#report #cybercrime #HTCT #scam #phishing
Group-IB presents the fifth volume of its Hi-Tech Crime Trends 2021/2022 report “Scams and Phishing: The epidemic of online fraud” ⚡️⚡️⚡️
👉We finally release the concluding part of our 5-volume Hi-Tech Crime Trends 2021/2022 report — “Scams and Phishing: The epidemic of online fraud.” In this paper, Group-IB’s CERT-GIB and Digital Risk Protection analysts analyze major scam campaigns, instruments used and threat actors’ infrastructure.
⚔️The COVID-19 pandemic was the main reason for the explosive growth of online scams. According to Group-IB’s data, fraud accounted for 74.5% of all online crimes in the first half of 2021. More than half (57%) of all cybercrimes were scams (a type of fraud in which victims voluntarily make payments or disclose their data), while phishing (theft of bank card data) accounted for just 17.5%.
📑Here are some other highlights and trends from our fresh report:
🔹 Group-IB specialists helped block more than 14,000 phishing resources hosted
on some 12,000 unique domains. About 20% of phishing websites were hosted on compromised legitimate resources.
🔹 Classiscam became one of the largest, longest, and most technically advanced hybrid scam campaigns in the world. As at the end of 2021, 70 active affiliate programs use this scheme, targeting more than 80 international brands from 36 countries.
🔹An increase in phishing targeting online services (16%) and social media (8%) has been recorded.
🔹The popularity of the scam-as-a-service model has led to scams scaling up on a global level and to a lower entry threshold for newbie-scammers with no real skills for conducting scams.
✅ More trends and forecasts for the development of online fraud are in our fresh report —> https://bit.ly/3GXLtOb
Group-IB presents the fifth volume of its Hi-Tech Crime Trends 2021/2022 report “Scams and Phishing: The epidemic of online fraud” ⚡️⚡️⚡️
👉We finally release the concluding part of our 5-volume Hi-Tech Crime Trends 2021/2022 report — “Scams and Phishing: The epidemic of online fraud.” In this paper, Group-IB’s CERT-GIB and Digital Risk Protection analysts analyze major scam campaigns, instruments used and threat actors’ infrastructure.
⚔️The COVID-19 pandemic was the main reason for the explosive growth of online scams. According to Group-IB’s data, fraud accounted for 74.5% of all online crimes in the first half of 2021. More than half (57%) of all cybercrimes were scams (a type of fraud in which victims voluntarily make payments or disclose their data), while phishing (theft of bank card data) accounted for just 17.5%.
📑Here are some other highlights and trends from our fresh report:
🔹 Group-IB specialists helped block more than 14,000 phishing resources hosted
on some 12,000 unique domains. About 20% of phishing websites were hosted on compromised legitimate resources.
🔹 Classiscam became one of the largest, longest, and most technically advanced hybrid scam campaigns in the world. As at the end of 2021, 70 active affiliate programs use this scheme, targeting more than 80 international brands from 36 countries.
🔹An increase in phishing targeting online services (16%) and social media (8%) has been recorded.
🔹The popularity of the scam-as-a-service model has led to scams scaling up on a global level and to a lower entry threshold for newbie-scammers with no real skills for conducting scams.
✅ More trends and forecasts for the development of online fraud are in our fresh report —> https://bit.ly/3GXLtOb
Group-IB
Hi-Tech Crime Trends 2021/2022. Uninvited Guests: The Sale of Access to Corporate Networks | Group-IB
Analysis of dark web forums to understand the sale of access to compromised infrastructure.
#scam #fraud #DRP #phishing
Group-IB uncovers an ongoing worldwide scam campaign targeting users in over 90 countries worldwide⚠️
Group-B Digital Risk Protection (DRP) team has revealed an ongoing scam campaign targeting users in over 90 countries all around the world, including the United States, Canada, South Korea, and Italy. The fraudsters employ the tried and tested technique with fake surveys and giveaways purporting to be from popular brands to steal users’ personal and payment data, with the total number of big-name companies impersonated in the scheme exceeding 120.
