14 DAY TRIAL // Infosec experts have detected a flurry of online scams in the past few weeks, ranging in topics from the classic tech support trickery to innovative methods of defrauding Tinder users, and the opportunistic attempts to take advantage of political events such as the Turkey coup.
All events are part of a trend that has been slowly ramping up during the last few months, especially at the highest level, with scams targeting businesses executives being known as BEC.
In June, we wrote about how the FBI's Internet Crime Complaint Center (IC3) said that BECs (Business Email Scams) had defrauded companies around the world of over $3 billion since October 2013.
In a similar report released this month, Symantec also indicates that companies around the world face over 400 BEC scams each day, with small- and medium-sized businesses being targeted the most, due to a bigger chance of encountering professionals who have not received anti-BEC training.
Tinder spam scams users out of money
While BEC scams will net crooks the most money in one go, scams targeting regular users are more common than anything else.
One of the most recent trends, also observed by Symantec, is a new trick for which scammers create fake Tinder profiles.
Once users match with these fake Tinder accounts, the crooks use social engineering or automated chat bots to trick the victim into paying for various types of services.
Victims are usually encouraged to pay for sites that supposedly verify their identity or the identity of the people they want to meet, but are instead forcibly subscribed to adult webcam and adult dating sites.
Turkey coup scams, or the new-age Nigerian Prince trick
A recent online scam detected by Proofpoint uses the recent failed Turkey coup as its central element.
Victims receive spam email asking them to wire money to a bank account so that a high-ranking executive trapped in Turkey during the attacks can return home.
This is nothing more than a new twist on the classic Nigerian Prince scam for which victims are asked to send money so that a wealthy Nigerian Prince can return home. Another more hilarious twist on this scam involves a Nigerian astronaut trapped on the International Space Station asking for money on behalf of the Nigerian Space Agency so they can build a rocket. If you didn't know this scam, then you're behind with your Internet lore.
Courier scammers intercepting SMS messages
Another recent scam that uses out of the ordinary tactics is the one that's affecting users in Singapore.
According to Trend Micro, scammers are pretending to be employees of DHL, a courier service, and calling Singaporeans and asking for sensitive information such as their name, address, National Registration Identity Card (NRIC) number, passport number, and bank account details.
Trend Micro believes that the scammers are using some malicious app on the victim's phone to detect when the user receives an SMS about an incoming package, and then use the arrival of this SMS as the right moment to call and ask the user about their personal information.
The old and annoying tech support scams
At the end of June, Softpedia was approached by MalwareHunterTeam with information about a tech support scammer that was running over 120 tech support sites on GoDaddy's infrastructure, which the company was extremely slow to remove.
In the meantime, tech support scammers have not been standing still. Just by following the activity on accounts such as @malwrhunterteam, @JAMESWT_MHT, and @techhelplistcom, you can get a quick idea of how common tech support scams really are, with the researchers unearthing tens of malicious sites each day.
One of their most recent discoveries is a man based in India and named May Kamal, who used the maykamal27[@]gmail[.]com email address to register a bunch of domains that he employed for tech support scams, phishing, and other operations.
The good news is that Gandi, the company where the domains were registered and hosted and which also gave the crook reseller rights, took down the sites in a few minutes after receiving the notification from the researchers.
@gandibar 10+++ pic.twitter.com/0MFRiJ4NdG — JAMESWT (@JAMESWT_MHT) July 15, 2016
