Shillong, November 26: Threat actors are using a malicious Telegram bot called “Telekopye” to pull off large-scale phishing scams, a new report has said.
According to security researcher Radek Jizba from ESETResearch, Telekopye is a highly sophisticated tool that allows criminals to create convincing phishing websites, emails, SMS messages, and more.
Neanderthals, a group of threat actors, have managed to present themselves as a legitimate company, enabling them to function within a structured framework.
Aspiring members are recruited through underground forums and are granted access to specific Telegram channels, where they can communicate with other members and monitor ongoing operations.
The Neanderthals’ ultimate goal is to commit one of three types of scams — seller, buyer, or refund.
Seller scams involve duping unsuspecting victims, dubbed Mammoths, into buying nonexistent items. Buyer scams involve Neanderthals impersonating buyers in order to trick merchants (also known as Mammoths) into disclosing financial information.
Refund scams occur when Neanderthals mislead Mammoths into believing they are offering a refund only to deduct the same amount of money again, the report showed.
The Neanderthals use a variety of strategies to carry out these scams successfully.
When attempting a seller scam, for example, they prepare additional photos of the non-existent item in case the Mammoths request more information. They also manipulate internet images to make reverse image searches more difficult.
Buyer scams necessitate careful planning and research.
The Neanderthals choose their targets based on factors such as gender, age, experience in online marketplaces, ratings, reviews, completed trades, and the type of items they sell, which allows them to tailor their approach and increase the chances of success, the report said.
In order to entice Mammoths, the Neanderthals also engage in real estate fraud, creating fictitious apartment listings.
They remain anonymous by using VPNs, proxies, and TOR, making it difficult for authorities to track them down. (IANS)