A Declassified Look Inside the Dark Economy of Cybercrime
A Declassified Look Inside the Dark Economy of Cybercrime
As special guest Jim Browning noted, “If there are people willing to attack you, your systems, and your business, the best way to defend yourself is to understand how they do this, who they are, and how they’re working. If you understand all of that, you’re far better able to protect yourself.” 🚀
Cybercrime is a full-blown economy, with businesses, products, services, hierarchies, teams, and performance metrics. The people driving it are organized, methodical, and probably very rich. They’re all laser-focused on one goal: scamming for profit…at scale. 💰 There’s no clear line between traditional cybercrime and scams. Ransomware, phishing, business email compromise (BEC), and fake tech support calls–it’s all part of the same underground economy. And the organizations behind it are your hidden competition.
This is exactly how cybercrime scam centers run. These aren’t chaotic setups–they’re engineered operations, often hiding behind legitimate businesses to drive profit and stay off the radar. Hijacked CCTV footage captured the inner workings of their operations, including:
- A fake travel agency in India running a Microsoft tech support scam, pulling in over $3 million annually from fake virus pop-ups.
- Tech Harbor Services in Lahore, Pakistan, which tricked victims with cell phone “discounts” and used promo codes to hijack accounts.
- DK Business Patron in Delhi, functioning as Amazon resellers by day, tech support scammers by night.
- A number-spoofing operation buying phone numbers just one digit off real banks, capturing misdialed calls to collect personal info, and enrolling victims in subscription scams.
One group Jim exposed has over 300 employees and pulled in over $20 million a year. 📈
Sales operations revolve around the customer journey, even in cybercrime. Scammer agents in call centers split agents into roles. Some focus on conversion, convincing victims to send money, while others handle “retention,” reeling prior victims back in with promises to recover their losses. Attackers were among the first adopters of generative AI, and they’re moving fast. This includes fake AI-generated passports that look eerily similar to real ones, and deepfake Zoom calls with real-time face overlays that make scammers appear as someone else. If you’re worried about getting caught in a deepfake call, try this trick: ask them to hold up three fingers and see if the facial overlay holds up. Jim says, “Fighting AI with AI is always a good thing.” 🤖
Defenders are using AI, such as Daisy, an AI persona from UK carrier O2, which keeps scammers on the line as long as possible, wasting their time. For email scams, rescam.org lets you forward a scam email and keeps scammers occupied indefinitely. Understanding these operations makes you more resilient, and we need to approach defense with knowledge, not fear.