Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Kaspersky Team Message boards hit by new video-call scam
#1
https://www.kaspersky.com/blog/message-b...cam/52717/    Message boards hit by new video-call scam
Scammers posing as buyers snatch one-time codes during online product demos.


Kaspersky Team

December 2, 2024

Attackers target sellers on message boards
Large online marketplaces do what they can to combat fraud, but cybercriminals remain one step ahead when it comes to scamming both buyers and sellers. This year has seen the rise of an online video-call scam where fake buyers ask for a video-demo of a product, during which they swipe one-time codes. Here’s all about this scheme — in four acts.

Act one. Suspicion
A seller of a high-end product (say, a fancy TV) is approached by someone posing as a buyer who wants to pay and collect as quickly as possible. But there’s a catch: that someone requests a video-demo first. Most message boards don’t let you do this, and even if they do — the “buyer” will mysteriously have some issue at their end: “Strange, it’s not working, how about we use WhatsApp instead?” And so the conversation moves seamlessly to a messenger or other chat platform. The request to switch to WhatsApp, Telegram or whatever is a BIG red flag. On their own home turf, scammers have an easier job of luring you to a phishing site, because many message boards don’t allow sharing links in chats.

Act two. Certainty
The “buyer” asks the seller lots of questions about the product: where did they buy it, does it work ok, and, if so — why are they selling it? With each passing minute, this dialogue between strangers becomes all the more like a conversation between long-time buddies. The “buyer” seems keen and ready to fork out — the seller just needs to provide a card number for the transfer of funds and the deal is done: “What a pleasure doing business with this guy. He sure is trustworthy.” But here’s when the trap springs…

Act three. Discovery
Without even naming the screen-sharing feature, the “buyer” asks the seller to turn on screen-sharing in WhatsApp. If the seller complies, their banking app screen becomes visible to the scammers, who attempt to log in to the seller’s online bank account. At this point, the victim’s smartphone receives an unexpected text message with a one-time code. On most devices, the code is displayed in a pop-up message that the cybercriminals also get to see. And if the victim, still in screen-sharing mode, checks to see what message just arrived, the scammers don’t even need the pop-up — they get the code anyway!

Act four. Loss
Depending on what information the “buyer” had beforehand, and what access they gained to the victim’s bank account, they can either siphon off funds immediately, or, if the amount in the account is too large to transfer, switch to another scam involving a call from an “investigator” who promises to investigate the incident of fraudulent bank access and persuades the victim to transfer the money to “a safe account”. One way or another, the money disappears.

How to guard against message board scams
Bear in mind that message boards are often teeming with fake sellers and buyers. Sure, such accounts eventually get exposed and blocked after user complaints, but the perpetrators simply create or buy new ones. So we’ve made a list of tips to help you stay safe when buying or selling on any message board:

Chat with other buyers or sellers only within the platform. Never switch to a messenger app — even (or especially) if the other party really wants to. Outside the marketplace itself, scammers can slip you a phishing link to steal your account — or worse.
Use reliable protection on both your smartphone and computer, for example Kaspersky Premium.
Decline offers to use alternative delivery or money transfer services — opt for the platform’s native tools or accept payments in cash only.
Do not give anyone your phone number (and hide it in your marketplace profile) or card number.
Get yourself a virtual card with a limit on online payments.
Never give out one-time codes, because then even two-factor authentication won’t save your account.
Disable pop-up notifications and on-screen text messages.
Check the domain registration date before entering payment details on the site (see here for details of how to do this).


Attached Files Thumbnail(s)
               
Reply


Messages In This Thread
Kaspersky Team Message boards hit by new video-call scam - by mrtrout - 12-03-2024 , 03:02 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Busting digital superstitions Kaspersky Team mrtrout 0 349 09-02-2024 , 10:48 PM
Last Post: mrtrout
  Kick off the year with a digital cleanup ( Kaspersky Team ) mrtrout 0 954 01-13-2024 , 03:55 AM
Last Post: mrtrout
  Kaspersky: Kanye's Upcoming Album is a Scam Magnet mrtrout 0 660 09-04-2021 , 10:00 PM
Last Post: mrtrout
  Indian National Gets 20-Year Jail in United States for Running Scam Call Centers mrtrout 0 1,904 12-02-2020 , 07:04 AM
Last Post: mrtrout
  On November 12, Kaspersky’s Global Research and Analysis Team heads to Reddit for an mrtrout 0 1,522 11-02-2020 , 08:04 AM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)