Scams are the most widespread cyber threat in the world, according to the latest study by Group-IB.
Accounting for 57 percent of all financially motivated cybercrime, the scam industry is becoming more structured and involves more and more parties divided into hierarchical groups.
The study revealed that the number of such groups jumped to a record high of 390, which is 3.5 times more than last year, when the maximum number of active groups was close to 110. The number of brand-impersonating scam resources created per month also increased. In the Middle East and Africa region, Group-IB analysts noted an increase of 150 percent, which is higher than the rise in the APAC region (83 percent) and Europe (89 percent).
Furthermore, in 2021, the number of cybercriminals in one scam gang increased 10 times compared to 2020 and now reaches 100 due to SaaS (Scam-as-a-Service).
During the Digital Risk Summit 2022 online conference, which was divided into analytical and technology-related streams, Group-IB shared the findings of its research into various scam schemes, obtained with the help of neural networks and ML-based scoring systems incorporated in the Group-IB Digital Risk Protection platform, which is designed to mitigate external digital risks to intellectual property and brand identity.
With more and more Internet users falling victim to cybercrime every day, fraudsters prefer good old techniques such as phishing (18 percent), scams and fraud (57 percent), and malware infections and reputational attacks (25 percent).
Following hacker groups successfully attacking business and government organisations worldwide, scammers have adopted their methods to improve their schemes. Chaotic loners attract organised criminal gangs with SaaS (Scam-as-a-Service).
“A strong trend that we observed in 2021 was no-frills scammers merging into groups controlled by highly technically skilled villains,” said Antony Dolgalev, Deputy Head of Digital Risk Protection at Group-IB. “Group-IB’s AI-based platform identified somewhere between 75 and 110 scam groups last year, and the average number of cybercriminals per group was 10 members. The average number of scam links per group reached 100. SaaS helped grow not only fraudsters’ appetites, but also the industry itself. In 2021 our DRP system tracked 350 groups, reaching up to 390 scam groups at the peak time. The number of cybercriminals in fraudulent groups has increased dramatically, averaging between 100 and 1,000 per group. In turn, their infrastructure has grown proportionally: the average number of scam links per group was between 2,000 and 3,000.”
Traffic has become the circulatory system of scam projects: Group-IB researchers emphasise that the number of websites used for purchasing and providing “gray” and illegal traffic and that lure victims into fraudulent schemes has increased by 1.5 times. Scammers are going into 2022 on a new level of scam attack automation: no more non-targeted users. Scammers are now attracting specific groups of victims to increase conversion rates. Social media are more often becoming the first point of contact between scammers and their potential victims.
Scammers are now focused on attracting targeted traffic. In the past, their schemes were aimed at unsuitable users who were brought to a fraudulent resource, but since 2021 the strategy has changed drastically. Scammers now attract specific groups of victims to increase conversion rates. The only platform for selling “gray” and illegal traffic earns on average $2,758 per week from one offer to sell illegal traffic,” said Dolgalev.
Group-IB experts have also highlighted that with the hype for metaverses growing globally the amount of scams in metaverses could also increase.
The same situation applies to cryptocurrencies and NFTs, where scams are already highly popular. The use of deepfakes and voicefakes will also increase — they are among the most common scam methods. Experts predict that de-anonymisation tools will be used for blackmailing and victim personalisation.
“The number of cybercrimes is growing every year. We must stay ahead of scammers. To do so, anyone involved in the cybersecurity market must share their knowledge and data with each other. Only in this way will we be able to win. With the appearance of more data and new technologies such as deepfakes, scams have become very difficult to identify,” said Jorij Abraham, General Manager at Global Anti-Scam Alliance & Scamadviser.
