An online scam affected victims in 16 Arabic-speaking countries through the manipulation of more than 130 well-known brands, a report has found.
The fraud scheme used brands in various industries including telecoms, retail and entertainment, the Singapore-based cybersecurity company Group-IB revealed.
Investigators found more than 4,300 malicious web pages created on Blogspot - a popular blogging service - that had been registered by an unknown group that included more than 100 accounts.
The scammers used a “tried-and-tested scheme”, offering free gifts from popular brands, lottery games purporting to be recommended by celebrities and fake job offers from the government, the report said.
“The threat actors used such lures to steal personal data or attract traffic to other fraudulent websites. More than 500,000 people per month visit the end websites involved in the scheme,” Group-IB’s digital risk research team head Yakov Kravtsov and lead analyst Evgeny Egorov said.
Cyber crimes have risen globally amid a rise in remote working and the rapid increase in use of online platforms that collect personal data, IBM reported.
The average global cost of a data breach rose about 10 per cent a year to $4.2 million over a period of 12 months to June 30, it added. The US continued to top the list, with average costs of $9m, up from $8.6m a year ago, followed by Saudi Arabia and the UAE, together at $6.9m, Canada ($5.4m), Germany ($4.9m) and Japan ($4.7m).
Group-IB did not disclose the origin of the fraudulent campaign or the culprits behind it.
The Arabic-speaking countries in the Middle East affected by the scam included Saudi Arabia, the UAE, Kuwait, Jordan, Sudan, Morocco, Egypt, Bahrain, Iraq, Yemen, Palestine, Algeria, Lebanon, Qatar, Syria and Oman. It also affected some English-speaking users in Turkey and Nigeria, the report added.
The criminals stole personal information such as full names, phone numbers, home addresses, education details and the victims’ place of work.
Victims were asked to share the link to the malicious website with five to 20 WhatsApp contacts to claim their free gifts.
“The scammers do so to widen the pool of their potential victims,” said Mr Kravtsov and Mr Egorov.
“After the victim sends the required number of messages, they are redirected to another fraudulent resource … other lottery games [and] scam dating websites … in the worst-case scenario, victims may end up on a malicious or phishing website,” they added.
How does the scam work?
To attract victims to the scam websites, the criminals sent bulk WhatsApp texts and pop-up messages on different browsers.
The first Blogspot account related to the fraudsters was registered in August 2013. Account registrations peaked in 2018 and the threat actors continued creating new accounts until last year. On some of the accounts, the criminals continue to create fraudulent pages that hide behind the names and respectability of several brands, said Group-IB.
Users fall victim to the schemes by agreeing to take part in a promotion supposedly organised by a famous brand, a government organisation or a celebrity, said Mr Kravtsov and Mr Egorov.
“Victims are promised they could win a prize or money, play the ‘wheel of fortune’ or get a job by completing a survey.”
How to avoid these scams
- Be cautious when following links that allegedly lead to the website of a specific company, celebrity or state agency and trust links from official resources only, such as verified accounts on social media or messenger applications, said Group-IB.
- Enter confidential data and bank card details on trusted websites only.
- Verify the information about promotions and giveaways on the official accounts of brands, state agencies or celebrities.