Cybercriminals Target UK Universal Credit Program to Carry Out Scams

In a recent blog, we discussed how cybercriminals are carrying out Pandemic Unemployment Assistance (PUA) scams using OSINT (Open Source Intelligence) and different offering on the dark web, from phone scam centers to leaked credentials databases up for sale. PUA is the United States’ federal aid for workers who have lost their jobs or been furloughed during the COVID-19 pandemic.

Cybercriminals have followed Winston Churchill’s advice to “never let a good crisis go to waste.” Threat actors have been scamming the US government using synthetic IDs and taking advantage of the lax unemployment validation process.

But the US is not the only country targeted by unemployment scams. IntSights researcher Alon Grosglik has identified multiple cybercriminals offering scamming lessons and tutorials for executing Universal Credit (UC) fraud. UC is a consolidation of several services offered by the UK government, from income support to child tax credits and more. It is estimated that over £1.5B has been lost due to UC fraud.

Scammers use similar techniques to the ones used in PUA fraud, but are also not hesitant to teach others how to do this (for a price, of course).

As seen in the image above, the UC fraud tutorial is the most expensive option on this list, which includes several large ecommerce sites.

In the image above, a scammer says they are willing to teach the UC scams to those who reach out to them over Telegram (more about that shortly).

This cybercriminal indicates that the COVID-19 situation has made scamming easier, as the entire process can be done over the phone.

In this Telegram channel a cybercriminal claims for a quick ROI on UC fraud. It is not surprising to see these discussions on Telegram channels, as cybercriminals have shifted to P2P communication apps for a more secure experience than chatting on the dark web.

As COVID-19 unemployment fraud spreads across various European countries like Germany, Switzerland, and France, individuals and companies should be aware of these type of scams and regularly check to see if their identity has been linked with a fraudulent claim. Being proactive in identifying threats that target your organization as they emerge is a critical component to effective cyber defense. Learn how automated continuous monitoring of your digital assets paired with manual threat hunting can help mitigate the risk of suffering a data breach or cyberattack by reading our ebook, Dark Web 201.

Download Your Copy

Stay up to Date!

Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.