A group of imposters operating out of a Ukrainian call center defrauded thousands of victims while pretending to be IT security employees at their banks.
They contacted the victims, claimed that their bank accounts had been accessed by attackers, and requested financial information claiming it was needed to prevent fraud but, instead, emptied their bank accounts.
The scheme was uncovered by the Cyber Police Department, the Main Investigative Department of the National Police, the Prosecutor General's Office, and law enforcement officers in Kazakhstan.
Investigators found that 37 operators working out of a call center established by three Dnipro residents called Kazakhstan citizens while pretending to be IT security employees at their banks.
They informed citizens of suspicious transactions and reassured them that threat actors had accessed their accounts, persuading them to provide financial information under the guise of reverting the transactions.
After obtaining this information, the perpetrators transferred the victims' money to accounts under their control, issued quick loans, and sent the loan amounts to their accounts.
The scammers used offshore bank accounts and cryptocurrency wallets to collect the money resulting from their scheme and, according to the investigators' estimations, defrauded approximately 18,000 citizens of the Republic of Kazakhstan of a yet unknown amount of money.
