A large–scale operation that reportedly stole millions of dollars from credit cards from 2019 to earlier this year has been exposed by cybersecurity company ReasonLabs.
The scammers, defined by ReasonLabs as a “crime syndicate with origins in Russia,” would have used Amazon Web Services, GoDaddy and eNom to carry out the scheme.
According to the company, the victims of the elaborate plot were users of major credit card providers, including Mastercard, Visa and American Express, among others.
From a technical standpoint, the operation involved establishing a massive network of fake dating and customer support websites.
“The fraudster group operating this scam has most likely been using proxy people to create a number of fake dating websites. These websites are functional, yet they do not receive real traffic and are very hard to locate on Google,” ReasonLabs wrote in an advisory published over the weekend.
“In addition to these dating websites, the fraudsters also created 75 different customer support–focused websites.”
The threat actors would have then used these websites to charge credit cards bought on the dark web, primarily derived from the US (as the websites found are registered in the US) but also from France or other French–speaking locations.
“At certain points of this scheme, the fraudsters will reach the maximum available chargeback rate, and the ability to charge more cards will probably be revoked,” ReasonLabs…
