The "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.
Like a ransomware-as-a-service operation, this Telegram-based operation recruits affiliates who use the service's phishing kits to create fake ads and pages to steal money, credit card information, and, more recently, banking credentials.
The developers then split any proceeds with the affiliate, with the devs receiving 20-30% of the revenue and the affiliate receiving the rest.
The criminal platform was first discovered by Group-IB in 2019, with the
researchers reporting it grew quickly, used by 40 cybercrime gangs that made $6.5 million throughout 2020.
In 2021, Classiscam's operational scale
grew further to include 90 Telegram channels selling the scam kits, 38,000 registered members, and an estimated total damage of $29 million.
Group-IB has published new information on the operation today, reporting that Classiscam has made $64.5 million in combined earnings from scamming users of classifieds sites and stealing their money and payment card details.
The number of targeted brands has also grown from 169 brands last year to 251 this year, and there are now 393 criminal gangs targeting users in 79 countries, coordinating in one of the operation's 1,366 Telegram channels.
