NGN International, a full-fledged systems integrator and IT consultant headquartered in Bahrain, and Group-IB, a global threat hunting and intelligence company, warned of a significant increase in the number of scams that involve brand abuse around the world. Banks, government organizations, and private companies should remain vigilant and continue improving awareness of this type of fraud.
Brand impersonation scams that aim to steal money or sensitive data are on the rise worldwide. In July, the Twitter accounts of major US tech figures, companies, politicians, including Elon Musk, Barack Obama, Apple and other have been hijacked by the attackers, who tweeted about a cryptocurrency giveaway on their behalf. Despite that fake crypto giveaways are old hat, the scammers received more than $120K in BTC from the deceived users in just hours, according to Group-IB’s estimates. This became possible due to the illicit use of brands that people know and trust.
Fraudulent schemes evolved drastically, and fraudsters became smarter and more often abuse brands these days. They no longer use a single phishing page which exploits legitimate brand names to collect money or credentials, as such resources are too easy to detect and shut down. The fraud schemes are now more targeted, personalized, involve multiple stages, and the infrastructure they rely on is more distributed and resilient to tracking and blockage.
The most recent example is a Rabbit Hole fraud, detected by Group-IB’s experts in different locations. The scheme has multiple stages and exploits big brand names as a bait to lure victims into actual phishing websites. Unlike traditional phishing, the brands are abused on a single resource disguised as harmless surveys or promo pages that promise the reward. Once the victim completes such survey and leaves an email address, they receive a link to the actual phishing website, where a CVV code or other payment data are stolen.
According to Group-IB, the most characteristic manifestations of brand abuse are fraudulent websites, fake and phishing websites, fake mobile apps and unauthorized advertising. Every brand is susceptible: a bank, a retail, or even an oil or gas company. The fraudsters tend to hikack strong, widely recognized and trusted brands with a loyal customer base.
CEO at NGN International
The market researchers suggest that nearly 64% of users who have faced brand abuse online will never return to that brand their trust in it has been undermined. For companies, this can cause significant loss in customer and other stakeholders trust, reputational and direct financial losses which affect the sustainability of business.
It’s extremely critical that individuals and companies follow all precautions to protect themselves against brand impersonating fraud, especially in light of the (COVID-19) pandemic that accelerated the digital transformation and expansion in digital financial services and online shopping.
CEO at NGN International
In order to promptly protect companies, institutions and organizations in Bahrain against abuse of their brands NGN International has teamed up with Group-IB to offer a technological service designed to detect and eliminate threats to brand online called Group-IB Digital Risk Protection.
Andrey Busargin, Deputy CEO for Brand Protection and Anti‑Piracy at Group-IB, explained that Brand Protection identifies attacks on the brand online and detects fraudulent schemes no matter how complex they are. The service significantly expands attack analysis and prevention capabilities. Social media communities illegally using a corporate brand are detected and closed as well.
Simply blocking fake pages or accounts impersonating brands is like trying to kill the Hydra: with every resource blocked, new resources appear. Effective monitoring and blockage of brand abuse can only be achieved with the automated machine-learning powered brand protection system fueled by regularly updated knowledge base about cybercriminals’ infrastructure, tactics and, tools.
Director of Brand Protection and Anti-Piracy at Group-IB
The two companies have a history of successful cooperation in the region: in April 2019, Group-IB and NGN launched the first 24/7 intelligence-driven security operation center (SOC) in Bahrain to help local companies in detection and prevention of cyberattacks.
