A recent report by the Federal Bureau of Investigation (FBI) points to a Brazilian group operating a plan to defraud customers of digital platforms such as Uber, Lyft and DoorDash, among other companies. Authorities note that this gang would have used false IDs to create driver or delivery accounts on these platforms in order to sell them to people ineligible for the policies of these companies.
This fraud would also have involved the use of GPS counterfeiting technology for drivers to pretend to make longer trips and make more profit. Moreover, the Department of Justice (DOJ) mentions that this group would have started operations in 2019, increasing its operations after the pandemic paralyzed activities in many restaurants and supermarkets.
Hackers operated in states such as Massachusetts, Florida, California and Illinois, coordinating their activities through a WhatsApp group called “Mafia”. The FBI mentions that cybercriminals rented driver accounts weekly, charging up to $300 USD per week for shared taxi driver accounts and up to $150 USD for a food delivery account.
Researchers detected about 2,000 accounts registered by members of this fraudulent scheme. Authorities mention that criminals created these accounts using identity documents stolen from multiple sources, including dark web hacking forums. Hackers even got to take pictures of some clients’ IDs to create more fraudulent accounts.
The agents in charge of the investigation claim that the criminals earned hundreds of thousands of dollars through this scheme, collecting their profits into bank accounts under their control and periodically withdrawing small amounts of money so as not to attract the attention of the authorities.
Criminals also made thousands of dollars thanks to referral bonuses for new accounts. According to a screenshot posted on the group’s WhatsApp channel, one of the gang members earned $194,800 USD through DoorDash’s user referral system for 487 accounts they had on the platform.
So far the DOJ has filed charges against 19 Brazilian citizens, as well as announcing that six members of this fraudulent group remain fugitives. Last week, the DOJ announced a second wave of charges against five Brazilian citizens. Four were arrested and prosecuted in a San Diego court, while a fifth remains on the fugitive and is believed to reside in Brazil.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.