The potential victim pool of a single scam network is estimated at about 10 million people, while the potential damage totaled about $80 million per month, according to Group-IB’s Digital Risk Protection unit.
More details -> https://bit.ly/3e9MCpw
Group-IB uncovers an ongoing worldwide scam campaign targeting users in over 90 countries worldwide⚠️
Group-B Digital Risk Protection (DRP) team has revealed an ongoing scam campaign targeting users in over 90 countries all around the world, including the United States, Canada, South Korea, and Italy. The fraudsters employ the tried and tested technique with fake surveys and giveaways purporting to be from popular brands to steal users’ personal and payment data, with the total number of big-name companies impersonated in the scheme exceeding 120.
The potential victim pool of a single scam network is estimated at about 10 million people, while the potential damage totaled about $80 million per month, according to Group-IB’s Digital Risk Protection unit.
More details -> https://bit.ly/3e9MCpw
#scam #fraud #DRP #phishing
According to Group-IB's DRP analysts, this type of fraud has been spotted in 91 countries, with cybercriminals exploiting at least 121 brands as bait. The analysis of the server’s infrastructure that hosted scam websites indicates that the scam’s target regions are Europe (36.3%), Africa (24.2%), and Asia (23.1%).
The new wave of the scam is particularly persistent thanks to an innovation in the scammers’ toolset — targeted links, which makes investigating and tackling such attacks increasingly challenging. More about the targeted link structure and the scam mechanics in a fresh blog post by Group-IB's #DRP analysts -> https://bit.ly/3mmKD5G
According to Group-IB's DRP analysts, this type of fraud has been spotted in 91 countries, with cybercriminals exploiting at least 121 brands as bait. The analysis of the server’s infrastructure that hosted scam websites indicates that the scam’s target regions are Europe (36.3%), Africa (24.2%), and Asia (23.1%).
The new wave of the scam is particularly persistent thanks to an innovation in the scammers’ toolset — targeted links, which makes investigating and tackling such attacks increasingly challenging. More about the targeted link structure and the scam mechanics in a fresh blog post by Group-IB's #DRP analysts -> https://bit.ly/3mmKD5G
#ransomware #RaaS #cybercrime
Did you know that the history of ransomware attacks covers slightly over 30 years? 🗓
📍The first prototype of what we today know as ransomware appeared as early as in 1989. Many concepts that we currently perceive as indispensable attributes of ransomware — exorbitant ransoms, Ransomware-as-a-Service (RaaS) programs, and data leak sites (DLS) — were yet to come.
👉In a fresh byline for HelpNetSecurity, Group-IB Head of Cybercrime Research Dmitry Shestakov gives an overview of how Ransomware-as-a-Service developed, highlights the tipping points in the contemporary history of ransomware, and identifies the main factors of this market's explosive growth.
Check it out -> https://www.helpnetsecurity.com/2021/12/22/ransomware-empire/
Did you know that the history of ransomware attacks covers slightly over 30 years? 🗓
📍The first prototype of what we today know as ransomware appeared as early as in 1989. Many concepts that we currently perceive as indispensable attributes of ransomware — exorbitant ransoms, Ransomware-as-a-Service (RaaS) programs, and data leak sites (DLS) — were yet to come.
👉In a fresh byline for HelpNetSecurity, Group-IB Head of Cybercrime Research Dmitry Shestakov gives an overview of how Ransomware-as-a-Service developed, highlights the tipping points in the contemporary history of ransomware, and identifies the main factors of this market's explosive growth.
