A new global spoofing campaign has been discovered, which has reportedly already extorted more than $100 million from victims.
Researchers at security company CloudSEK say the scam involves the impersonation of more than a thousand companies and affects more than 100,000 people in more than 50 countries.
They also say that the threat actors behind the campaign are highly skilled and have created more than 6,000 fake websites masquerading as popular brands, and hundreds of WhatsApp and Telegram handles have been used to lure victims.
Webwyrm
The researchers, called Webwyrm, note that the campaign has likely been active since late 2022, but gained momentum early this year as threat actors evolved their tactics.
The imitated brands span more than ten industries, with the threat actors offering fake features to unsuspecting victims via social media, most notably the encrypted messaging service WhatsApp. CloudSEK’s report also suggests that the threat actors may be “using data from recruitment portals to tailor their plans.”
The fake job offer typically offers a salary between $1,200 and $1,500 on average, with commissions based on how much “work” the victim does. The job consists of completing two to three sets of tasks per day, with 40 tasks per set. .
Once the task is completed, the money is withdrawn from the victim’s account and redeposited along with the commission. The funds are deposited on cryptocurrency exchange platforms and converted into USDT, a stablecoin pegged to the US dollar.
The victim is told to create an account on a fake website pretending to be a well-known brand. There are also combo tasks, which require double the victim’s investment and must be completed in series, otherwise the victim cannot withdraw their wages.
But the series is never completed and the victims become increasingly invested in a futile attempt to complete it. Ultimately, the threat actors freeze them out of their account. But in an attempt to convince victims that it is not a scam, they are directed to group chats where other ’employees’ post about how much money they have made.
The types of businesses being imitated include digital marketing and advertising services. Most of the companies imitated are US-based, while Indian, British and Singaporean companies are also popular choices.