that security professionals and law enforcement could leverage to better understand and defend against cybercriminal behaviors.
“Because criminals often need to offer up a lot of evidence when reporting the scams that they themselves have fallen victim to, they provide a wealth of tactical and strategic information about their operations — something which has been an untapped resource until now. These arbitration reports also give us an inside look at attackers’ priorities, their rivalries and alliances, and, ironically, how they’re susceptible to the same types of deception used against their victims,” added Wixey.
Image credit: iStockphoto/Tast Nawarat