Scams become number one online crime amid pandemic: Analysis

Different type of scams has recently gone to the top of the list of all the detected online crimes, said Group-IB, a global threat hunting and adversary-centric cyber intelligence company.

Fraud accounts for 73% of all online attacks: 56% are scams (deceit resulting in the victim voluntary revealing sensitive data) and 17% are phishing attacks (theft of bank card details), said the company that specialises in investigating and preventing hi-tech cybercrimes.

The Asia-Pacific region was characterised by the highest increase in the number of detected scam-related and phishing-related violations last year, according to Group-IB's comprehensive analysis of fraud schemes on a global scale.

Compared to the previous year, the number of scam- related and phishing-related violations detected by Group-IB in the Asia-Pacific region in 2020 grew by a record high of 88%. In comparison, the figure for Europe was 39%, the Commonwealth of Independent States — 35%, and the Middle East — 27.5%.  

During the Digital Risk Summit 2021 online conference, Group-IB presented the findings of its research into various fraudulent schemes and analysis of their damage for different geographies and industries. 

Group-IB Digital Risk Protection (DRP) analysts researched into a multitude of fraud schemes and the damage they cause to industries worldwide. Conference participants included the United Nations International Computing Centre (UNICC), the global market research and advisory company Forrester, and Scamadviser, an independent project.   

On Thursday, Group-IB also revealed "Scam Intelligence," a fraudster tracking technology that has laid the foundations for Digital Risk Protection, one of the company's innovative proprietary solutions. 

In one year, the system helped save as much as $443 million for companies in the Asia Pacific region, Europe, and the Middle East by preventing potential damages, said the press release from the company on Thursday.

By using Digital Risk Protection technologies, Group-IB experts detected over 70 scam groups employed only in one of the fraudulent schemes called "Classiscam." It was established that in less than a year Classiscam threat actors alone swindled users out of $9.14 million, said the press release.

Classiscam has been the most widely used fraud scheme in the world during the pandemic. The scheme targets people who use marketplaces and services relating to property rental, hotel bookings, online bank transfers, online retail, ride-sharing, and delivery.

The scheme's purpose is to extort money as a payment for non-existent goods that will never be delivered. Forty-four countries have been targeted in this fraud scheme. 

According to Group-IB DRP, 93 brands have been abused as part of Classiscam. In early 2021, more than 12,500 threat actors made money through fake delivery service resources. 

The overall number of websites involved in the scheme reached 10,000. The scale of this type of fraud is immense and the scheme only keeps expanding. One Classiscam threat group alone can make up to $114,000 per month.

In 2020, a multi-stage fraud scheme called Rabbit Hole, which abused companies' brands, mostly targeted the retail sector and online services. Users received a link from friends, through social media, or in messaging apps with a suggestion to participate in a prize draw, promotional offer, or survey.

On average, users made 40,000 visits to fraudulent websites per day. Rabbit Hole attacked the customers of at least 100 brands in various regions. The threat actors strive to steal personal and bank-card data.

"Today, scam is more than just solitary fraudulent web pages — it's an entire industry with advanced technologies under the hood and motivated cybercriminal groups with great financial resources," said Ilia Rozhnov, the Group-IB head of Digital Risk Protection in APAC. 

"They choose their targets from various industries — brand recognition is what matters to them — causing financial and reputational damage. Expert approach in fighting cybercrime, the understanding of threat actors' logic, and advanced scam tracking technologies are required if companies want not only to detect, but also prevent the damage," he added.

Group-IB is a Singapore-based provider of solutions aimed at detection and prevention of cyberattacks and online fraud. The company also specializes in high-profile cyber investigations and digital risk protection.