Disclaimer for Mods:
This post is based on publicly available research, similar to what you might see shared by security researchers on social media. It is not intended to encourage or enable criminal activity, but to explain how illegal actions are carried out so that we can better protect ourselves. If you decide the post should be removed, please let me know which specific parts are problematic so I can edit or remove that content.
THREAD SONG:
I'll continue explaining why people commit cybercrime, how much of a failure and incompetent law enforcement is when it comes to cybercrime, and the motivations and reasons people join it despite it not having the thrill like some gang misfits.
Cybercrime is pretty safe and feasible, not some "forever ending in getting caught" thing that mainstream media tells you.
If I had to explain it with an analogy, think of local police in some shithole country with a broken law system and mafias roaming the streets, raping and killing whoever they like.
It's because local law enforcement is bribed and threatened by them; they lack force, weapons, and training compared to mafias; and the law/court system doesn't work because of the criminals' political connections. Also, the law's evidence is negligible with unregistered guns, etc., and there are lots of scapegoats and false witnesses to make it impossible.
Local police can't do much because they can't get authorized backup force and are just incapable and weak to do anything.
Now, cybercrime puts even the FBI in that sort of position. It's so hard to trace cybercrime, with no guarantee of success, and way too expensive, because of tools like encryption, private blockchains, and proxies accessible to the general public, with safe-haven countries hosting those proxy servers.
You might see some YouTubers or podcasts LARPing about how they can do this and that, but in reality, they can't catch a majority of proper cybercrime groups, they just catch fools. Usually in Scammer Payback, you see the lowest-level third-worlder retards who didn't even plan to commit cybercrime but were just tricked into joining a cybercrime group with some third-world typical office worker salary. By the time they realize they're committing crime by spamming templates, it's too late, and they just keep going because unemployment is a problem in such countries.
The top guys don't even get caught; it's just the rented building that gets seized and some low-level workers who get screwed or saved with bribes.
This untraceability of cybercriminals is possible in many ways, but I'll go on with an example of a social engineering crime group and why it's not possible for them to get caught.
In a proper strong cybercrime group, where usually it's just some normal guy being recruited into a proper cybercrime group, people know they're getting into crime.
The motivation for them getting into it is basically a 90 IQ average Joe spamming templates and getting tens of thousands of dollars in income per month; equivalent to an Ivy League graduate corporate software engineer, with even less effort than the high-IQ software engineer.
The smarter ones (120+ IQ) with dedication to learn can ascend after a few months of this job, with networking and social engineering familiarity/training, into earning millions of dollars per year, and it's realistically the norm, not the exception.
The entry barrier is nonexistent despite being apathetic. Basically, less than $50 worth of crypto, provided you at least have a mobile/PC and internet connection.
These people just by luck find some mentor and then get the resources they need to go with it, with 0 tech knowledge
now with example:
What they'll Need to Get Started:
• A purchased account for your chosen marketplace (e.g., Facebook, Vinted, or Kleinanzeigen).
These are compromised accounts mass hacked by some hackers and then sold on darknet markets for a few dollars each.
• A reliable, high-quality proxy (ideally SOCKS5 for better anonymity).
• An anti-detect browser such as AdsPower, GoLogin, or Dolphin Anty.
If they’re unsure where to obtain these tools, the mentor will provide links to trusted marketplaces where they can purchase them.
After that, they proceed with logging into a purchased account using a cookie editor, importing the cookies, and setting up the profile to appear trustworthy.
At this point, they have an account with virtually no trace back to them that looks like a legitimate, trustworthy profile.
Next, they sort by New Listings and choose a product category such as auto parts, antiques, or other items that are easy to ship. Then, they adjust filters to specify the target country or city, ideally matching the account’s default location and using their own language to reduce competition and attract more potential victims, particularly in non-English-speaking first-world countries.
After that, they contact sellers. They receive pre-written text for initial outreach, along with complete templates for responding to seller messages. Their only task is to adapt these templates to the local language of the country they’re operating in.
They message only listings for items that can theoretically be shipped (avoiding local pickup–only items). The ultimate goal is to send a phishing link to the victim so they enter their banking details. The methods can vary depending on the country and platform involved.
Even 80-IQ retard cybercriminals can use these organization-provided templates for phishing, but these 2 methods are common in cybercrimeworld.
More intelligent or creative Social Engineers prefer using their own social engineering techniques to trick targets into clicking links and sharing information. This approach improves their success rate, gives them valuable experience, which helps them progress to more advanced methods within weeks or months.
As the social engineer, you should know that your role is complete at the point of email acquisition and
phishing link delivery. The team handles the rest to minimize your exposure. For your efforts, you'll let's say receive 30% of the earned amount from each successful heist.
and the backend team's process begins. Here's what the tech team typically does to withdraw funds:
- Capture Data
- Verify Validity
-Drain the account
-Launder it with compromised bank accounts and convert it into private blockchain crypto
If the victim reports his $5,000 loss to the local cybercrime department, first of all, no one really knows which group was behind it. It’s almost impossible to link the case to any specific group.
