Cybersecurity researchers at ReasonLabs have uncovered a massive multi-million dollar scam operation that has been extracting millions out of credit cards since at least 2019, with the victim count in the tens of thousands.
The operation is essentially a network of fake dating and customer support websites that are used to charge credit cards bought on the dark web. ReasonLabs believes that the operators come from a Russian crime syndicate.
Several security companies, including McAfee and ReasonLabs itself, have been abused for these fake charges. The entire infrastructure is built on Amazon Web Services and uses GoDaddy to circulate its over 275 domains. Candid.Technology tested 50 of the 275 domains listed in ReasonLabs’ report randomly, and all sites remain online at the time of writing.
To avoid being blacklisted by payment acquirers, each website applied individually to prevent the whole operation from collapsing should a single site gets rejected or the operation is discovered. As proof of legitimacy, all the sites have a 24/7 support chat feature and a working telephone line handled by an outsourced support centre provider.
All sites also feature a toll-free number for subscribers to cancel their payments to add another layer of legitimacy not usually seen in scam sites. Once the payment processor approves, the operators dump credit cards found on the dark web and charge…
