Categories: Tech

Cybercriminals Scam Each Other Out

Published by
Globe News Wire


OXFORD, U.K., Dec. 07, 2022 (GLOBE NEWSWIRE) — Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced in the first of a four-part series, “The Scammers Who Scam Scammers on Cybercrime Forums,” that cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about the scams. The report also reveals how attackers use classic techniques—some decades old, such as typosquatting, phishing, backdoored malware, and fake marketplaces—to carry out their scams against each other.

For this report, Sophos X-Ops experts investigated Exploit and XSS, two Russian-language cybercrime forums that provide Access-as-a-Service (AaaS) listings, and BreachForums, an English-language cybercrime forum and marketplace specializing in data leaks. All three sites have dedicated arbitration rooms. Despite this resolution process provoking occasional mayhem among the “plaintiffs and defendants,” with some accused criminals either going dark and not showing up, or calling the complainants themselves “rippers,” the practice of scammers scamming scammers is lucrative. During a 12-month period, Sophos examined approximately 600 scams that resulted in threat actors losing more than $2.5 million to each other, just on these three forums—with claims ranging from $2 to $160,000.

“While investigating cybercriminal scams, we stumbled upon an entire sub-economy that includes not just lower-tier criminals, but some of the most prominent ransomware groups. And these scams aren’t always just financially motivated. Personal beefs and rivalries were common. We also found incidents where scammers would scam the scammers who scammed them. In one case, we found a trolling contest set up to get revenge on a scammer trying to trick users into paying $250 to join a fake underground forum. The ‘winner’ of the contest received $100,” said Matt Wixey, senior threat researcher, Sophos.

Sophos also discovered that the arguments and arbitration process left behind a wealth of untapped intelligence that security professionals and law enforcement could leverage to better understand and defend against cybercriminal behaviors.

“Because criminals often need to offer up a lot of evidence when reporting the scams that they themselves have fallen victim to, they provide a wealth of tactical and strategic information about their operations—something which has been an untapped resource until now. These arbitration reports also give us an inside look at attackers’ priorities, their rivalries and alliances, and, ironically, how they’re susceptible to the same types of deception used against their victims,” said Wixey.

Read part one of the four-part series on “The Scammers who Scam Scammers on Cybercrime Forums” on Sophos.com.

Learn More About

About Sophos
Sophos is a worldwide leader and innovator of advanced cybersecurity solutions, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies that help organizations defeat cyberattacks. As one of the largest pure-play cybersecurity providers, Sophos defends more than 500,000 organizations and more than 100 million users globally from active adversaries, ransomware, phishing, malware, and more. Sophos’ services and products connect through its cloud-based Sophos Central management console and are powered by Sophos X-Ops, the company’s cross-domain threat intelligence unit. Sophos X-Ops intelligence optimizes the entire Sophos Adaptive Cybersecurity Ecosystem, which includes a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity and information technology vendors. Sophos provides cybersecurity-as-a-service to organizations needing fully-managed, turnkey security solutions. Customers can also manage their cybersecurity directly with Sophos’ security operations platform or use a hybrid approach by supplementing their in-house teams with Sophos’ services, including threat hunting and remediation. Sophos sells through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. 

 
Globe News Wire
Share
Published by
Globe News Wire

Recent Posts

Miner Orb Introduces a New, Secure Way of

Nevada, Texas, United States, Feb. 03, 2023 (GLOBE NEWSWIRE) -- Summary: Miner Orb has emerged as… Read More

19 mins ago

Bioasis Announces AGM Results and Provides Update on

NEW HAVEN, Conn., Feb. 03, 2023 (GLOBE NEWSWIRE) -- BIOASIS TECHNOLOGIES INC. (OTCQB:BIOAF; TSX.V:BTI) (the… Read More

20 mins ago

KBRA Assigns Preliminary Ratings to LAD Auto Receivables Trust 2023-1

NEW YORK--(BUSINESS WIRE)--#KBRA--KBRA assigns preliminary ratings to six classes of notes issued by LAD Auto… Read More

21 mins ago

AERWINS Technologies Inc. and PONO Capital Corp. Complete

HONOLULU and TOKYO, Feb. 03, 2023 (GLOBE NEWSWIRE) -- AERWINS Technologies Inc. (“AERWINS” or the… Read More

1 hour ago

ORIC Pharmaceuticals Reports Inducement Grants under Nasdaq

SOUTH SAN FRANCISCO, Calif. and SAN DIEGO, Feb. 03, 2023 (GLOBE NEWSWIRE) -- ORIC Pharmaceuticals,… Read More

1 hour ago

Sarissa Capital Highlights Amarin’s Disregard for Shareholder Interests and Urges Shareholders to Vote the BLUE Proxy Card for Change at Amarin

Sarissa launches website www.freeamarin.com and posts presentation for shareholders Sarissa urges shareholders to vote the… Read More

1 hour ago