Summary: A report from Group-IB details a sophisticated social engineering scam in the Middle East that exploits government portals and remote access software to steal sensitive data and money from consumers. The scheme primarily targets individuals seeking refunds for unsatisfactory goods or services, leading to significant financial losses.
Threat Actor: Fraudsters | Fraudsters
Victim: Consumers | Consumers
Key Point :
- The scam involves impersonating government officials to gain trust and solicit sensitive information.
- Victims are tricked into installing remote access tools like AnyDesk, allowing scammers to exploit their devices.
- RedLine Stealer malware is used to extract sensitive data from infected devices.
- The average financial loss per transaction is approximately US$1,300, with some victims losing over $5,000.
- The scam predominantly targets female consumers with limited technical expertise.
- Group-IB recommends enhancing security measures for government portals and educating consumers on the risks.
Source: https://securityonline.info/fraudsters-exploit-trust-with-fake-refund-schemes-in-the-middle-east/