Scammers in Tor and how to recognize them. Let's find out together!

The Tor Browser (short for The Onion Router) is a proxy system that allows the user to establish a secure, anonymous connection.

The main algorithm that ensures Tor's privacy is the 'onion routing' system – its advantage over any other system is that each router 'strips off' its own layer of encryption, thereby hiding intermediate network nodes. Despite the enormous potential of this system, it is most often used by criminals for malevolent purposes. Thus, the most common illegal activities in it are: Bot-netting – creating an entire system consisting of bots (usually used for spamming or for performing centralized attacks on different kind of services); Malware creation – the creation and deployment of ransomware, Trojan horses on various Internet resources; Cyber-terrorism – gaining access to classified information and its disclosure or elimination afterwards; Illegal trafficking of drugs, weapons and pornographic materials; We will focus on analyzing fake and untrusted resources, as they present the greatest threat to the new users who has only started using the Tor browser. In early 2021 mass advertisements for both vaccines and certificates for the globally raging COVID-19 infection began to appear on the darknet. The publishers of these advertisements have requested payment in the form of cryptocurrency (bitcoin, ether and other altcoins), asking between $500 and $1,000 for a single dose of vaccine. In the past year 2021, the Tor network has racked up over $1.7 billion in transactions, the lion's share of which has been taken by the scammers. This demonstrates that while there are many legitimate, certified shops on the darknet, criminals have their hands free. The anonymity allows them to promote their illegal activities. However, it is mistake to assume that no one can be tracked on the Tor network at all. Quite often intelligence agencies in different countries resort to operations that aim to stop criminals from operating on the darknet. A common method of disrupting criminal activity is through “control purchases” by law enforcement agencies. This involves officers going to a website that promotes an illegal activity (e.g. selling drugs, weapons or pornography) and then pretending to be a customer making a purchase. This approach involves the use of social engineering techniques – law enforcers look at CCTV footage to understand the route taken by potential criminals to their sales deals and then raiding them. scam list tor Many Tor and the entire darknet users are not indifferent to cases of fraud, so they keep trying to stop it in every possible way. For example, they set up their own websites where they collect all the information about fraudulent and scam sites on the darknet. Some admins have even created an unofficial division on their sites which stratifies the types of deception practiced by scammers. You can find the following categories: Bank card sales; Fake banknote sales; Passport sales; Match-fixing predictions; Credit offers scam; Hitman scam; Escrow scam; Drug scam; Marketplace scam; Bitcoin scam; Forum scam. Let's go through some of these points further, studying the background and finding some useful things (we’ve selected those that the user is most likely to encounter). Selling fake banknotes The main purpose of this fraudulent scheme is to sell users counterfeit banknotes that were made by the same criminals. Their main argument why a visitor should buy this kind of money is the belief that ATMs can accept such banknotes (the "benefit", according to those sellers, to the users is that banknotes have markedly lower denomination than that prescribed on it - for example, a $100 banknote may be sold for $50 or even $20). It is important to realize that all modern machines are equipped with systems that can easily distinguish between counterfeit and genuine banknotes. In addition, the quality of counterfeit banknotes from fraudulent sellers often leaves much to be desired. Bank card sales This method of fraud is broadly similar to the previous one. Scammers sell credit cards with large balances on them. They offer visitors to buy them in order to do cash-out afterwards and make a substantial profit. You should pay attention to deceivers claiming to know the pin code of the credit card. This is the purest lie - if these cards have been stolen in mass quantities (and usually illegal credit card dealers only do this in mass and wholesale quantities), then no one can know the pin code of each. This method of fraud is broadly similar to the previous one. Scammers sell credit cards with large balances on them. They offer visitors to buy them in order to then cash them out and make a substantial profit. You should pay attention to scammers claiming to know the pin code of the credit card. This is the purest lie - if cards have been stolen in mass quantities (and usually illegal credit card dealers only do this in mass and wholesale amounts), then no one can know the pin code of each of them. It is just impossible. Passport sales Often on the darknet you will come across vendors selling passports and other personal documents (first and foremost it includes the purchases of driving licenses and other stuff like ID cards). You should not trust such people – most of the time these documents will turn out to be a fake one, and will not pass any checks by government officials. Match-fixing predictions The veracity of match-fixing predictions on the darknet is usually highly questioned. You are more likely to be given their own personal prediction than a verified insider's leak. "Beneficial" loans Some scammers offer visitors a loan on favorable terms from popular and serious banks. It is definitely a fault to fall for this ploy, because no bank employee is willing to sacrifice their job (or even their freedom) for an opportunity to make an ephemeral profit. As an argument for why you should take advantage of this service, scammers claim that you can get a loan even with a bad credit history and huge past debts. Nevertheless, the reason described above casts doubt on the veracity of this statement. Hitman hiring There are practically no killers on the darknet. This is a very serious and dangerous business, and only a handful of people take it on. If you come across an ad for a contract killer, it is 99% likely to be a scam. After placing a request to commit this terrible and serious crime, the user most often finds that instead of the killer, a police representative arrives on the scene, after which the customer is often being arrested. How not to get caught by Tor scammers? With a few simple rules, you can almost completely protect your stay on the Tor network from encroachment by others. When exchanging altcoins and cryptocurrencies, there is an important principle to keep in mind - many fake websites take the user's money and do not return it, finding various excuses and justifications. Perhaps, the only proven way not to get caught by darknet scammers is to use verified, trusted links. You can find a list of them on major forums in both the clearnet and the darknet. For example, on Reddit and GitHub, there are entire sections devoted to searching for honest and verified sites on Tor. It should be remembered as well that almost all super-profitable ads (for example, selling electronics not even for half the retail price, but for just a quarter of it) will often turn out to be a scam. The middleman on such sites is the person, who is usually a criminal accomplice with the owner of the scam site itself. When you follow any verified link - try to write it down somewhere or just remember it. Fraudsters on the Tor network tend to create copies of popular sites, keeping the original design (this is especially easy to do with darknet sites, because links here are presented as an arbitrary set of symbols and numbers, where replacing 1 or 2 letters is almost impossible for anyone to notice). These sites, however, are only needed to trick users and steal their money. The most popular example of a site that is copied is Hydra. It is being copied by almost every scammer. There is serious reason, why scammers choice falls on the blue site. Hydra appears as one of the (if not the most) desirable site on the darknet. This article is written for informational and educational purposes only. The author is not responsible for the actions of people after reading this article.

Comments 0

Leave a comment

Cancel reply

Login to leave a comment