Payment fraud has evolved into a sophisticated network of actors, leveraging the trust of individuals to exploit their personal and banking data. The intricate web of fraud comprises not only hackers but individuals purchasing pre-stolen banking data from 'spammers.' The scam begins with spammers acquiring thousands of phone numbers through encrypted messaging platforms like Telegram.
Spam SMS and Counterfeit Websites
Spammers verify these numbers using specialized software before sending mass spam SMS containing fake links. These links, under the guise of an undelivered package, a Netflix subscription renewal, or an outstanding fine, lead victims to counterfeit websites where they're deceived into providing their personal information, including credit card numbers. One prevalent scam involves fake fines, with the national agency's site for settling fines being one of the most imitated.
Data Collection and Sale
Once the data is collected, spammers do not use it themselves; they sell it on encrypted messaging platforms. Card data prices range from 15 to 50 euros, depending on the type of card data. The buyers of this data, known as 'wholesalers,' purchase card numbers in bulk. They then distribute them to fake bank advisors, known as 'alloteurs.'
Wholesalers and Alloteurs
The alloteurs, armed with the purchased data, commit the actual fraud. These wholesalers earn commissions from the subsequent misappropriated funds. This elaborate scheme of fraud consists of a complex network of actors, each playing their part in deceiving individuals and obtaining their personal and banking data, demonstrating the intricate and alarming evolution of payment fraud.