Internet frauds easily like never before while blooming online crime markets

An expanding network of online crime market sites is making it easier than ever to become a professional fraudster, presenting unprecedented internet security threats worldwide, experts warn.

Cyber ​​criminals are often portrayed in popular media as deceitful and very capable individuals, using coding and hacking skills from a shiny room. But such stereotypes are becoming outdated.

“Looking at the 1990s again and in the early 2000s, you had to have a reasonable level of technical jurisdiction to attract these types of crimes,” CNBC the Nicholas Court, Assistant Director of Interpol Financial Crime, tells.

Today, obstacles to the entry have fallen “quite significantly,” the court said. For example, getting personal data, such as email addresses, and sending them massive spam messages – one of the oldest online fraud in the book – has never been easier.

Internet security experts say the change is due to advances in the technology of fraud and growth of organized internet markets, where expertise and sources of cybercrime are purchased and sold.

“The last decade or more has seen an evolution of criminals on fraudulent internet in groups and organized networks all of these are part of an underground flowering economy,” said Tony Burnside, Vice-President and head of Asia-Netskope, a cloud security company.

The direction of this trend has been the emergence of global underground markets offering “cyber crimes-as-a-service” or “caas”, through which sellers charge clients for different types of malicious tools and cyber crime services, he added.

Examples of CAAs include Ransomware and Happy tools, rental botnets, stolen data and anything else that can help criminals online in their illegal activities.

“The availability of these services certainly helps to enable more criminals online, allowing them to escalate and sophisticate their crime by reducing the technical expertise required,” Burnside said.

CAAS is often expected in markets on “Darknet” – part of the internet that uses encryption technology to protect the anonymity of users.

Examples include Abacus Market, Torzon Market and Styx, though higher markets often change as authorities close them and new ones emerge.

Burnside adds that criminal gangs operating CaAS services and markets have begun to function as “legitimate organizations in their structure and processes”.

Meanwhile, sellers for these illegal exchanges tend to accept payments only at Cryptocurrency in efforts to remain anonymous, unclear income and avoid detection.

Silk Road, a infamous dark online market that was closed by law enforcement in 2013, is recognized by many as one of the earliest large -scale Cryptocurrency applications.

Although the use of cryptocurrency in the cyber crime market can help darkening the identity of the participants, it can also make their activities more traceable in blockchain, according to chaninalization, a blocchain research firm that traces illegal crypt transactions.

According to chain data, while dinner markets remain a major factor in the global cyber crime ecosystem, more activity is passing through public internet and secure messages services like a telegram.

The largest of those chains-identified market sites is the Huiione guarantee-a platform associated with the Cambodian Conglomerate Huione Group-for which the firm says it acts as a “one-stop shop for almost any form of internet crime”.

Chinese platform operates as a market by colleagues where sellers offer chain services says they are linked to illegal activities such as money laundering and crypt -based fraud.

Sellers pay to advertise on Huiione’s website, often directing the stakeholders in private telegram groups. If a sale is made, Huione seems to act as a storage and intermediary for disputes to “guarantee” the exchange.

Chain data show that sellers in Huiione Guarantee have processed a $ 70 billion shocking transactions since 2021. Meanwhile, Elliptic, another Blockchain analytical firm, estimates that Huiione’s subjects have received at least $ 89 billion in cryptocros, making it “the largest market.

The platform advertises and directs potential buyers to the sellers groups in the telegram who offer everything, from fraud technology and money laundering to accompanying services and illegal goods.

Judging by the degree and volume of transactions in Huiione’s guarantee, it is likely to be used by numerous criminal groups organized, according to Andrew Fierman, head of national security intelligence in Chainlaysis.

However, he adds that many services do not cost much money, providing a low obstacle to access and point of access to the Internet crime for “anyone with internet links”.

According to the chain, individuals seeking to facilitate “romance” or investment frauds may be able to buy the necessary tools and services in Huione for just a few hundred dollars. Costs can reach thousands of dollars, depending on the level of complexity they are seeking to execute.

Investing or romance frauds include a fraud that builds a relationship with a victim through social media or meeting applications, aiming to unite them with money through a shameful investment opportunity.

A fraud that tries to attract this kind of fraud can buy Huiione guarantee for a portfolio of possible victim data, such as phone numbers; Old social media accounts that seem to be from real people; and software for manipulating the face and sound with him, who can be used by a deceiver to digitally disguise themselves.

Other sellers at the site provide services related to the creation of fake investment and gambling platforms. Fiermen says fraudsters often cheat victims to deposit money on such platforms.

In a denial on its website, the platform says it does not participate or understand specific businesses of its clients and is only responsible for guaranteeing payments between buyers and sellers, according to a CNBC translation of the Declaration into Chinese.

According to Fierman, Huiione guarantee activity seems to be focused on Cambodia and China, but there is evidence that other platforms are emerging.

While CaAS and online crime markets continue to grow, the technology offered and used by criminal retailers has also advanced, allowing more sophisticated scope fraud – with fewer efforts, experts say.

The deep videos created by him and the cloning of the voice are looking more and more true, with previously infected attacks now realistic thanks to him, according to Kim-Hock Leow, Director General of Asia Cybersecuance Wizlynx Group.

Last year, Hong Kong police reported that a finance worker at a multinational firm had been cheated to pay $ 25m for fraudsters using Deepfake technology to posing as the company’s leading financial officer in a video conference call.

“This would be completely impossible to withdraw only a few years ago, even for criminals with technical abilities, and now it is an attack applicable even to those without,” Burnside Netskopi added.

In the meantime, online security experts told CNBC that it could be used to improve phishing and social engineering frauds, helping to write more personalized and similar messages.

“Has the game of children made to create truly convincing email, audio notes, images or videos designed to deceive and deceive victims,” ​​Burnside said, mentioning that the dark variants of the legitimate generating tools continue to find their way in the dark markets.

Due to the global nature and anonymous of CAA and online market sellers, they are very difficult for the police, told CNBC online security experts, noting that markets that are often closed reappear under different names or are replaced.

For this reason, Interpol’s Nicholas Court says internet crime is not the type of activity “You can arrest your way to get out”.

“The volume of criminality is going so fast that it is actually more difficult for law enforcement to capture the same part of criminals online,” he said, adding that this requires a significant focus on preventing public awareness to warn of the rapid sophistication of his deception and tools.

“Almost everyone receives deceit messages these days. While once it was enough to tell people not to send money to someone who refuses to call video, that’s not enough.”

At the enterprise level, Wizlynx Group’s Leow says that while online criminals become more technology and AI-Savvy, so we need to online security protocols.

For example, it can be used to help automate security systems at the enterprise level, reducing the threshold for detecting and accelerating the response time, he added.

Meanwhile, new tools are emerging, such as “dark online monitoring”, which can trace cyber crime markets and underground forums for leaked or stolen data, including credentials, financial data and intellectual property.

It is “never easier” to commit crime online, so it is important to prioritize online security by investing in technological solutions and raising employee awareness, Leow said.