On June 10, during the Digital Risk Summit 2021 online conference, Group-IB presented the findings of its research into various fraudulent schemes, obtained thanks to neural networks and ML-based scorings of Group-IB Digital Risk Protection system. Group-IB also revealed Scam Intelligence, a fraudster tracking technology that has laid the foundations for DRP, the company's proprietary solution. In one year, the system helped save as much as $443 million for companies in the Asia-Pacific region, Europe, and the Middle East by preventing potential damages.
The number of scam- and phishing-related violations detected by Group-IB in the Asia-Pacific region in 2020 grew by a record high of 88% year-on-year. Probes into threat actor scam activities worldwide by DRP helped categorize fraud schemes, with over 100 basic schemes and their modifications detected. For instance, a scheme with fake brand accounts on social media (typical for the financial sector) involved on average over 500 fake accounts per bank in 2020. Insurance companies worldwide, meanwhile, suffer from phishing. Over 100 phishing websites per insurer were created last year on average.
In 2020, a multi-stage fraud scheme called Rabbit Hole, which abused companies' brands, mostly targeted the retail sector and online services. Users received a link from friends, through social media, or in messaging apps with a suggestion to participate in a prize draw, promotional offer, or survey. On average, users made 40,000 visits to fraudulent websites per day. Rabbit Hole attacked the customers of at least 100 brands worldwide. The threat actors strive to steal personal and bank-card data.
Classiscam has been the most wide-spread scam globally during the pandemic. The scheme targets people who use marketplaces and services relating to property rental, hotel bookings, online bank transfers, online retail, ride-sharing, and delivery. The scheme aims to extort money as a payment for non-existent goods. At least 44 countries have been targeted in this fraud scheme. According to Group-IB DRP, 93 brands overall have been abused as part of Classiscam. In early 2021, more than 12,500 threat actors made money through fake delivery service resources. The overall number of websites involved in the scheme reached 10,000. The scale of this type of fraud is immense and the scheme only keeps expanding. One Classiscam threat group alone can make up to $114,000 per month.
"Today, scam is more than just solitary fraudulent web pages — it's an entire industry with advanced technologies under the hood and motivated cybercriminal groups with great financial resources," says Ilia Rozhnov, the Group-IB head of Digital Risk Protection in APAC. "They choose their targets from various industries — brand recognition is what matters to them — causing financial and reputational damage. Expert approach in fighting cybercrime, the understanding of threat actors' logic, and advanced scam tracking technologies are required if companies want not only to detect, but also prevent the damage."