A credit/debit card stealing scheme that was initially discovered in 2020 has now been detected in Singapore.
As reported by Bleeping Computer, threat analysts at cybersecurity company Group-IB link it to “Classicscam,” a global operation that has targeted individuals in Europe, Russia, and the U.S.
Phishing sites that imitate Singaporean classifieds sites are created and spread via Telegram, which is becoming an increasingly popular platform for hackers, drug dealers, and cybercriminals in general. A total of 18 phishing-related domains connected to the scheme were uncovered.
Furthermore, with the use of one-time passcodes (OTPs) associated with someone’s bank, scammers aim to divert the funds away from the victim and into their own accounts.
The threat actors initially contact the seller of an item on these classified sites to mention they want to buy it, after which an URL of the phishing site is sent.
Should the seller fall for the bogus URL and follow through, the site they load will resemble the classifieds portal, stating that the payment for buying the item has been processed successfully.
The seller is reportedly required to provide their full card details to receive the amount owed to them for selling their item, including their name, card number, expiration date, and the CVV code.
From here, the seller is given a doctored OTP (one-time password) page, which is when the scammer can…
