Group-IB, the global company specialized in addressing cyber threats, surveying data and information about cyber threats, and investigating and preventing advanced cybercrime, has uncovered an ongoing and widespread fraud wave targeting the Middle East and Africa region. Nearly 140 popular brands in 16 countries in the region were exploited by scammers who created fake pages with the aim of stealing users’ personal information and payment data according to the information, at least eight brands are being exploited in a wave of multiple frauds. These stages go back to the Arab Republic of Egypt.
The results, obtained with the help of AI-driven digital risk identification and mitigation platform called Digital Threat Protection System, were released by Group-IP.
Analysts pointed out that Egypt is one of the top five countries targeted by this continuous and multi-stage fraud wave, according to a press release.
In the process, scammers create fake web pages, after which the typical victim receives an electronic link, either through social media channels or through a messaging app, or they may come across an ad in search engines inviting them to participate in a prize draw, get promotions, or fill out a survey. Associated with a famous brand or the name of a celebrity.
The web page the victim accesses includes an online form designed to extract key personal details. Once the form is filled out, the victim finds himself a prize winner and is then asked to share the link with his contacts. After the victim expands the fraud surface, it is redirected to other fraud resources, such as new giveaways, phishing sites, or sites that may put the user's devices at risk of malware infection. The total monthly number of the target audience as a last stage in the scams is about 500,000 people.
The report said that the majority of the brands targeted by this multi-stage fraud wave belong to the telecommunications sector with a percentage of 34.8%, while 10.4% of them represent public services and 9.6% belong to the retail sector.
Other sectors affected include entertainment, fast food, automobiles, electronics, oil and gas, banking, and insurance. In addition, the group's analysts discovered more than 4,300 fraudulent web pages registered using legitimate blogging services this year alone, of which 160 Fraudulent page exploits Egyptian brands.
The pandemic has pushed companies towards electronic transformation, as the proportion of purchase deals made through social media channels is 40% at the present time, and this represents unprecedented growth, but at the same time, it has doubled the level of threats. In all, scams make up 73% of all cyber attacks: 56% are scams that lure victims into voluntarily revealing sensitive data, and 17% are phishing attacks that ultimately lead to the theft of bank card details.
In this regard, Ashraf Kahil, General Manager Business Development Unit Middle East and Africa at Group-IP, says: “Organizations cannot deal with this fraud epidemic through classic monitoring approaches and blocking links individually, as the volume of fraudulent activity is increasing. Comprehensive digital risk protection systems should be able to detect and see all components of the infrastructure that a fraudster puts in place, and a fraud-centric approach, similar to yours Group-IP enriches monitoring results and makes the monitoring process more sophisticated, complex, and scalable.
Group-IP, which recently opened the doors of its first center specialized in collecting information and conducting research on cyber threats in the Middle East and Africa, indicated that fraud and phishing operations detected by the company in the Middle East increased by 27.5% in 2020, compared to the previous year. It also provided analytics from several other fraud schemes detected using SCAM Intelligence. In just one year, the system has helped save up to $443 million to businesses in the Asia Pacific and Russia Europe, and the Middle East by preventing potential damages associated with the fraud.