The Rise of Online Scams: Telekopye Expands Operation to Accommodation Booking Platforms
As online marketplaces continue to grow in popularity, so do the threats posed by fraudsters looking to exploit unsuspecting users. ESET researchers have uncovered a sophisticated scam network utilizing Telekopye, a toolkit discovered in 2023, to target users on popular accommodation booking platforms.
Evolution of Telekopye Operations
In our previous blog series on Telekopye, we delved into the technical and organizational aspects of this scam toolkit. In this latest update, we explore how scammer groups have expanded their reach to target users of Booking.com and Airbnb, among others. Our research sheds light on their strategies to optimize operations and increase financial gains.
Presenting our latest findings at the Virus Bulletin conference in October 2024, we highlight the growing threat posed by these scams and offer insights on how users can protect themselves.
Key Points:
- Telekopye scams now target users of popular accommodation booking platforms.
- Scammers are utilizing compromised accounts of legitimate hotels to lure victims.
- These scams peak during peak travel seasons, surpassing marketplace scams in some regions.
Telekopye: A Closer Look
Telekopye operates as a Telegram bot, enabling scam groups to carry out organized fraudulent activities with ease. With a clear hierarchy, defined roles, and commission payouts, these scammer groups have turned online scams into a lucrative business. Targeting a wide range of online services, including popular platforms like OLX and eBay, Telekopye poses a significant threat to users worldwide.
Expanding to Accommodation Booking Platforms
In 2024, Telekopye groups have extended their scams to target users of accommodation booking platforms like Booking.com and Airbnb. By impersonating legitimate hotels and utilizing compromised accounts, scammers create convincing scenarios to trick users into divulging payment card information. The uptick in these scams during the summer holiday season underscores the need for vigilance among users.
With advanced features like automated phishing page generation and interactive chatbots, scammers are constantly evolving their tactics to evade detection and maximize profits. Anti-DDoS measures are also employed to protect their operations from disruptions by rival groups.
Law Enforcement Operations
In a major breakthrough, Czech and Ukrainian authorities carried out raids on Telekopye scam groups, leading to the arrest of key players and the dismantling of several operations. The arrests shed light on the recruitment practices of these groups, revealing the dark underbelly of cybercrime operations.
Protecting Against Telekopye Scams
To safeguard against Telekopye scams, users are advised to exercise caution on online platforms and use reputable antimalware solutions. Key precautions include verifying the legitimacy of sellers/buyers, using secure interfaces, and avoiding suspicious links or forms.
Recommendations:
- Verify the legitimacy of sellers/buyers on online platforms.
- Avoid sharing sensitive information on suspicious websites.
- Use secure interfaces for transactions and avoid external links for payments.
- Report any suspicious activity to platform authorities.
As Telekopye scams continue to evolve, staying informed and vigilant is essential to protect against online fraud. By following these guidelines and staying alert, users can mitigate the risks posed by scammers operating on online marketplaces and accommodation booking platforms.
For more information on our research, contact us at threatintel@eset.com or visit the ESET Threat Intelligence page.
Stay Safe Online
By staying informed and following best practices for online security, users can protect themselves against the growing threat of Telekopye scams. Remember to exercise caution, verify the legitimacy of sellers/buyers, and report any suspicious activity to platform authorities. Stay safe and stay vigilant!