Shocking news! It turns out that criminals cannot be trusted.

Of course, it’s obvious, but criminals themselves may be guilty of trusting others too much and being defrauded as a result.

Sophos Researcher Presented There was an investigation at Black Hat Europe this week into so-called “metaparasites” (scammers tricking other scammers).

Matt Wixey and Angela Gunn from Sophos describe their research as follows:

“…a novel study of scammers scamming scammers and hackers hacking hackers in three of the most established and prominent criminal markets. Examine the motives of metaparasites, how the arbitration process works, and how metaparasites affect the culture and operations of the markets in which they operate.

And you can make a lot of money by targeting cybercriminals.

According to Sopbos, cybercriminals have lost more than US$2.5 million to other scammers on three underground forums over the past 12 months.

e-mailsign up for newsletter
Security news, advice and tips.

Fraud can take multiple forms, including fake data breaches, blackmail, backdoor malware, and phishing.

The researchers also found 20 websites created to mimic the criminal marketplace “intended to trick users into charging a $100 ‘activation fee’.”

Oh my god, never mind.


And, perhaps unsurprisingly, there is even evidence that some scammers who have been scammed continue to take revenge by scamming the very person who scammed them (read this to the end). I would appreciate it…).

The problem of cybercriminals manipulating other cybercriminals has become so acute that underground forums even have dedicated “arbitration chambers” aired in the hope that disagreements will be resolved. will be


So this is all very interesting. We like the idea that cybercriminals are tricking each other instead of targeting innocent civilians.

According to researchers, yes:

“Metaparasites inadvertently provide analysts with the benefit of intelligence that would otherwise remain hidden in sales, operations, negotiations, identifiers and even market cultures, varying levels of operational security, and deception. Gain unprecedented insight into vulnerabilities to and social engineering.”

But don’t laugh too hard, researchers warn.

As long as those who explore and study the culture of cybercriminals aren’t fooled, I think we can take some comfort from the idea that cybercriminals are scamming each other and not us.

Did you find this article interesting? Follow Graham Cluley on Twitter Also Mastodon To read more about the exclusive content we post.

Graham Cluley is a veteran of the antivirus industry and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent security he is an analyst, makes regular media appearances and gives international lectures on computer he security, hackers and online he privacy. Follow him on Twitter. @gcluleyfor Mastodon @[email protected]or drop him an email.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog