OPSEC Awareness in Organized Fraud
The profile of threat actors we track is changing on two fronts. There's an increasingly professional presence associated with hardened fraudsters, especially those from Russian ransomware gangs, and an influx of more na?ve young people for whom fraud is being normalized on social media. ??
In the background, both trends are largely orchestrated by the more sophisticated and organized groups, and we go into more detail about the presence of well-established actors in the articles below. But we’re seeing more fraud groups turn to social media?as a recruitment tool to pitch activities like refund fraud as a victimless crime and easy money. ?
This marks a change from fraud groups traditionally only being active on dark net marketplaces and forums or Telegram?and?Discord. These groups are now buying ads on TikTok and recruiting ‘influencers’ to engage with a new, younger audience, selling how-to guides and training courses. ?
As well as the growing presence of refund fraud as a threat vector, this recruitment drive also gives professional fraudsters access to a steady supply of ‘clean’ and (so far) legitimate accounts that haven’t ever been associated with malicious activity. ?
?? Latest Threat Intelligence
???Scalping Market Hits Maturity
This increasing level of professionalism is also something we’re seeing penetrate the scalper ecosystem, which remains a distinct threat vector in that scalping is not technically illegal. ???
Although the scalping community is broader, with a good number of consumers running small operations as a side hustle, there is an element of cross-pollination with more malicious actors and one interesting trend we're seeing is the bundling of scalping services.?
Traditionally, wannabe scalpers and fraudsters subscribed to separate services — bot subscriptions, cook groups for drop intel, proxies, and more. Now however, many cook groups are expanding their offerings by hiring top bot developers to create exclusive scalper bots. This consolidation and bundling of services provides users with a single monthly subscription, improving their return on investment in scalping activities and demonstrates a level of maturity in the market.?
?Cook groups: These online groups are a source of useful information for scalpers, such as how-to guides, early links, and monitors for the latest high-demand items or shoe releases. Some are highly exclusive with limited membership capacity and access to premium tools and features. ??
??? The Evolution of Scalping
In our lookback at the history of scalping, we examine the first major federal effort to crack down on scalper bots in 2016, with the introduction of the Better Online Ticket Sales (BOTS) Act. We explore how legislation fell short of the mark and how scalpers have out-innovated legitimate retail marketplaces.
领英推荐
?? Industry Trends
?? Criminal Chatter from Netacea Sentry
Netacea measures criminal chatter around malicious activities based on the number of alerts flagged by Netacea Sentry in the last calendar month. Netacea Sentry monitors 3,000+ closed criminal communities on Telegram, Discord and the deep and dark web.??
The number of alerts flagged in October revealed a continued increase in carding activity. Scalping has also been high on the agenda in recent months and many of these alerts continue to come from well-known scalping bots.
Towards the end of October, we saw the majority of the alerts shift over to the retail sector which is likely due to a preparatory rise in criminal activity around Black Friday and Cyber Monday sales.??
Black Friday 2024 takes place on November 29, but many retailers hold events in the weeks around this date across both November and December.???
????Black Friday Checklist for Bot Attacks
Just as retailers have spent months planning every aspect of peak trade campaigns for Black Friday, bot operators have been equally busy plotting attacks such as scraping, scalping and credential stuffing.
?? Must Listen
??? The Rise of AI in the SOC
Stuart Seymour, Group CISO, Virgin Media O2 talks to Andy Ash, Netacea CISO, about how he sees behavioral analytics as essential for recognizing normal and abnormal patterns of behavior in terabytes of data in a way that is efficient enough to cut through the noise and ensure that analysts don't get snow blind.
????Listen here
?
Talking about abnormal patterns, both our Machine Learning models and human experts detect all sorts of anomalies.?
Recently we noticed that scrapers on some retail domains we protect were trying to fake seasonality in a bid to make their malicious traffic appear more human. But the adversaries appear to have screwed up the bot config and have it oscillating over a period of 16/17 hours.
This would make perfect sense if the domains were getting scraped from Neptune where a day lasts 16 hours, but very little sense from Earth though ??
Technology Solutions/ Channel Sales/ Sales & Account Management Leader
3 个月Interesting Ransomware attacks are not just a threat; they're a business problem. These attacks are soaring at a staggering rate, up 70% year over year from 2022 to 2023, leaving organizations grappling with severe repercussions: disrupted operations, compromised data, and significant financial losses. The Nebulosity GuardTower real-time threat detection software is transforming the security industry by providing advanced, continuous monitoring and analysis of potential threats. This system leverages cutting-edge technology to identify and respond to security incidents as they occur, enhancing the ability of organizations to protect their digital assets. With its innovative approach, GuardTower sets a new standard in proactive cybersecurity measures, offering a more dynamic and responsive solution to the evolving landscape of cyber threats. Cybersecurity with Nebulosity's GuardTower? The time is now to start looking at new options. #Guardtower #proactivesecurity #lastlineofdefense #nebulositycloud https://www.bgtechnologysolutions.com