Check it out -> https://www.helpnetsecurity.com/2021/12/22/ransomware-empire/
This media is not supported in your browser
VIEW IN TELEGRAM
#conference #CyberCrimeCon21 #cybersecurity #APT #vulnerability
It's the time we've all been waiting for🔥🔥🔥
The video recordings of CyberCrimeCon21 conference are now available on the event's website. This your chance to catch up on the sessions you might have missed:
🔸 Keynote address by Group-IB CEO Dmitry Volkov;
🔸 Session, during which you will learn who might be selling access to your company;
🔸Tale of the rise and fall of The Fraud Family;
🔸 Report about the Number 1 cyber threat — ransomware;
🔸 Story about APT41’s 2021 world tour;
🔸 Review of APTs' espionage campaigns in APAC
... And even more presentations by speakers from INTERPOL, Europol, SentinelOne, CyberSOC Africa, IstroSec, Positive Technologies, VNPT Cyber Immunity, and Computest
Check it out and enjoy the show -> https://cybercrimecon.com
It's the time we've all been waiting for🔥🔥🔥
The video recordings of CyberCrimeCon21 conference are now available on the event's website. This your chance to catch up on the sessions you might have missed:
🔸 Keynote address by Group-IB CEO Dmitry Volkov;
🔸 Session, during which you will learn who might be selling access to your company;
🔸Tale of the rise and fall of The Fraud Family;
🔸 Report about the Number 1 cyber threat — ransomware;
🔸 Story about APT41’s 2021 world tour;
🔸 Review of APTs' espionage campaigns in APAC
... And even more presentations by speakers from INTERPOL, Europol, SentinelOne, CyberSOC Africa, IstroSec, Positive Technologies, VNPT Cyber Immunity, and Computest
Check it out and enjoy the show -> https://cybercrimecon.com
#ThreatIntelligence #MITRE
How to make the most of threat intelligence with MITRE ATT&CK®?
The MITRE ATT&CK® framework became the industry standard to describe attack tactics and techniques. It's used by SOC analysts, DFIR experts, Red teams, threat hunters, threat intelligence analysts, because it provides quick answers about how different threats operate and how security teams can detect and stop them. The matrix gives teams a concise overview, as well as the ability to deep dive should they still need thorough threat intelligence.
We use this framework within Group-IB's Threat Intelligence & Attribution system in three different scenarios:
📍 To describe activity of the threat actor
📍 To describe techniques relevant to the particular malware family
📍 As a separate tool for security experts
Read our latest blog post to learn how Group-IB’s customers benefit from mapping capabilities within Threat Intelligence & Attribution system.
➡️ https://bit.ly/3qeRj7i
How to make the most of threat intelligence with MITRE ATT&CK®?
The MITRE ATT&CK® framework became the industry standard to describe attack tactics and techniques. It's used by SOC analysts, DFIR experts, Red teams, threat hunters, threat intelligence analysts, because it provides quick answers about how different threats operate and how security teams can detect and stop them. The matrix gives teams a concise overview, as well as the ability to deep dive should they still need thorough threat intelligence.
We use this framework within Group-IB's Threat Intelligence & Attribution system in three different scenarios:
📍 To describe activity of the threat actor
📍 To describe techniques relevant to the particular malware family
📍 As a separate tool for security experts
Read our latest blog post to learn how Group-IB’s customers benefit from mapping capabilities within Threat Intelligence & Attribution system.
➡️ https://bit.ly/3qeRj7i
#CTF #ThreatIntelligence #TISC
Group-IB Adversary Intelligence Research Lead becomes one of the creators of TISC 2021 CTF challenges👏
Group-IB Adversary Intelligence Research Lead Feixiang He became the author of one of the challenges for The InfoSecurity Challenge (TISC) 2021 organized by the Centre for Strategic Infocomm Technologies, a lead digital technology agency in Singapore’s Ministry of Defence.
📢"Compared with conventional methods, CTFs are great platforms to identify new cyber security talents. I had observed such talent among the participants in TISC 2020, so as soon as I learnt that the TISC 2021 were open to the public, I immediately started planning for my challenge," Feixiang says.