Law enforcement can try to trace the banks involved, but it’s useless 99% of the time because the accounts are either compromised or opened with fake KYC information. Often, the actual account holder has no idea their bank account was used in a crime.
Authorities can also request information from the marketplace (for example, Facebook) to trace the IP address of the scammer’s account or the tech team’s server. If the social engineers were careless enough to use their real IP, you can often tell the internet provider by looking at certain digits of the IP address, for example, 3-random-numbers from 182.16.255.1 (IPv4) or 2001:db8:0:1234:0:567:8:1 (IPv6).
In that case, the police could request user logs from the internet provider to identify the criminal, but even that would take time and money.
However, if the criminal used a VPN or proxy chain with a strict no-logs policy, the trail usually goes cold. Law enforcement can contact the provider to ask who connected, but they’ll likely find nothing unless the VPN service was compromised or happened to keep logs; which is extremely rare.
Even if they trace it further, there will be more proxy chains leading to another proxy server, and then another, turning the investigation into a wild goose chase with no guarantee of success. Plus, intermediary servers will maintain the no-logs proxies, erasing any trace completely.
In most cases, the police won’t pursue it because the cost and effort far outweigh the potential recovery.
They’re not going to spend $50,000 investigating a case with only a 1% chance of recovering a $5,000 loss.
Because of that, these cybercrime groups continue operating with little resistance.
There are still dozens, if not hundreds of loopholes in the legal and technical process of conviction after locating the criminal, especially when you factor in operational security and plausible deniability.
This post is based on publicly available research, similar to what you might see shared by security researchers on social media. It is not intended to encourage or enable criminal activity, but to explain how illegal actions are carried out so that we can better protect ourselves. If you decide the post should be removed, please let me know which specific parts are problematic so I can edit or remove that content.
THREAD SONG:
I'll continue explaining why people commit cybercrime, how much of a failure and incompetent law enforcement is when it comes to cybercrime, and the motivations and reasons people join it despite it not having the thrill like some gang misfits.
Cybercrime is pretty safe and feasible, not some "forever ending in getting caught" thing that mainstream media tells you.
If I had to explain it with an analogy, think of local police in some shithole country with a broken law system and mafias roaming the streets, raping and killing whoever they like.
It's because local law enforcement is bribed and threatened by them; they lack force, weapons, and training compared to mafias; and the law/court system doesn't work because of the criminals' political connections. Also, the law's evidence is negligible with unregistered guns, etc., and there are lots of scapegoats and false witnesses to make it impossible.
Local police can't do much because they can't get authorized backup force and are just incapable and weak to do anything.
Now, cybercrime puts even the FBI in that sort of position. It's so hard to trace cybercrime, with no guarantee of success, and way too expensive, because of tools like encryption, private blockchains, and proxies accessible to the general public, with safe-haven countries hosting those proxy servers.
You might see some YouTubers or podcasts LARPing about how they can do this and that, but in reality, they can't catch a majority of proper cybercrime groups, they just catch fools. Usually in Scammer Payback, you see the lowest-level third-worlder retards who didn't even plan to commit cybercrime but were just tricked into joining a cybercrime group with some third-world typical office worker salary. By the time they realize they're committing crime by spamming templates, it's too late, and they just keep going because unemployment is a problem in such countries.
The top guys don't even get caught; it's just the rented building that gets seized and some low-level workers who get screwed or saved with bribes.
This untraceability of cybercriminals is possible in many ways, but I'll go on with an example of a social engineering crime group and why it's not possible for them to get caught.
In a proper strong cybercrime group, where usually it's just some normal guy being recruited into a proper cybercrime group, people know they're getting into crime.
The motivation for them getting into it is basically a 90 IQ average Joe spamming templates and getting tens of thousands of dollars in income per month; equivalent to an Ivy League graduate corporate software engineer, with even less effort than the high-IQ software engineer.
The smarter ones (120+ IQ) with dedication to learn can ascend after a few months of this job, with networking and social engineering familiarity/training, into earning millions of dollars per year, and it's realistically the norm, not the exception.
The entry barrier is nonexistent despite being apathetic. Basically, less than $50 worth of crypto, provided you at least have a mobile/PC and internet connection.
These people just by luck find some mentor and then get the resources they need to go with it, with 0 tech knowledge
now with example:
What they'll Need to Get Started:
• A purchased account for your chosen marketplace (e.g., Facebook, Vinted, or Kleinanzeigen).
These are compromised accounts mass hacked by some hackers and then sold on darknet markets for a few dollars each.
• A reliable, high-quality proxy (ideally SOCKS5 for better anonymity).
• An anti-detect browser such as AdsPower, GoLogin, or Dolphin Anty.
If they’re unsure where to obtain these tools, the mentor will provide links to trusted marketplaces where they can purchase them.
