How does financial fraud work? A rare glimpse into a call-center that scams people

Alexandru_BD
Alexandru_BD admin
edited September 4 in Scam Busters

The cyber-crime landscape has rapidly evolved over the past two decades. Easy internet access, widespread smartphone use, advanced technologies, and human vulnerability have made it easier for cybercriminals to target victims globally. While initially centered on financial fraud and ransomware, cybercriminals are now increasingly focused on scams.

A recent article by Romanian investigations outlet Recorder reveals a chilling trend in online scams that leverage sophisticated technologies like deepfake advertisements, fake news publications and phone-control software, presenting a growing challenge for both individuals and authorities. This investigation sheds light on the intricacies of the organized cyber-crime ecosystem, and shows a rare glimpse into a call center dedicated to these illegal activities.

The New Reality of Online Scams: Deepfake Ads, Phone-Hacking Software, and a State Struggling to Respond

This investigation provides a rare look into how scammers target Romanian victims. Foreign organized crime groups now use advanced deepfake technology to create realistic ads that trick victims into signing up for rare investment opportunities. Once baited, the victims are carefully and expertly handled by a “consultant” who offers to do the complicated investment work for the victim. In fact, the “consultant” will guide the victim to installing software that can access personal data on the victim's phone or computer, including banking information, passwords, and personal messages.

One striking aspect of this new wave of cybercrime is the state’s apparent inability to keep up. While cybercriminals are becoming increasingly sophisticated, the response from governmental bodies seems sluggish and ineffective. This gap in capability is not just a local issue but a global one, reflecting a broader trend where the agility of cybercriminals outpaces the often bureaucratic and slow-moving responses of state agencies. But probably the most important revelation is how well-equipped these cyber-criminals are.

The Organized Cyber-Crime Ecosystem

What is perhaps most alarming about this new era of online scams is the high level of organization behind these operations. The cyber-crime ecosystem is not a loose network of opportunistic criminals; it is a well-oiled machine that mirrors legitimate business structures in its efficiency and effectiveness.

At the heart of this ecosystem are call centers—operations that resemble legitimate customer service hubs but are dedicated entirely to scamming activities. These call centers are often staffed by dozens, if not hundreds, of employees who are trained to manipulate and deceive victims. These individuals follow carefully crafted scripts designed to extract the maximum amount of money or information from their targets.

For example, once a victim has been hooked by a deepfake ad and is signed up to learn more, they may receive a phone call from a seemingly legitimate company representative. This person, often speaking English or the victim’s native language, will guide them through a series of steps that ultimately lead to the theft of their money or data. The level of professionalism in these interactions can be disarming, making it difficult for even the most cautious individuals to realize they are being scammed.

The Operations of Cyber-Crime Call Centers

The operations within these call centers are highly organized. Employees are given specific roles, from initial contact with the victim to follow-up calls designed to close the "sale" or scam. They work in shifts to ensure that the operation runs 24/7, targeting victims in different time zones around the world.

These call centers often employ technical support agents who can remotely access a victim's device under the guise of helping them get into business. Once they have access, they can control the e-banking app, as well as the mobile phone responsible for receiving one-time authorization codes.

The Story of Victor, a Call Center Scammer

Victor was a 28-year-old graduate struggling to find a stable job in his hometown in the Republic of Moldova. After months of searching, he finally landed a position that promised a good salary with flexible hours. The job was in a call center, but this wasn't your typical customer service gig. Victor quickly realized that the company he was supposed to work for was part of a highly organized cyber-crime network, and his role was to scam unsuspecting victims.

What surprised Victor most was the unusual hiring process. After passing through the standard interview stages, he was subjected to a lie detector test. The test wasn’t designed to uncover any criminal intent but rather to protect the organization from infiltrated law enforcement officers. He passed the test, securing the job and sealing his entry into the world of cybercrime.

A Global Issue with Local Implications

While the Recorder article focuses on Romania, it’s clear that this is a global issue. The techniques and technologies being used by cybercriminals are not bound by geography. The deepfake ads and device remote access software described in the article are being used worldwide, and the call centers running these scams can operate from virtually anywhere with an internet connection.

The challenge for governments and law enforcement agencies is immense. The decentralized nature of these cyber-crime networks means that taking down one operation does little to stem the overall tide. Moreover, the international aspect of these crimes complicates legal and jurisdictional efforts to prosecute offenders.

Until then, it’s every person for themselves

One key takeaway when dealing with scams is that you have to be always careful how you repspond to contact requests coming from unknow people. Be wary of unsolicited calls or messages, especially those asking for personal information or payment data. Look out for tell-tale signs of a scam, such as pressure to act quickly, requests for unusual payment methods like gift cards or cryptocurrency, or inconsistencies in the communication.

Always verify the identity of the person or organization contacting you, and never click on links or download attachments from unknown sources. And remember, if something sounds too good to be true, it probably is.

Has anyone in the community ever encountered call center scams? I'm curious to know if you've had any experiences with these types of scams or if you know someone who has fallen victim to them. Any insights or stories would be helpful as we are trying to learn more about how these scams work and how people are affected by them, so we can raise awareness and help the community recognize them.

Premium Security & Bitdefender Endpoint Security Tools user

Comments

  • TaxiMagicien42
    TaxiMagicien42 ✭✭✭✭✭

    Hello @Alexandru_BD

    Thank you for sharing this "scary" but highly informative article.

    In the past, I have received calls (on landlines) from fake call centres. When I see that the calling number, if it is visible, is an unknown number, I always distrust and hang up the handset without answering. I do the same when the calling number is hidden.
    On my smartphone, the control is easier since we can block the number or the unknown call. Anyway, I apply the same practice on my smartphone.

    Regards,

    Windows 11 Famille 23H2

    AMD Ryzen 5 5600X 3.70 GHz

    Bitdefender Premium Security Plus