Fraudsters are offering discounted restaurant and grocery app deliveries on Telegram forums, then using stolen credit cards to place customer orders and pocketing the difference, according to a report from the fraud prevention company Sift.
They even advertised targeting Super Bowl fans, according to Sift, promising hefty discounts on food for the game. The fraudsters tell customers to send them a screenshot of their desired orders on popular food delivery apps, along with a delivery address, and either cryptocurrency or payment through services like Venmo, PayPal, or Cash App.
When the request comes, the scammers either use a stolen credit card or compromised food delivery app account to place the order with the app. It’s essentially pure profit for the scammers selling what Sift calls “stolen snacks,” but the app or restaurant is left holding the bag when the credit card fraud is detected.
We reached out to Telegram for comment about the report and will update this post if we hear back.
In general, Sift reports fraud rates increased 14% from the third quarter to the fourth quarter of last year at restaurant and food delivery apps. That comes as demand for food delivery has skyrocketed during the coronavirus pandemic, with many restaurants closed and consumers wary of exposure there and at grocery stores.
Telegram appears to be an increasingly popular tool for people with access to stolen credit cards attempting to turn them into cash.
“The Dark Web can be difficult to access and with frequent marketplace shutdowns by law enforcement, bad actors are looking for new places to commit crime,” said Brittany Allen, trust and safety architect at Sift, in a statement. “End-to-end encrypted messaging platforms like Telegram are attractive options as they are more accessible and it is easier to go undetected when committing low-level fraud.”