Researchers from WeLiveSecurity delve into the tactics and modus operandi of the Neanderthals involved in the operation related to Telekopye scam. Drawing insights from the source code of the bot, conversations from infiltrated scamming groups, and internal documentation, the study sheds light on the recruitment process, types of scams perpetrated (Seller, Buyer, and Refund scenarios), and the Neanderthals’ meticulous preparation and market research.
The research also explores the communication strategies, web scraping techniques, anonymity measures, and the use of cryptocurrencies employed by the scammers to carry out online marketplace scams successfully. The study reveals that Telekopye groups recruit new members through advertisements in various channels, including underground forums, and highlights the Neanderthals’ careful selection of targets based on demographics, experience, and location.
It provides a detailed account of the Seller and Buyer scam scenarios, where Neanderthals pose as sellers or buyers to lure victims into phishing websites, stealing sensitive information. Additionally, the analysis touches upon the Refund scam, where scammers exploit situations to send phishing emails and attempt a second scam. The report outlines the scammers’ communication techniques, strategies for avoiding detection, and their use of language translation tools to target Mammoths (potential victims) internationally. The study concludes with insights from an interview with a Telekopye administrator, offering a unique perspective on the scammers’ mindset and future outlook.
Reference:
