Classiscam fraud-as-a-service expands, now targets banks and 251 brands


Level 75
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.

Like a ransomware-as-a-service operation, this Telegram-based operation recruits affiliates who use the service's phishing kits to create fake ads and pages to steal money, credit card information, and, more recently, banking credentials.

The developers then split any proceeds with the affiliate, with the devs receiving 20-30% of the revenue and the affiliate receiving the rest.

The criminal platform was first discovered by Group-IB in 2019, with the researchers reporting it grew quickly, used by 40 cybercrime gangs that made $6.5 million throughout 2020.

In 2021, Classiscam's operational scale grew further to include 90 Telegram channels selling the scam kits, 38,000 registered members, and an estimated total damage of $29 million.

Group-IB has published new information on the operation today, reporting that Classiscam has made $64.5 million in combined earnings from scamming users of classifieds sites and stealing their money and payment card details.

The number of targeted brands has also grown from 169 brands last year to 251 this year, and there are now 393 criminal gangs targeting users in 79 countries, coordinating in one of the operation's 1,366 Telegram channels.
Users of classified sites can protect themselves from these scams by never accepting to communicate outside the site's messaging system, avoiding wiring money to sellers, treating extremely low prices as red flags, and using only secure payment methods that offer fraud protection.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.