After that, they proceed with logging into a purchased account using a cookie editor, importing the cookies, and setting up the profile to appear trustworthy.
At this point, they have an account with virtually no trace back to them that looks like a legitimate, trustworthy profile.
Next, they sort by New Listings and choose a product category such as auto parts, antiques, or other items that are easy to ship. Then, they adjust filters to specify the target country or city, ideally matching the account’s default location and using their own language to reduce competition and attract more potential victims, particularly in non-English-speaking first-world countries.
After that, they contact sellers. They receive pre-written text for initial outreach, along with complete templates for responding to seller messages. Their only task is to adapt these templates to the local language of the country they’re operating in.
They message only listings for items that can theoretically be shipped (avoiding local pickup–only items). The ultimate goal is to send a phishing link to the victim so they enter their banking details. The methods can vary depending on the country and platform involved.
Example Method 1 (Shipping-Focused):
Express interest in buying the item with shipping (e.g., "I'll buy your item with delivery via
FoxPost, and I need your email to complete the purchase setup."). Once the victim provides
their email u need to notify the team, the team sends a phishing link via email, disguised as
a payment confirmation or receipt page. The victim is prompted to "receive the funds" by
entering their banking details (e.g., card number, CVV, expiration date), after which the
team drains the account.
Express interest in buying the item with shipping (e.g., "I'll buy your item with delivery via
FoxPost, and I need your email to complete the purchase setup."). Once the victim provides
their email u need to notify the team, the team sends a phishing link via email, disguised as
a payment confirmation or receipt page. The victim is prompted to "receive the funds" by
entering their banking details (e.g., card number, CVV, expiration date), after which the
team drains the account.
Example Method 2 (Prepayment-Focused):
Offer to buy with prepayment (e.g., "I'll buy your item with prepayment, and I need your
email to send the funds, say via Interac if working in Canada."). Once the email is obtained,
the team sends a phishing email with a link pretending to be a secure transfer page. The
victim enters their banking info to "claim the payment," and the team steals the funds.
into clicking the link and entering the details which will be handled by the tech time, and you get your lets say 30% share on every succesful heist
Offer to buy with prepayment (e.g., "I'll buy your item with prepayment, and I need your
email to send the funds, say via Interac if working in Canada."). Once the email is obtained,
the team sends a phishing email with a link pretending to be a secure transfer page. The
victim enters their banking info to "claim the payment," and the team steals the funds.
into clicking the link and entering the details which will be handled by the tech time, and you get your lets say 30% share on every succesful heist
Even 80-IQ retard cybercriminals can use these organization-provided templates for phishing, but these 2 methods are common in cybercrimeworld.
More intelligent or creative Social Engineers prefer using their own social engineering techniques to trick targets into clicking links and sharing information. This approach improves their success rate, gives them valuable experience, which helps them progress to more advanced methods within weeks or months.
As the social engineer, you should know that your role is complete at the point of email acquisition and
phishing link delivery. The team handles the rest to minimize your exposure. For your efforts, you'll let's say receive 30% of the earned amount from each successful heist.
and the backend team's process begins. Here's what the tech team typically does to withdraw funds:
- Capture Data
- Verify Validity
-Drain the account
-Launder it with compromised bank accounts and convert it into private blockchain crypto
If the victim reports his $5,000 loss to the local cybercrime department, first of all, no one really knows which group was behind it. It’s almost impossible to link the case to any specific group.
Law enforcement can try to trace the banks involved, but it’s useless 99% of the time because the accounts are either compromised or opened with fake KYC information. Often, the actual account holder has no idea their bank account was used in a crime.
Authorities can also request information from the marketplace (for example, Facebook) to trace the IP address of the scammer’s account or the tech team’s server. If the social engineers were careless enough to use their real IP, you can often tell the internet provider by looking at certain digits of the IP address, for example, 3-random-numbers from 182.16.255.1 (IPv4) or 2001:db8:0:1234:0:567:8:1 (IPv6).
In that case, the police could request user logs from the internet provider to identify the criminal, but even that would take time and money.
However, if the criminal used a VPN or proxy chain with a strict no-logs policy, the trail usually goes cold. Law enforcement can contact the provider to ask who connected, but they’ll likely find nothing unless the VPN service was compromised or happened to keep logs; which is extremely rare.
Even if they trace it further, there will be more proxy chains leading to another proxy server, and then another, turning the investigation into a wild goose chase with no guarantee of success. Plus, intermediary servers will maintain the no-logs proxies, erasing any trace completely.
In most cases, the police won’t pursue it because the cost and effort far outweigh the potential recovery.
They’re not going to spend $50,000 investigating a case with only a 1% chance of recovering a $5,000 loss.
Because of that, these cybercrime groups continue operating with little resistance.
There are still dozens, if not hundreds of loopholes in the legal and technical process of conviction after locating the criminal, especially when you factor in operational security and plausible deniability.
