“I talk to my bank. They have all my information: my marital status, my email, my phone number, my address. What reason do I have not to trust them?” Mathieu Barbé, lawyer for victims of payment fraud, thus summarizes the trap into which certain people fall whose personal data, but also banking data, end up in the hands of criminals. But these scams are the result of a very complex network in which several actors with well-defined roles intervene.
The lawyer for the scammers who pose as banking advisors, Martin Vette, points out that they are not computer scientists: “They are not hackers, they are not computer hackers. They are not the ones who are going to recover the victims’ bank details and then defraud them. “. . They gave them turnkey bank details in exchange for money. “Then it was their turn to use them to run scams to ‘help themselves,’ but they weren’t the ones who went and hacked this data.”
Spam with a fake link as a starting point
As the lawyer mentions, “spammers” first buy thousands of phone numbers on encrypted messaging platforms like Telegram. They also have software to ensure these numbers always work. Then, these “spammers” massively send SMS messages containing a fake link that refers to a package that was never requested, invites you to renew a Netflix subscription or even pay a fine. In short, spam that encourages the victim to provide personal information, especially their bank details.
To maximize the chances of victims falling into the trap, fake links lead to perfectly imitated sites where the recipient is invited to fill out a form in the hope of paying a bill or subscription – in reality, they voluntarily provide personal information. . including your bank card number. According to a hacker interviewed in this episode of Ligne Rouge dedicated to payment fraud, fake fines are one of the most popular scams. Thus, the site of the national agency intended to settle fines is one of the most falsified and hundreds of almost perfect fake sites have been identified.
Bank details resold for between 15 and 50 euros
Once valuable data is recovered, spammers do not exploit it themselves, but rather put it up for sale, always on encrypted messaging platforms such as Telegram. “For a normal Electron card it costs about fifteen euros. A normal one costs 20, a gold one 30 and I think there is still a card above it, a little more expensive, 50 euros,” explains a hacker. Sellers even tend to distribute information samples to attract potential buyers.
Their customers are called “wholesalers.” It is the latter who buy the different card numbers before distributing them among the different fake bank advisors, also nicknamed “allotors”, all in exchange for a commission on the sums subsequently diverted.
Source: BFM TV
