The Pakistan Telecommunication Authority (PTA) has issued a comprehensive cybersecurity alert against a group of cybercriminals operating under the alias “Neanderthals.”
The alert highlights the use of the Telekopye Telegram Bot, a tool employed by the group to orchestrate elaborate phishing scams on an alarming scale.
The Neanderthals, as they are dubbed, have been employing the malicious Telegram bot to craft sophisticated phishing websites, emails, and SMS messages. The PTA’s alert details the various tactics employed by this group of cybercriminals, who recruit members referred to as “Mammoths” to execute scams categorized as seller, buyer, or refund scenarios.
In the seller scam, Neanderthals pose as sellers, cleverly deceiving Mammoths into purchasing non-existent items. Conversely, in buyer scams, they assume the role of buyers to extract sensitive financial information from unsuspecting merchants. Additionally, refund scams involve tricking Mammoths into a second fraudulent transaction under the guise of offering a refund.
The PTA, through thorough investigation, has linked the Telekopye activity to Classiscam, a scam-as-a-service program that has amassed a staggering $64.5 million in illicit profits since 2019.
The Neanderthals demonstrate a high level of sophistication, utilizing web scrapers, market research, and exploring real estate scams to optimize their phishing schemes.
Recognizing the gravity of the situation, the PTA has urged users, government officials, and institutions to remain vigilant and take necessary protective measures against falling victim to these scams. The cybercriminals, who employ anonymity tools such as VPNs, proxies, and TOR, have demonstrated a willingness to utilize advanced techniques to deceive and defraud unsuspecting individuals.