More than half of all cybercrimes were scams in 2021, claim Group-IB
Group-IB, in its analysis of the landscape of the most widespread cyber threat in the world -scams, claimed that 57 percent of all financially motivated cybercrime is becoming more structured and involves more parties divided into hierarchical groups. The number of such groups jumped to a record high of 390, which is 3.5 times more than last year, when the maximum number of active groups was close to 110.
The company shared the findings of its research into various scam schemes at the recent Digital Risk Summit 2022 with the help of neural networks and ML-based scoring systems incorporated in its Digital Risk Protection platform.
In the Middle East and Africa (MEA) region, Group-IB analysts noted an increase of 150 percent. This is more than the rise in the APAC region (83 percent) and Europe (89 percent). Scam-as-a-Service, in 2021, saw the number of cybercriminals in one scam gang increase 10 times compared to 2020 and now reaches 100. Traffic has become the circulatory system for scam projects.
With more and more Internet users falling victim to cybercrime every day, fraudsters prefer good old techniques such as phishing (18 percent), scams and fraud (57 percent), and malware infections and reputational attacks (25 percent). In 2021, scams were the most common type of cybercrime.
The number of brand-impersonating scam resources created per month also increased. In the Middle East, Group-IB analysts noted an increase of 150 percent.
Group-IB researchers emphasize that the number of websites used for purchasing and providing “grey” and illegal traffic and that lure victims into fraudulent schemes has increased by 1.5 times. Scammers are going into 2022 on a new level of scam attack automation: no more non-targeted users. Scammers are now attracting specific groups of victims to increase conversion rates. Social media are more often becoming the first point of contact between scammers and their potential victims.
There was no weak URL targeting. Group-IB experts noted a strong trend towards the use of improved URL targeting: a valid one-off URL, available strictly for a particular user at a specific moment in time, targeted a specific audience. Personalized URLs usually include not only a timestamp and hash, but also geolocation information, the OS version, the browser type, and the name of the Internet provider. There was also no weak content personalization. Fraudsters used improved content personalization with auto-completed web forms on a page with a user's personal data, extracted from browser cookies.
Digitalization is the main global trend. Fraud is no exception, and the fact that the number of Internet users increased up to 4.95 billion in 2021 contributed to this. Moreover, the number of social media users and unique mobile phone users has also grown and has reached 4.62 billion (+10 percent compared to 2020). In 2021, 48.15 percent of scam schemes started with an active dialogue with the victim, experts concluded. There was also a trend to simplify scam end-pages, with scammers actively shifting towards spreading scam proposals via legitimate platforms such as Facebook and Instagram. The reasons for using social media are simple. First, it’s the best way to inspire trust. Second, social media services are insufficiently moderated.