Recorded Future a analysé les données actuelles issues de la plateforme Recorded Future®, des rapports sur la sécurité de l'information et d'autres sources. OSINT Sources permettant d'examiner 11 méthodes et services frauduleux qui facilitent les campagnes des acteurs malveillants. Au cours des prochains mois, Recorded Future publiera des rapports détaillés sur chaque méthode ou service, les acteurs malveillants qui les proposent, les détails techniques le cas échéant, ainsi que des recommandations pour atténuer les risques. Ce rapport intéressera tout particulièrement les responsables de la lutte contre la fraude et de la défense des réseaux, les chercheurs en sécurité, ainsi que les cadres chargés de la sécurité et de la gestion et de l'atténuation des risques de fraude.

Executive Summary

The cybercriminal fraud ecosystem is a whole and interconnected enterprise. In this report, the introduction to our series on cybercriminal fraud, Insikt Group will describe 11 types of fraud methods and services currently used by threat actors to facilitate their campaigns. For each, we provide a brief overview of some notable recent developments, list some of the top vendors of these services on the criminal underground, and provide suggested mitigations for defenders to implement. The Recorded Future Platform enables research and analysis of fraud methods available on the dark web and other sources to identify cybercriminal schemes, as well as threat actors and communities that advertise said methods.

Outline

• Fraud tutorials and courses provide insights into possible vulnerabilities as well as schemes and techniques used by threat actors.
• Drops and mule services, unlike other cybercrime services, require a physical and human presence to successfully carry out criminal operations.
• Dating scams involve the creation of fake profiles on dating apps or social media platforms, or direct phishing emails that target victims with the end goal of tricking the victims into sending money or facilitating fraudulent activities.
• Online retail fraud, including gift card fraud and refund fraud, typically entails the use of stolen information and is frequently facilitated by anti-detect and shipping services.
• SIM swapping is a technique used by threat actors to gain access to a victim’s phone number with the end goal of using two-factor authentication (2FA) to obtain access to the victim’s online accounts.
• Money laundering services within the dark web provide a combination of services through which threat actors can conceal the origins of their money, transfer cryptocurrency into virtual currency, have funds sent to a bank account or payment card, move funds across borders, or exchange for physical currency.
• The role of botnets in the dissemination of malware to support fraud continues to grow as threat actors propagate some of the most prevalent malware families targeting individuals and organizations. These malware strains are specifically designed to exfiltrate information appealing to financially motivated threat actors seeking to conduct fraud.
• Travel and loyalty (hospitality) fraud involves threat actors scamming users into providing personally identifiable information (PII) and financial information through fraudulent travel and hospitality services, including car rentals, hotel and flight bookings, excursions, and other vacation-related offers such as bonus points, miles, and other rewards.
• Sales of personally identifiable information (PII) and protected health information (PHI) are conducted by threat actors who gather victim PII stolen from compromised networks, individual infected computers, leaked databases, or phishing attacks, which is then used to facilitate a wide variety of fraud.
• Tax return fraud, also known as stolen identity refund fraud (SIRF), is a specific case of identity theft where a criminal files a tax return with victim information to the Internal Revenue Service or state tax agencies with the goal of stealing the victim’s tax refund.
• Bank fraud is constantly evolving to follow current trends in the banking industry. Credit card fraud, online banking fraud, and wire transfers fraud are the main types of bank fraud.