Chinese language worldwide college students within the U.Ok. have been focused by persistent Chinese language-speaking scammers for over a 12 months as a part of an exercise dubbed RedZei (aka RedThief).
“The RedZei fraudsters have chosen their targets fastidiously, researched them and realized it was a wealthy sufferer group that’s ripe for exploitation,” cybersecurity researcher Will Thomas (@BushidoToken) mentioned in a write-up revealed final week.
Probably the most notable facet concerning the operation is the steps taken by the menace actors to bypass steps taken by customers to stop rip-off calls, utilizing a brand new pay-as-you-go U.Ok. telephone quantity for every wave in order to render telephone number-based blocking ineffective.
Thomas, mentioning the meticulous tradecraft employed by the scammers, mentioned the menace actor alternates between SIMs from a number of cell carriers similar to Three, O2, EE, Tesco Cell, and Telia.
Indications are that the profitable RedZei marketing campaign could have began way back to August 2019, with a report from The Guardian detailing a visa rip-off that tricked Chinese language college students into shelling out big sums of cash to keep away from getting deported.

The modus operandi includes calling potential targets a couple of times a month from a singular U.Ok. telephone quantity and leaving an “uncommon” automated voicemail ought to the calls be left unanswered.
The voicemails impersonate firms like Financial institution of China and China Cell in addition to the Chinese language embassy to social engineer the scholars into sharing their private info.
“Different themes exploited by RedZei embrace the ‘irregular utilization of your NHS quantity’ and worldwide parcels being delivered from DHL, that are each frequent considerations for Chinese language college students learning within the UK,” Thomas famous.