John Layden December 21, 2021 16:22 UTC
Update time: December 21, 2021 16:23 UTC
There are more bad guys than crazy guys
Cybercriminals are using new targeted tools and techniques to recover online scams that were only recently obsolete.
This widespread campaign targeting users in 90 countries/regions around the world used fake surveys and gifts purporting to come from popular brands to steal users’ personal and payment data.
These so-called investigative scams can be traced back several years, but the latest fraudulent information uses targeted links that contain content tailored to each potential victim-a technique that makes investigating fraud more difficult than usual.
You might like U.S. identity thief jailed for more than $130,000 in scam targeting senior citizens
In addition, according to threat intelligence company Group-IB, the sheer scope of the scam is a headache for investigators.
Since we started observing scams involving the use of targeted link technology, the number of fake brands and domain names involved has increased dramatically.
And in the past [when] Scammers used dozens of well-known brands in their plans, and now more than 120 brands have been pretended to be operating target links and at least 60 different domain networks by scammers as Group-IB DRP (digital risk protection) units.
According to Group-IB, millions of people have become the target of false investigation invitations that lure victims through a maze designed solely to induce them to surrender sensitive personal information, such as bank card details.
“The potential victim pool of 60 domain name networks detected by Group-IB DRP is estimated to be 27.7 million,” a Group-IB spokesperson told Drink it every day.
Tailor-made
This type of scam is not new, but in the past fraudsters have targeted users indiscriminately. The latest version of the program uses technology stolen from legitimate advertising campaigns to provide tailored content.
First, fraudsters try to trick victims into winning non-existent prizes by distributing invitations to participate in the investigation.
Each such offer includes a link to the survey website. To this end, threat actors use all possible legal digital marketing methods: contextual advertising, advertisements on legitimate and completely rogue websites, text messages, mailing, and pop-up notifications.
In order to attract users to visit fraudulent websites, cybercriminals will register domain names that are similar to official domain names.
Scammers also use information about potential flags such as country, time zone, language, IP address, etc. to customize the link.
Read more about the latest news about computer fraud
Group-IB tells Drink it every day: “The last scam link is customized for a specific user and can only be opened once. This complicates the detection of such links, which inevitably leads to a longer scam life cycle and hinders deletion and investigation.”
The data requested from unknowingly marking usually includes full name, email, postal address, phone number, bank card data, including expiration date and CVV. Sometimes, users also need to pay taxes or test fees to win prizes.
Fraudsters use leaked payment card data to buy goods online, register fake user accounts, or simply sell personal information on the dark web.
Fraud has been detected in 91 countries/regions, and cybercriminals have used at least 121 brands as bait, many of which are telecom service providers or retailers.
Respected How expired web domains can help criminal hackers unlock corporate defenses
