Interpol busts 2000 suspects in phone scamming takedown

Security

Sick of the unending stream of email and phone calls you receive from scammers claiming to represent your bank? Amazon? Microsoft? The tax office? The police?

We sympathise – we’re sick of them too, especially landline calls that could be a loved one calling for help or advice, and thus need to be answered…

…but that rarely, if ever, turn out to have a familiar voice at the other end.

Perhaps you’re one of the 40,000,000 or so viewers of famous science-and-engineering YouTuber Mark Rober’s video entitled Pranks Destroy Scam Callers – GlitterBomb Payback?

Rober makes some alarming but entirely believable claims of just how much money [a] a top call-centre scammer can make if they hit their on-target earnings and [b] just how much a typical call centre of this sort turns over each day.

If you haven’t seen it, the video starts with the words, “I have 100 cockroaches here, and I placed them in this James Bond-style contraption,” so you can probably imagine how things end.

Despite the not-very-threatening outcome when Rober later releases the insects inside a scam call centre where he has access to footage from the CCTV feed, the video gives a good visual indication of just how industriously and unrelentingly these scammers operate. (When not driven from their work pods by roaches, that is.)

Fake refund scams

The scammers in Rober’s video seem to go in mainly for what are known as “fake refund” tricks, which go something like this:

  • Scammers “refund” you an impressive but believable amount, say $2000, for an “over-billing” for a product or service you actually use.
  • They then “help” you login to your bank account to ensure that the transaction went through.
  • They sneakily edit the HTML in your browser so the page shows a transaction for ten times the amount originally mentioned.
  • They cry out in alarm, claiming they themselves must have typed in an extra zero and that they’ve accidentally refunded too much.
  • Then they burst into tears, or turn on the emotional blackmail, claiming they (or you!) will be liable for the massive difference, so please, oh! please! won’t you help?

Their goal is to lure, browbeat, wheedle, threaten, cajole, beg and convince you to refund the “extra” money out of your own account.

After all, you can see the giant refund is there… except that it isn’t, because the item on the page is fake, with the HTML modified in memory to show a huge deposit and a vastly increased balance.

You’re scammed into thinking that they’ve made a mistake that will definitely get them in trouble, and could get you into trouble, too.

The crooks therefore hope to persuade you to help them “cover up” their mistake by withdrawing the “excess” from your own account and paying the non-existent “difference” back to them via some other channel.

While you might be sure that no criminal would ever catch you out with an apparently obvious trick like this, you’ll probably admit that, like most things, this sort of scam is only truly obvious the second time you see it or hear about it.

Travelling by bus is easy. Billions of people do it all over the world every week. But if you’ve ever taken a bus in a new town or city, you’ll know the uncertainty you face the first time you make a journey. Do you get off at this stop? Perhaps the next one is a bit closer? But what if the bus swoops into a tunnel and your next stop is hundreds of metres past your destination? How can you tell? And the simple answer is that you either need to ask someone else and trust their answer, or do an experiment and find out for yourself. Your next journey, if there is one, will be easy and certain. It’s during your first outing that you don’t know quite what to look for, and therefore when you are most likely to make a mistake.

Other common scams

Other common phone scams include:

  • Emailing you with an “receipt” for a fake transaction, such as a $79 Amazon charge you never made, but offering a “helpful” telephone support number you can call to disupte the “payment”.
  • Claiming to be from the tax office to discuss the “late payment” of the tax “penalty” in your latest “assessment”.
  • Pretending to be a police officer and reading out a list of “criminal charges” that could lead to your imminent arrest unless “fines” are swiftly paid.
  • Pressurising you into putting money in “high return” investment schemes, often backed by legitimate-looking but utterly bogus websites or mobile phone apps that simulate a healthy return.

Regular Naked Security readers know that these calls are just a pack of lies, so that although they’re a disruption and an annoyance, they’re not a direct danger.

But does your {child, grandparent, favourite aunt, cousin, not-so-technical friend} know they’re made-up garbage?

Perhaps not, if you look at Interpol’s latest report about cracking down on social engineering fraud.

Interpol’s definition of social engineering fraud is very much like our own, namely that it refers to “scams [that] manipulate or trick people into giving out confidential or personal information which can then be used for criminal financial gain.”

In a recent two-month global operation, dubbed First Light 2022, Interpol says that:

76 countries [took] part in an international clampdown on the organised crime groups behind telecommunications and social engineering scams. Police in participating countries raided national call centres suspected of telecommunications or scamming fraud, particularly telephone deception, romance scams, e-mail deception, and connected financial crime.

Although results are still coming in, Interpol claims that the operation has so far resulted in:

  • About 1770 locations raided worldwide.
  • About 3000 suspects identified.
  • About 2000 arrests of operators, fraudsters and money launderers.
  • About 4000 bank accounts frozen.
  • About $50,000,000 of illicit funds intercepted.

As Interpol notes, one of the scam back-stories used by these criminals is pretending to be from Interpol itself.

In some cases we’ve written up before, this sort of scam is sometimes used as a follow-up in order to rip off scared victims for a second time, by pretending to offer an “official” legal lifeline to recover some of the money they lost in the first part of the scam.

Of course, the reason that the “investigators” are so familiar with the details of how the scammers operated and how much the victim lost is not the result of good police work, but simply that the fake “police” are part of the same group that conducted the original scam.

What to do?

As Mark Rober’s video (see above) makes clear, busting 2000 suspected scammers and grabbing hold of $50m in ill-gotten gains is only a start.

Sadly, there are plenty more crooks where those 2000 came from, so:

  • Never be in a hurry to hand over personal information. Remember these two simple jingles: Stop. Think. Connect. And: If in doubt, don’t give it out!
  • Make sure your friends and family know where to look for genuine advice on how to spot scams. Don’t let them “learn” about scams by wandering into the hands (or onto the websites) of the scammers themselves.
  • If your friends or family warn you that you might be getting scammed, hear them out. Don’t let the scammers divide you from your loved ones as well as your money.

MORE ANTI-SCAM ADVICE FOR FRIENDS AND FAMILY

Products You May Like

Articles You May Like

GodLoader Malware Infects Thousands via Game Development Tools
Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels
New Bootkit “Bootkitty” Targets Linux Systems via UEFI
Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested
A Guide to Securing AI App Development: Join This Cybersecurity Webinar

Leave a Reply

Your email address will not be published. Required fields are marked *