Read an exclusive interview with Feixiang to learn more about the CTF "backstage" -> https://www.csit.gov.sg/tisc/interview-with-challenge-creators#
Group-IB Adversary Intelligence Research Lead becomes one of the creators of TISC 2021 CTF challenges👏
Group-IB Adversary Intelligence Research Lead Feixiang He became the author of one of the challenges for The InfoSecurity Challenge (TISC) 2021 organized by the Centre for Strategic Infocomm Technologies, a lead digital technology agency in Singapore’s Ministry of Defence.
📢"Compared with conventional methods, CTFs are great platforms to identify new cyber security talents. I had observed such talent among the participants in TISC 2020, so as soon as I learnt that the TISC 2021 were open to the public, I immediately started planning for my challenge," Feixiang says.
Read an exclusive interview with Feixiang to learn more about the CTF "backstage" -> https://www.csit.gov.sg/tisc/interview-with-challenge-creators#
#cybersecurity #distributor #Italy
DotForce becomes Group-IB’s first distributor in Italy
As Group-IB’s first official distributor in the country, DotForce will facilitate access for system integrators and managed security service providers (MSSPs) to Group-IB’s product and service ecosystem, aimed at the prevention and investigation of cyberattacks, protection against online fraud and intellectual property misuse.
The choice of DotForce as Group-IB’s first official distributor in the region stems from the former’s strong partnership network, including cyber security specialized resellers, security boutique resellers, system integrators, consulting cyber security partners, as well as long-standing experience in procuring its clients with cutting-edge cybersecurity solutions.
➡️ https://bit.ly/31OR4r8
DotForce becomes Group-IB’s first distributor in Italy
As Group-IB’s first official distributor in the country, DotForce will facilitate access for system integrators and managed security service providers (MSSPs) to Group-IB’s product and service ecosystem, aimed at the prevention and investigation of cyberattacks, protection against online fraud and intellectual property misuse.
The choice of DotForce as Group-IB’s first official distributor in the region stems from the former’s strong partnership network, including cyber security specialized resellers, security boutique resellers, system integrators, consulting cyber security partners, as well as long-standing experience in procuring its clients with cutting-edge cybersecurity solutions.
➡️ https://bit.ly/31OR4r8
#interview #cybercrime #HTCT
Sergey Nikitin, the Chief Operating Officer of Group-IB Global HQ, joined Ausbiz Startup Daily🎙
In an interview with Elliot Hastie, the host of Ausbiz’s Daily Startup Show, Group-IB Global HQ COO Sergey Nikitin shares the main findings of Group-IB’s fresh Hi-Tech Crime Trends 2021/2022 report and takes you through the trends that are likely to rule over cybercrime scene this year.
Check it out-> https://www.ausbiz.com.au/media/startup-daily-friday-14-january-nfts-payments-and-flood-maps?videoId=18562
Sergey Nikitin, the Chief Operating Officer of Group-IB Global HQ, joined Ausbiz Startup Daily🎙
In an interview with Elliot Hastie, the host of Ausbiz’s Daily Startup Show, Group-IB Global HQ COO Sergey Nikitin shares the main findings of Group-IB’s fresh Hi-Tech Crime Trends 2021/2022 report and takes you through the trends that are likely to rule over cybercrime scene this year.
Check it out-> https://www.ausbiz.com.au/media/startup-daily-friday-14-january-nfts-payments-and-flood-maps?videoId=18562
#Revil #arrest
Dmitry Volkov, chief executive officer of Group-IB, a Singapore-based cybersecurity company, said it wasn’t yet clear whether the developers of REvil ransomware or affiliates were arrested, though he said any “cross-border actions aimed at dismantling cybercrime is a positive step.”
“As we’ve seen with various ransomware groups, the shutdowns do not always mean the end of malicious activities,” he said. “There are many RaaS programs at the moment.”
https://www.bloomberg.com/news/articles/2022-01-14/russia-detains-revil-ransomware-hackers-at-u-s-s-request
Dmitry Volkov, chief executive officer of Group-IB, a Singapore-based cybersecurity company, said it wasn’t yet clear whether the developers of REvil ransomware or affiliates were arrested, though he said any “cross-border actions aimed at dismantling cybercrime is a positive step.”
