A new worldwide spoofing campaign has been discovered, and it is thought to have extorted over $100 million from its victims already.
Researchers at security firm CloudSEK say the scam involves the impersonation of over a thousand companies, and is affecting over 100,000 people across more than 50 countries.
They also say that the threat actors behind the campaign are highly skilled and have created over 6,000 fake websites that impersonate popular brands, and hundreds of WhatsApp and Telegram handles have been employed to lure victims.
Dubbed Webwyrm, the researchers note that the campaign has likely been active since late 2022, but gathered momentum early this year as the threat actors evolved their tactics.
The impersonated brands span over 10 industries, with the threat actors offering fake job roles to unsuspecting victims via social media, especially encrypted messaging service WhatsApp. CloudSEK's report also suggests that the threat actors may be "leveraging data from recruitment portals to tailor their schemes."
The fake employment offer typically offers a salary of between $1200-$1500 on average, with commissions based on how much ""work" the victim does. The job is to complete between 2-3 sets of tasks per day, with 40 tasks per set.
Once the task is complete, the money will be taken from the victim's account and then redeposited along with the commission. The money is deposited in cryptocurrency exchange platforms and converted into USDT, a stablecoin pegged to the US dollar.
The victim is told to create an account on a fake website impersonating a well-known brand. There are also combo tasks, which require double the investment from the victim and have to be completed in streaks, otherwise the victim cannot withdraw their pay.
But the streak never completes, and victims invest more and more in a vain attempt to complete it. Eventually, the threat actors freeze them out of their account. But in an effort to convince victims that its not a scam, they are directed to group chats where other "workers" post about how much money they have made.
The types of companies that are impersonated include digital marketing and advertising services. Most of the impersonated companies are US based, with Indian, UK and Singapore firms also being popular choices.
MORE FROM TECHRADAR PRO
- If you're actually looking for work, these are the best job sites around
- Downturn means uptick in online scams for job seekers
- Watch out - that dream job offer could be a malware scam
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers.
His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.
He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.