#34: Passcode Traps, Fake Customer Service, Telegram Fraud Channel Explodes

This week’s stories are a masterclass in how fraudsters are finding ways around technical barriers entirely. Customers are giving up passcodes under pressure. Search engines are leading victims straight to fake customer support lines. Telegram groups are exploding with stolen checks, account access, and money movement infrastructure - all fully industrialized and ready for sale.

Let’s get into it.

NATE'S TAKE - JUNE 3, 2025

Top Three This Week

1. UK Bank Warns Customers Are Voluntarily Giving Away Passcodes
2. Scammers Are Planting Fake Customer Service Numbers Online
3. Telegram Fraud Channel Explodes With Mail Theft and High-Dollar Account Sales

1. UK Bank Warns Customers Are Voluntarily Giving Away Passcodes

Many fraud victims are unknowingly helping scammers bypass security by directly handing over their passcodes.

While banks have invested heavily in multi-factor authentication and verification checks, scammers are successfully using social engineering tactics - often impersonating the bank’s fraud department - to convince victims to read out or input security codes during live calls.

Once they have these codes, criminals can access online banking, authorize payments, or register new devices all with full user permission.

The bank emphasized that many of these fraud losses do not technically qualify as unauthorized transactions, because the customer provided the information willingly under false pretenses.

Even the strongest technical controls can fail when attackers manipulate human behavior directly. Banks continue to warn that legitimate staff will never ask customers to share passcodes, PINs, or verification codes over the phone.

2. Scammers Are Planting Fake Customer Service Numbers Online

Scammers are increasingly flooding search results with fake customer service phone numbers, leading victims to call fraudsters directly when seeking help.

How it works:

• Scammers create fake websites or posts that rank highly in search results, listing fraudulent support numbers for companies like Amazon, Apple, or PayPal.
• When consumers call the number for help, they’re connected to a scammer posing as customer support.
• Victims may be tricked into providing personal details, payment information, or granting remote access to their devices.

Fraud teams should note that first-party detection isn’t enough. These scams thrive off-platform. Defenses require coordination between companies, search engines, and regulators to disrupt the infrastructure scammers rely on.

3. Telegram Fraud Channel Explodes With Mail Theft and High-Dollar Account Sales

In a LinkedIn post, fraud expert Derek Abbott reported a sharp escalation in fraud activity inside a Telegram group he monitors, highlighting just how quickly organized fraud operations are scaling on messaging platforms.

Over a single weekend, the group erupted with listings offering:

• Boxes of legitimate checks stolen directly from the mail, intercepted before reaching customers. These aren’t washed or altered, they’re fresh from official bank printers.
• Access to U.S. bank accounts holding over $55,000, sold for buy-ins as low as $5,000.
• Compromised wires into Coinbase, offering rapid cash-out through crypto rails.
• Payments linked to Canadian defense lawyers, with verified emails being used to facilitate criminal transactions.

Abbott describes this as organized, scalable, industrial-grade theft, evolving faster than most defenses can adapt.

For fraud fighters, this reinforces a key reality: attack coordination has moved off the dark web and into private chat channels, where real-time trading fuels highly adaptive fraud ecosystems.

===

That’s all for this week! For more insights, follow us on LinkedIn or X, and if you want to learn more about what we do, visit www.specprotected.com.

‍