“As we’ve seen with various ransomware groups, the shutdowns do not always mean the end of malicious activities,” he said. “There are many RaaS programs at the moment.”
https://www.bloomberg.com/news/articles/2022-01-14/russia-detains-revil-ransomware-hackers-at-u-s-s-request
Bloomberg.com
Russia Detains REvil Ransomware Hackers at the Request of U.S.
The Biden administration praised the Kremlin for detaining members of a notorious ransomware gang at the request of the U.S. in a sweeping operation across Russia.
#INTERPOL #Falcon #BEC
Operation Falcon II: Group-IB assists INTERPOL, Nigerian Police Force in action to apprehend 11 cybercriminals💥💥💥
Earlier in the day, INTERPOL made public the results of a 10-day operation by the Nigerian Police Force as a result of which 11 alleged members of a prolific cybercrime network were arrested. Many of the suspects arrested are thought to be members of TMT BEC gang (aka Silver Terrier).
Group-IB’s APAC Cyber Investigations Team has contributed to the operation by sharing information on the threat actors, having identified the attackers’ infrastructure, collected their digital traces and assembled data on their identities. Group-IB has also expanded the investigation’s evidence base by reverse engineering the samples of malware used by the cybercriminals and conducting the digital forensics analysis of the files contained on the devices seized from the suspects. The operation was also supported by Palo Alto Networks Unit 42👏
The first edition of Operation Falcon, a joint action by INTERPOL, Group-IB and Nigeria Police Force, was held in November 2020 and resulted in the apprehension of three alleged members of the TMT gang.
More details -> https://bit.ly/3KrJbJA
Operation Falcon II: Group-IB assists INTERPOL, Nigerian Police Force in action to apprehend 11 cybercriminals💥💥💥
Earlier in the day, INTERPOL made public the results of a 10-day operation by the Nigerian Police Force as a result of which 11 alleged members of a prolific cybercrime network were arrested. Many of the suspects arrested are thought to be members of TMT BEC gang (aka Silver Terrier).
Group-IB’s APAC Cyber Investigations Team has contributed to the operation by sharing information on the threat actors, having identified the attackers’ infrastructure, collected their digital traces and assembled data on their identities. Group-IB has also expanded the investigation’s evidence base by reverse engineering the samples of malware used by the cybercriminals and conducting the digital forensics analysis of the files contained on the devices seized from the suspects. The operation was also supported by Palo Alto Networks Unit 42👏
The first edition of Operation Falcon, a joint action by INTERPOL, Group-IB and Nigeria Police Force, was held in November 2020 and resulted in the apprehension of three alleged members of the TMT gang.
More details -> https://bit.ly/3KrJbJA
www.interpol.int
Nigerian cybercrime fraud: 11 suspects arrested, syndicate busted
INTERPOL support protects cyber space and brings criminals to justice
#cybersecurity #southafrica
Group-IB Signs Partnership Agreement with Corr-Serve in South Africa
Group-IB has signed a partnership agreement with Corr-Serve, a South African value-added distributor of IT solutions. The partnership allows Corr-Serve to bolster its cybersecurity portfolio with the full stack Group-IB’s solutions and services, dedicated to detecting and preventing cyberattacks, including with cyber threat intelligence, in-depth attack analysis, and effective incident response.
Click here for more details: https://bit.ly/3KCFYY5
Group-IB Signs Partnership Agreement with Corr-Serve in South Africa
Group-IB has signed a partnership agreement with Corr-Serve, a South African value-added distributor of IT solutions. The partnership allows Corr-Serve to bolster its cybersecurity portfolio with the full stack Group-IB’s solutions and services, dedicated to detecting and preventing cyberattacks, including with cyber threat intelligence, in-depth attack analysis, and effective incident response.
Click here for more details: https://bit.ly/3KCFYY5
#scam #fraud #DRP #podcast
Group-IB at IM24 podcast🎙
We all have recently evidenced the explosive growth of online scams 👿 Criminals skillfully use all the existing opportunities, improve their social engineering techniques and use new technologies to be even more effective. What is the current landscape of such threats and how can one prevent this type of crime?
