ReasonLabs describes a Russophone gang using bogus dating and customer support sites to induce its marks to cough up pay card details.
Large-scale credit card fraud scheme.
Researchers at ReasonLabs describe a major online credit card scheme that’s been active since 2019. The threat actor has used at least 200 phony dating websites and 75 fake customer support sites to trick users into signing up for fraudulent subscriptions. The dating sites inform users that the credit card statement will be unrelated to the adult industry, in order to be discreet.
The researchers believe the campaign is being run by an organized crime group based in Russia:
“We estimate [the scheme] has amassed tens of millions of dollars in fraud from tens of thousands of families and individuals. We estimate it is operated by a crime syndicate and found evidence that it originated in Russia. The scam seems to abuse several security brands, such as McAfee and ReasonLabs, to execute fraudulent credit card charges. The infrastructure is built on top of Amazon Web Services and uses GoDaddy to circulate hundreds of domains.
“The fraudster’s strategy includes operating a massive fake network of dating and adult websites with functional customer support capabilities. Once the sites are live, the scammers coerce payment providers to gain the ability to accept credit card payments. At this point, the fraudsters search the darknet and acquire thousands of stolen credit cards and charge them to their fake website’s services.”