Czech citizens have suffered substantial financial losses, amounting to hundreds of millions of crowns, due to a surge in online bazaar fraud. This concerning information was disclosed by both Eset, a cybersecurity company, and representatives of the Czech police. The orchestrators of these fraudulent activities, frequently originating from Russia, Uzbekistan, or Ukraine, have adopted a streamlined approach facilitated by a tool that enables swift scam creation.
Eset has identified the Czech Republic as a current focal point for these fraudulent endeavors, with online shopping platforms like Sbazar, eBay, and BlaBlaCar becoming prime targets. Moreover, analogous scams are occurring on other virtual marketplaces and platforms such as Vinted, Facebook Marketplace, and Bazoš.
Radek Jizba, an expert within Eset’s Prague research team, clarified that the attackers have congregated in Telegram communication channels, utilizing a tool named “Telekopi” – an amalgamation of “Telegram” and “spear.” This tool, known for its user-friendliness, empowers even less technologically savvy perpetrators to construct phishing sites utilizing pre-established templates. It also facilitates the generation of counterfeit QR codes, fake screenshots, and the dispatch of deceptive emails and SMS messages.
Ondrej Kapra, Advisor of the Economic Crimes Unit at the Presidium Police, underscored the escalation of cybercrimes over recent years. In July alone, fraud instances surged by 11%.
Kapra noted a trend towards more organized attacks, featuring call centers or shared workplaces as integral components. Criminals now follow pre-structured scripts that are constantly refined, with each attacker assuming a specialized role within a hierarchical framework.
The perpetrators deploy various tactics to exploit victims. One method involves the scammer posting an advertisement for a product on an online bazaar, prompting interested parties to initiate contact. Subsequently, the fraudster sends victims fraudulent links via SMS or email, directing them to counterfeit websites for payment. Once personal details are entered, the attackers abscond with the funds intended for the goods. In another approach, criminals attempt to ascertain victims’ bank account balances, subsequently pilfering the corresponding amounts. Lastly, scammers engage with sellers on bazaars, feigning interest in goods. Upon reaching an agreement, they request advance payments under the pretense of potential non-delivery or damage to the package.
The criminals display meticulous victim selection, targeting individuals offering goods worth up to 5000 CZK or possessing at least 7,000 CZK on their cards. They leverage information from prior conversations and use a database of translated phrases to maintain a natural discourse, often in Russian.
To appear authentic, attackers deliberately delay responses, mirroring regular people who are not always readily available to reply. If any suspicion arises during conversations, victims are swiftly dismissed.
The second fraud model is predominantly aimed at newcomers and infrequent sellers with active listings. Those who have recently conducted transactions and possess familiarity with platform operations are generally avoided. The success rate of these frauds for these groups is approximately 20%.
Experts advise precautions such as prioritizing face-to-face transactions, identifying fraudulent texts through errors, verifying linked websites for inaccuracies, and remaining cautious of unfamiliar delivery or payment services. The cardinal rule is to avoid sharing sensitive data and exclusively employ recognized payment methods.
Cybercrime constitutes around 10% of police-handled cases. Last year, reported incidents doubled to 18,500 compared to the previous year. This trend has persisted into the current year, with authorities expecting cases to surpass 20,000. However, many individuals fail to report online fraud to the police, even after disclosing confidential payment details or realizing financial losses.
Sources: ct24.ceskatelevize.cz