Pierluigi Paganini June 10, 2021

Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale.

Group-IB,  a global threat hunting and adversarial cyber intelligence company specializing in the investigation and prevention of high-tech cybercrime, has published a comprehensive analysis of fraud cases on a global scale. 

Group-IB,  a global threat hunting and adversarial cyber intelligence company specializing in the investigation and prevention of high-tech cybercrime, has published a comprehensive analysis of fraud cases on a global scale. 

Overall, fraud accounts for  73% of  all online attacks:  56% are scams  (fraud that results in the victim voluntarily disclosing sensitive data) and  17% are  phishing attacks  (theft of bank card details). Using patented  Digital Risk Protection (DRP) technologies, the experts at Group-IB discovered over  70 groups of fraudsters that are only used in one of the fraudulent schemes, Classiscam, of which 36 are aimed at Europe. Classiscam threat actors alone were found to defraud users by $ 7.75 million in one year   .

On June 10th, during the Digital Risk Summit 2021  online conference ( Amsterdam ), Group-IB presented its research on various fraudulent machinations, obtained thanks to neural networks and ML-based scorings of the  Group-IB Digital Risk Protection System. Group-IB also unveiled Scam Intelligence, a fraud-tracking technology that paved the way for DRP, the company’s proprietary solution. In one year, the system has helped save  € 363 million for companies in Asia Pacific, Europe and the Middle East by preventing potential damage.

The number of scam and phishing violations detected by Group-IB in Europe in 2020 increased by 39% compared to the previous year. DRP’s research into threat actors’ fraud activity around the world helped categorize fraud schemes, uncovering over 100 basic schemes and their modifications. For example, a scheme of fake branded social media accounts (typical of the financial sector)  affected over 500 fake accounts per bank on average in 2020  . Insurance companies around the world are now suffering from phishing. Over the past year, an average of over 100 phishing websites were created  per insurer.

In 2020, a multi-stage scam called Rabbit Hole targeted companies’ brands, primarily retail and online services. Users received a link from friends, via social media or in messengers with the request to take part in a competition, a promotional offer or a survey. On average, users visited  40,000 fraudulent websites every day. Rabbit Hole has attacked the customers of at least  100 brands worldwide. The threat actors target the theft of personal and bank card details.

Classiscam has been the most widespread fraud in the world during the pandemic. The scheme is aimed at people using marketplaces and services related to property rentals, hotel bookings, online bank transfers, online retail stores, ridesharing and deliveries. The scheme aims to extort money as payment for non-existent goods. At least  44 countries, including Austria, France, Italy, the Netherlands and Great Britain, are affected by Classiscam. According to Group IB, a total of  93 brands were misused as part of Classiscam. As of early 2021, there were more than  12,500 threat actors made money with fake delivery services. The total number of websites involved in the scheme reached  10,000. A Classiscam -Bedrohungsgruppe makes up to  97,000 euros  per month.

“Last year the world was searched by the scamdemicheim, which represents the influx of online scams on an unprecedented scale: if your business is successful and well-known, it’s only a matter of time before scammers keep an eye out”, explains  Dmitry Tiunkin , Group-IB DRB Head, Europe. “Digital risks to brands such as online fraud, the illegal sale of products and services, and intellectual property infringement are the most widespread crimes on the Internet. Group-IB’s DRP system gives analysts a tool to uncover the entire infrastructure of fraudsters and learn about different categories of fraud attempts that could target their organizations. Group-IB DRP helps our clients identify the person behind the wrongdoing, gather as much information about them as possible, and bring them to justice.”

About the Author: Group-IB

Group-IB is a Singapore-based provider of solutions aimed at detection and prevention of cyberattacks and online fraud. The company also specializes in high-profile cyber investigations and digital risk protection.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Online Crime)

[adrotate banner=”5″]

[adrotate banner=”13″]