Cybercriminals are breaking all records, having already deceived tens of thousands of users and earned almost $65 million.
Group-IB report that the Classiscam cybercrime operation, which operates on the "fraud as a service" model, has significantly expanded its scope of activity and now causes much more significant financial damage than before.
The group responsible for the activity of the operation recruits partners and provides them with ready-made phishing kits, through which they create fake ads and pages to steal money, bank card data, and credentials for accessing bank accounts.
After successful theft of funds, the operation operators share the income with their partners, taking 20-30% of the revenue. All other profits go to the partners themselves, who created phishing pages and ads. In general, such cooperation can be called quite profitable.
For the first time, the Classiscam cybercrime platform was discovered by the same Group-IB researchers in 2019. Then experts recorded the rapid growth of the platform, which in a specific period of time was used by up to 40 cybercrime groups. Operation Classiscam brought hackers about $6.5 million in profit in 2020.
In 2021, the scale of Classiscam's operations grew even more. The number of Telegram channels selling phishing kits has reached 90, and the number of registered participants is 38 thousand. The total damage caused by the fraudulent platform in 2021 is estimated by experts at $29 million.
Today, Group-IB published new data on Classiscam. The total profit of attackers from fraud on ad sites, as well as theft of funds and user payment card data, has already reached $64.5 million.
The number of brands targeted has grown from 169 last year to 251 this year, and the number of criminal groups using the platform has grown to a whopping 393. The operation operates in 79 countries, coordinating its actions in 1366 Telegram channels.
The main focus of the attacks is aimed at Europe, where Germany is the leader in the number of victims, followed by Poland, Spain, Italy and Romania.
Users from the UK on average lost the most money from each fraudulent transaction — $865. While the average damage worldwide is $353 per person.
According to Group-IB, the Classiscam operation has become more automated, using bots in Telegram to create phishing pages in seconds. In addition, the hierarchy of criminal groups involved in Classiscam has become more complex, and the phishing sites themselves have become more sophisticated.
Now hackers first check the victim's balance to estimate the maximum possible amount of debiting, and then fake the login pages of online banking and slip users to steal their credentials.
Unfortunately, Operation Classiscam continues to grow and become more effective in stealing users ' savings, which will only attract new cybercriminals.
Users of ad sites can protect themselves from such attacks by communicating only within the site's secure message system. Also, do not fall for too delicious offers and rush to transfer money to dubious sellers.
Especially carefully, you need to check the domain name of the site where you enter your bank details. If it doesn't correspond to the official one, it is very likely that you are dealing with scammers.
Group-IB report that the Classiscam cybercrime operation, which operates on the "fraud as a service" model, has significantly expanded its scope of activity and now causes much more significant financial damage than before.
The group responsible for the activity of the operation recruits partners and provides them with ready-made phishing kits, through which they create fake ads and pages to steal money, bank card data, and credentials for accessing bank accounts.
After successful theft of funds, the operation operators share the income with their partners, taking 20-30% of the revenue. All other profits go to the partners themselves, who created phishing pages and ads. In general, such cooperation can be called quite profitable.
For the first time, the Classiscam cybercrime platform was discovered by the same Group-IB researchers in 2019. Then experts recorded the rapid growth of the platform, which in a specific period of time was used by up to 40 cybercrime groups. Operation Classiscam brought hackers about $6.5 million in profit in 2020.
In 2021, the scale of Classiscam's operations grew even more. The number of Telegram channels selling phishing kits has reached 90, and the number of registered participants is 38 thousand. The total damage caused by the fraudulent platform in 2021 is estimated by experts at $29 million.
Today, Group-IB published new data on Classiscam. The total profit of attackers from fraud on ad sites, as well as theft of funds and user payment card data, has already reached $64.5 million.
The number of brands targeted has grown from 169 last year to 251 this year, and the number of criminal groups using the platform has grown to a whopping 393. The operation operates in 79 countries, coordinating its actions in 1366 Telegram channels.
The main focus of the attacks is aimed at Europe, where Germany is the leader in the number of victims, followed by Poland, Spain, Italy and Romania.
Users from the UK on average lost the most money from each fraudulent transaction — $865. While the average damage worldwide is $353 per person.
According to Group-IB, the Classiscam operation has become more automated, using bots in Telegram to create phishing pages in seconds. In addition, the hierarchy of criminal groups involved in Classiscam has become more complex, and the phishing sites themselves have become more sophisticated.
Now hackers first check the victim's balance to estimate the maximum possible amount of debiting, and then fake the login pages of online banking and slip users to steal their credentials.
Unfortunately, Operation Classiscam continues to grow and become more effective in stealing users ' savings, which will only attract new cybercriminals.
Users of ad sites can protect themselves from such attacks by communicating only within the site's secure message system. Also, do not fall for too delicious offers and rush to transfer money to dubious sellers.
Especially carefully, you need to check the domain name of the site where you enter your bank details. If it doesn't correspond to the official one, it is very likely that you are dealing with scammers.
