Fraudsters Use Telegram To Execute Restaurant Scam


Digital trust and safety company Sift has discovered a new method of fraud in which scammers use the Telegram messaging technology to steal from eateries and food delivery platforms, according to a Thursday (Feb. 11) announcement emailed to PYMNTS.

Research from the firm’s digital trust and safety architects found that malevolent actors are marketing their offerings on Telegram forums to buy food and beverage orders at a decreased price, using stolen payment data on behalf of clients, according to the announcement.

“The dark web can be difficult to access, and with frequent marketplace shutdowns by law enforcement, bad actors are looking for new places to commit crime. End-to-end encrypted messaging platforms like Telegram are attractive options, as they are more accessible and it is easier to go undetected when committing low-level fraud,” Brittany Allen, trust and safety architect at Sift, said in the announcement.

In the scheme, professional fraudsters post in Telegram forums like “Fraud Market” and promote their ability to purchase food and beverage orders at far lower-than-normal rates, usually 60 to 75 percent off. To place an order, the diner can send a message with a screenshot of their shopping cart from a food delivery platform along with their delivery addresses. The fraudster then replies with an offer to purchase the items for much less than the actual price. After the fraudster accepts the order, the diner makes the payment using a digital currency like Ethereum or bitcoin. The fraudster then creates a new account and uses stolen credit card information or a hacked account with stored value to make a payment for the order and have it sent to the diner.

“While merchants may not be able to prevent fraudsters from marketing their services in messaging apps, they can protect themselves at the point of attack by adopting a Digital Trust & Safety strategy, which prevents fraud while reducing friction for legitimate customers,” Allen said in the announcement.

The news comes as Sift said in December that 2020 had been a “banner year” for eCommerce sales, but that scammers have changed their approaches to capitalize on the boom. The firm said at the time that malevolent actors were transitioning from the typical “spray and pray” strategy that entails making dozens or hundreds of lower-value transactions with stolen payment information to conducting fewer and bigger attacks instead.