“Looking back at the 1990s and early 2000s, we had to have a reasonable level of technical competence to elicit these types of crimes,” the Nicholas Court, assistant director of Interpol’s Center for Financial Crimes and Corruption, told CNBC.
Imajinima | E+ |Getty Images
Experts warn that the growing network of the cybercrime market poses unprecedented cybersecurity threats around the world, making it easier than ever to become a professional scammer.
Cybercriminals are often portrayed in popular media as fraudulent, highly skilled individuals, equipped with coding and hacking abilities from dimly lit rooms. However, such stereotypes have become obsolete.
“Looking back at the 1990s and early 2000s, we had to have a reasonable level of technical competence to elicit these types of crimes,” the Nicholas Court, assistant director of Interpol’s Center for Financial Crimes and Corruption, tells CNBC.
Today, entry barriers have been declining “very significantly,” the court said. For example, it’s easier to retrieve personal data such as email addresses and send spam messages, one of the oldest online scams in the book.
Cybersecurity experts say the changes are due to advances in fraud technology and the growth of an organized online marketplace where cybercrime expertise and resources are bought and sold.
The Growing Cybercrime Economy
“We’re committed to providing a range of services to help create a new, powerful and affordable environment,” said Tony Burnside, vice president and head of Asia-Pacific, a cloud security company.
To promote that trend is the emergence of a global underground market offering “cybercrime as a service as a cybercrime” or “CAA,” with vendors charging customers for various types of malicious tools and cybercrime services.
Examples of CAAs include ransomware and hacking tools, botnets for rent, stolen data, and potentially supporting cybercriminals in illegal activities.
“The availability of these services certainly helps to enable more cybercriminals, allowing them to scale up and refine their crimes while reducing the technical expertise they need,” Burnside said.
CAAS is often hosted in the “Darknet” market. This is part of the Internet that uses encryption technology to protect users’ anonymity.
Examples include Abacus Market, Torzon Market and Styx, but top markets often change as authorities close them and new ones emerge.
Burnside adds that the crime gangs running CAAS services and markets have begun to operate like “a legal organization of structures and processes.”
On the other hand, vendors of these illegal exchanges tend to remain anonymous, to maintain obscure revenue and to avoid detection, only accept payments in cryptocurrency.
The Silk Road, the infamous dark web marketplace that was shut down by law enforcement in 2013, is recognized by many as one of the earliest large-scale applications of cryptocurrency.
Darknets appear from the shadows
The use of cryptocurrency in the cybercrime market may help blur participants’ identity, but it can also make activity on the blockchain more traceable, according to Chainalysis, a blockchain research firm that tracks illegal crypto transactions.
According to data from chain analysis, the DarkNet market remains a major factor in the global cybercrime ecosystem, but more activities have moved to the public internet, making messaging services like Telegram secure.
The largest market identified by chain melting is guaranteed by Huione, a platform belonging to the Cambodian conglomerate Huione Group. The company says it is acting as a “one-stop shop for almost all forms of cybercrime.”
The Chinese platform acts as a peer-to-peer marketplace where vendors serve. The chain analysis says it is linked to illegal activities such as money laundering and crypto-based fraud.
Vendors pay to promote on Huione’s website, often pointing stakeholders to private telegram groups. If a sale is made, Huione will act as an escrow and appear to compete for mediation to “guaranteed” the exchange.
Chain melting data shows that Huione Guaranteed vendors have processed an astounding $70 billion in crypto transactions since 2021. Meanwhile, Elliptic, another blockchain analytics company, estimates that the Huione Group entity has received more than $89 billion in Crypto Assets.
The platform advertises and directs potential buyers to Telegram’s vendor groups that provide everything from fraudulent technology and money laundering to escort services and illegal products.
Judging by the size and volume of Huione Guarantee transactions, it could be leveraged by a number of organized criminal groups, according to Andrew Fierman, director of national security information at Chaenlaysis.
However, he adds that many services are less expensive and provide low barriers to cybercrime admission and access points for “people with internet connections.”
According to Chain Orisis, individuals seeking to promote “romance” or investment fraud may be able to purchase the tools and services they need at Huon for hundreds of dollars. The cost can reach thousands of dollars, depending on the level of complexity you are trying to implement.
Investment and romance scams include scammers who build relationships with victims via social media and dating apps, and intend to pay through fake investment opportunities.
Scammers who try to stop this type of fraud may shop for a Huione guarantee for a portfolio of potential victim data, such as phone numbers. Old social media accounts that appear to be from real people. AI-powered facial and voice control software can be used by fraudsters to digitally disguise.
Other vendors on the site provide services related to fake investments and creating gambling platforms. Fiermen says scammers often deceive victims and deposit their money on such platforms.
According to CNBC translation of the Chinese statement, the disclaimer on its website states that the platform does not participate or understand the customer’s specific business and is solely responsible for ensuring payments between the buyer and seller.
According to Fierman, Huione Assurance activities appear to be concentrated in Cambodia and China, but there is evidence that other platforms are emerging.
“Children’s play”
As CAAS and the cybercrime market continue to grow, the technologies provided and utilized by criminal vendors are also advancing, enabling more refined fraud with less effort, experts say.
According to Kim-Hock Leow, Asian CEO of cybersecurity firm Wizlynx Group, Deepfake video and audio cloning generated by AI look more and more realistic.
Last year, Hong Kong police reported that financial workers at multinational companies were tricked into paying fraudsters $25 million using deep fake sexology to possibly possibly as the company’s chief financial officer in a video conference call.
“This would have been totally impossible, even for criminals with technical skills a few years ago. Now it’s a viable attack for those who don’t have it,” added Netskope’s Burnside.
Meanwhile, cybersecurity experts told CNBC that it will use AI tools to help enhance phishing and social engineering fraud and write more personalized, human-like messages.
“It became a child’s play to create truly persuasive fake emails, audio notes, images or videos designed to fraud and trick victims of fraud and tricks,” he said, as dark variations of legal generative AI tools continue to find their way into a dark market.
Preventive efforts
The global anonymous nature of CAAS vendors and the cybercrime market makes police extremely difficult, cybersecurity experts told CNBC, saying that closed markets often resurface or are being swapped under different names.
So, Interpol’s Nicholas Court says cybercrime is not the type of activity that “you can get out of your path”;
“It’s actually hard for law enforcement to catch the same percentage of cybercriminals because the amount of crime has risen so quickly,” he said, adding that this has a major focus on prevention and public awareness campaigns warning about fraud and rapid refinement of AI tools.
“Nearly everybody has been getting scam messages these days. Previously, it was enough to tell people not to send money to people who refuse to call video, but that’s not enough anymore.”
At the enterprise level, Wizlynx Group’s Leow says that as cybercriminals become more technical and AI-savvy, so should the company’s cybersecurity protocols.
For example, AI tools can be used to automate security systems at the enterprise level, lower detection thresholds and accelerate response times, he added.
Meanwhile, new tools such as Dark Web Monitoring have emerged that allow you to track the Cybercrime market and underground forums of leaked or stolen data such as qualifications, financial data, intellectual property.
Since committing cybercrime was “never easy,” Leow said, it’s important to prioritize cybersecurity by investing in technology solutions and raising awareness among employees.
