Jump to content

Recommended Posts

For you only: scammers invent new targeted tools to amplify fraud schemes

Quote

Group-IB, one of the global cybersecurity leaders, has uncovered a worldwide scam campaign targeting users in over 90 countries all around the world, including the United States, Canada, South Korea, and Italy. The fraudsters employ the tried and tested technique with fake surveys and giveaways purporting to be from popular brands to steal users’ personal and payment data, with the total number of big-name companies impersonated in the scheme exceeding 120. The new wave of the scam is particularly persistent thanks to an innovation in the scammers’ toolset — targeted links, which makes investigating and tackling such attacks increasingly challenging.

The potential victim pool of a single scam network is estimated at about 10 million people, while the potential damage totaled about $80 million per month, according to Group-IB’s Digital Risk Protection unit.

Personal customer service

Fraudsters trap their victims by distributing invitations to partake in survey, after which the user would allegedly get a prize. Each such offer contains a link leading to the survey website. For "lead generation," the threat actors use all possible legitimate digital marketing means: contextual advertising, advertising on legal and completely rogue sites, SMS, mailouts, and pop-up notifications. To attract users to the final scam websites, scammers register look-alike domain names to the official ones. Less frequently, they were also seen adding links to the calendar and posts on social networks. After clicking the targeted link, a user gets in the so-called traffic cloaking, which enables cybercriminals to display different content to different users, based on certain user parameters.

But this destination "branded survey" page takes very long to download. This is because the victims find themselves in a long chain of redirects, during which scammers gather information about their session, including country, time zone, language, IP, browser, and etc. The content on the final page will be determined based on what was learned about the user and tailored as much as possible to their possible interests. The final scam link is customized to a specific user and can be opened only once. This complicates the detection of such links, which inevitably leads to the scam’s longer life cycle, and hampers the takedown and investigations.

At the final stage, the user is asked to answer questions to receive a prize from a well-known brand and to fill out a form asking for their personal data, which is allegedly needed to receive the prize. The data required usually includes the full name, email, postal address, phone number, bank card data, including expiration date and CVV.

pic-57.jpg

 

There is more on the above linked article...

 

  • Thanks 1
Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.