This is what Dmitriy Tiunkin, the Group-IB Digital Risk Protection head, Europe, discusses with Michal Porada, the host of Ingram Micro’s IM24 Podcast ⬇️
https://www.youtube.com/watch?v=24X1tf37SV4&t=504s&ab_channel=Group-IBGlobal
Group-IB at IM24 podcast🎙
We all have recently evidenced the explosive growth of online scams 👿 Criminals skillfully use all the existing opportunities, improve their social engineering techniques and use new technologies to be even more effective. What is the current landscape of such threats and how can one prevent this type of crime?
This is what Dmitriy Tiunkin, the Group-IB Digital Risk Protection head, Europe, discusses with Michal Porada, the host of Ingram Micro’s IM24 Podcast ⬇️
https://www.youtube.com/watch?v=24X1tf37SV4&t=504s&ab_channel=Group-IBGlobal
#cybersecurity #fraudhunting #webinar
Group-IB Fraud Hunting Day in APAC
Join Group-IB Fraud Hunting Day where our experts will share the latest fraud hunting techniques, use cases, and talk about different types of fraud clients may face in the Asia-Pacific region.
Save your spot now: https://bit.ly/3rO51Pa
Group-IB Fraud Hunting Day in APAC
Join Group-IB Fraud Hunting Day where our experts will share the latest fraud hunting techniques, use cases, and talk about different types of fraud clients may face in the Asia-Pacific region.
Save your spot now: https://bit.ly/3rO51Pa
#blog #ML #CyberInvestigation #leak #breach #ShinyHunters
New blog post 🔥 Shedding light on the dark web: Cybersecurity analyst's guide on how to use machine learning to show cybercriminals’ true colors 🔍
👉Data leaks appearing on the dark web are a problem that even world-renowned enterprise, financial and IT giants have faced. They can both disclose:
🔸 sensitive information about the company's internal processes;
🔸personal data of the company's customers, making them turn their back on a brand or company that used to be their favorite.
Both outcomes can bring the business at the verge of collapse.
In our new blog post, Group-IB Head of investigation department in APAC Vesta Matveeva and Group-IB Senior Data Scientist in APAC Iaroslav Polianskii show the methods cybersecurity analysts who come to the aid of compromised companies can use to, firstly, determine if an alleged data breach is real or fake, and, secondly, make conclusions about the sophistication of the threat actor responsible.
Our guide will be useful for:
🔸cybersecurity greeners who are doing their first steps in the cybersecurity world;
🔸cybersecurity analysts and corporate security team members;
🔸machine learning algorithm developers.
Find out more at -> https://bit.ly/3r7vCYd
New blog post 🔥 Shedding light on the dark web: Cybersecurity analyst's guide on how to use machine learning to show cybercriminals’ true colors 🔍
👉Data leaks appearing on the dark web are a problem that even world-renowned enterprise, financial and IT giants have faced. They can both disclose:
🔸 sensitive information about the company's internal processes;
🔸personal data of the company's customers, making them turn their back on a brand or company that used to be their favorite.
Both outcomes can bring the business at the verge of collapse.
In our new blog post, Group-IB Head of investigation department in APAC Vesta Matveeva and Group-IB Senior Data Scientist in APAC Iaroslav Polianskii show the methods cybersecurity analysts who come to the aid of compromised companies can use to, firstly, determine if an alleged data breach is real or fake, and, secondly, make conclusions about the sophistication of the threat actor responsible.
Our guide will be useful for:
🔸cybersecurity greeners who are doing their first steps in the cybersecurity world;
🔸cybersecurity analysts and corporate security team members;
🔸machine learning algorithm developers.
Find out more at -> https://bit.ly/3r7vCYd
Group-IB
Shedding light on the dark web
Cybersecurity analyst's guide on how to use MI to show cybercriminals' true colors