The number of scams per brand soared by 211 percent in APAC region last year

As per the latest findings from Group-IB, scammers show the highest interest in brands from the APAC and MEA regions

Published: Jul 12, 2023 01:27:27 PM IST

Updated: Jul 12, 2023 01:34:45 PM IST

There is an uptick in the number of scams as well as the number of people engaged in scam activity. Image: Shutterstock

Scams continue to be the most common form of cybercrime, overtaking phishing and other cyber threats such as malware, ransomware, and distributed denial-of-service (DDoS) attacks. Scammers are highly interested in brands from the Asia-Pacific (APAC) and Middle East and Africa (MEA) regions, according to the latest report by global cybersecurity firm Group-IB.

The average number of scam resources created per brand, defined as the number of instances in which a brand's image and logo were appropriated for use in scam campaigns, across all regions and industries, more than doubled year-on-year in 2022, up 162 percent. In the Asia-Pacific region, the rise was even more significant, with this number spiralling 211 percent compared to 2021. According to the findings, scams caused over $55 billion in damages, and the so-called scamdemic shows no signs of slowing down.

There is an uptick in the number of scams as well as the number of people engaged in scam activity, both driven by the more frequent use of social media to spread scams and the growing automation of scam processes. For instance, in the prominent Classiscam scam-as-a-service scheme, more than 80 percent of operations are now automated. Social media is often the first point of contact between scammers and victims, and this was apparent in the APAC region last year. The Group-IB analysts found that 58 percent of scam resources targeting companies in seven core economic sectors were created on social media.

In the APAC region, 76 percent of scam resources targeted companies in seven sectors: Financial institutions, banks, telecommunications and media, oil and gas, aviation, insurance, and manufacturing, and these were found to originate from social media. A recent example of this in the APAC region includes the discovery of 600 hijacked Instagram accounts used to spread phishing links to Indonesian victims.

"We’re definitely seeing a huge rise in fake or fraudulent websites, mobile apps, business listings, etc. recently. Traditionally, these attacks focussed largely on the BFSI sector with phishing, but now we're seeing much more creative attacks from hackers," says Yash Kadakia, founder of Security Brigade and ShadowMap, which monitor phishing and brand infringement attacks. In India specifically, many consumer brands, like Swiggy, Zomato and Dunzo, are targeted with fake Google Business sites or Google Ads by scammers pretending to be their support staff. These generally result in a reverse UPI scam, where they send a payment request and pretend it’s a payment, he adds.

Of the schemes described in Group-IB’s Digital Risk Trends report, fake brand-impersonating surveys are widespread in India and are most damaging to online users. Overall, within the scheme, the company detected fake websites impersonating 86 brands in India, and thousands of people could fall victim to such scams, explains Afiq Sasman, head of the digital risk protection analytics team in Asia Pacific, Group-IB.

“We also see fake dealerships popping up online, impersonating legitimate companies from various industries. These scams offer victims the opportunity to partner with a company of their choice and open a dealership in their preferred location. The scams are not merely asking users to fill out a form and then contacting the victims afterwards. These scams are very convincing and can even provide documents such as an invoice with the company letterhead and stamp to prove their authenticity," he adds.

It’s an incredibly difficult battle for brands because it’s literally a game of Whack-a-mole. Especially with the use of cryptocurrency, attackers are able to quickly purchase new domains and bulletproof hosting sites and get these scams online, explains Kadakia.

Globally, scammers’ interest in the financial sector hit the roof radically, as the average number of scam resources created per financial brand increased year-on-year by 186 percent in 2022. A similar growth was observed in the oil and gas sector (112 percent) and the manufacturing industry (55 percent).

Overall, Group-IB detected 304 percent more scam resources that utilised the name and likeness of legitimate brands in 2022 compared to the preceding year. The financial sector was the most targeted industry, as 74.2 percent of intellectual property violations, such as the illegal use of trademarks, misrepresentation of brand partnerships, scam advertising, fake social media and messenger accounts, and fake brand applications, targeted companies in this vertical. Finance and social media are the two most commonly phished industries.

Threat actors are getting smarter by the day. A major driver of the increase in scam activity and a growing trend seen throughout the underground economy is the automation of many previously manual processes that required technical knowhow. By doing so, threat actors are able to scale their operations quicker, while the increasingly larger ecosystem and role distribution provide greater safety. This trend is likely to increase in the future, given that cybercriminals can use AI-driven text generators to craft ever-more convincing copy for their scam and phishing campaigns, as the findings highlighted.

"We advise users to stay updated on new scam tactics and schemes. Any investment opportunities, quizzes, or posts promising quick and easy money should raise suspicion. Users are advised to never share personal information with third parties unless they are certain of their legitimacy. While visiting links relating to offers by companies shared in messaging apps or on social media, check the domain names. Scammers usually use domain names that look similar to existing brand names as part of their efforts to trick users into entering sensitive data," suggests Sasman of Group-IB.