Digital safety company, Sift, has identified a cyber-scheme that exploits restaurant and delivery services via the Telegram messaging platform, according to a news release.
Cyber-criminals have been using Telegram forums, like the so-called “Fraud Market,” to promote the purchase of food and beverage orders at heavily discounted (60% to 75% off) rates. Diners who want to take part in the scheme must message the soliciter with screenshots of their delivery service shopping carts, along with the delivery address used to place their orders.
Those soliciting such purchases direct-message the diner to buy the items in the shopping cart for a fraction of the actual cost. Then, when the cyber-criminal accepts the order, the diner pays them in cryptocurrency via PayPal, Venmo or Cash App. Finally, the cyber-criminal behind the scheme either creates a new account and uses stolen credit card details or uses a hacked account with stored value to buy the meal and get it delivered to the diner. Ultimately, restaurant operators are the ultimate victims of the scheme.
Sift said such “fraud marketplaces” on messaging apps comes as food and beverage delivery apps have seen notable increases in attempted payment fraud. In fact, according to data from the Sift global network of more than 34,000 apps and sites, fraud rates among restaurant apps and food delivery services increased 14% from the third to fourth quarter of last year.
When consumers notice their credit cards have been stolen and used for unapproved transactions, merchants not only must refund the consumer and lose the item but also face fines from their payment processors. Sift said that when new scams like these take hold, fraudsters quickly strike in order to steal from merchants before they are able to react and prevent these attacks.
Not only has the pandemic increased delivery service and app use, many restaurant operators have had to quickly shift their payment operations to cater to the out-of-store customer. For an idea of how greatly things are changing, Statista relayed that the number of smartphone food delivery app users alone has increased from 36.4 million users in 2019 to 45.6 million users in 2020.
“The Dark Web can be difficult to access and with frequent marketplace shutdowns by law enforcement, bad actors are looking for new places to commit crime,” Brittany Allen, Sift trust and safety architect, said in the release. “End-to-end encrypted messaging platforms like Telegram are attractive options as they are more accessible and it is easier to go undetected when committing low-level fraud. While merchants may not be able to prevent fraudsters from marketing their services in messaging apps, they can protect themselves at the point of attack by adopting a Digital Trust & Safety strategy, which prevents fraud while reducing friction for legitimate customers.”
— to www.fastcasual.com