Students from China in the U.K have been a persistent target of scammers for over two years. The ongoing activity by RedZei (aka RedThief) Group, which is a Chinese-speaking scammer group, bypasses all the steps taken by service providers and users to avoid scams.
Here’s how it works
A report by The Guardian detailed a visa scam fooling Chinese students into paying huge sums of money to avoid being deported.
- The RedZei fraudsters chose their targets carefully by researching them and finding a potential victim rich enough.
- The fraudsters used new pay-as-you-go U.K phone numbers for each wave to bypass phone number-based blocking.
- The attackers switch between SIMs from various mobile carriers such as Telia, Three, EE, O2, and Tesco Mobile.
Researcher suspect that this incident is a part of the RedZei campaign that began as early as August 2019.
Vociemailing and other tricks
The operation involves calling the targeted students once or twice a month using a unique U.K phone number. If these calls are left unanswered, the fraudsters leave an unusual automated voicemail.
- The voicemails impersonate companies such as China Mobile, Bank of China, and the Chinese embassy to social engineer the students into giving up their personal details.
- A few additional variations included voicemails pretending to be Chinese government officials, such as the Chinese Ministry of Industry and Information Technology, the Chinese Embassy in the U.K, or the Chinese Communications Administration, as well as courier services DHL and Royal Mail.
- Other themes adopted by RedZei include abnormal usage of NHS numbers and international parcels delivered from DHL.
Be safe
The students are suggested to stay vigilant against such frauds and report to the university if they suspect any scam of this nature. The universities can also share information about such scams concerning international students.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_88085325_SMALL.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/5bfe_shutterstock_1157527744.jpg)
