02.11.2017

In a Queue for a Scam

How Fraudsters Cash in on Hype around New iPhones
Over the last two days, Group-IB experts have detected over 500 fraudulent websites offering new iPhone models. "iPhone maniacs" risk both being left without the smartphone ordered and the money paid and having their devices infected with malware. A monthly income from one such website may be up to $68,000. According to Group-IB experts, the aggregate potential damage amounts to $34 million.
The fraudsters' activity is boosted by the feverish demand for iPhone X. On October 27, the first batch was sold out within 10 minutes of preorder opening. On November 3, iPhone X will go on sale in 55 countries. Today, the smartphone may be ordered in the official Apple store with delivery in 5-6 weeks. According to Nikkei, due to problems with display production, shipments of the latest iPhone model will be only half of the initially planned amount.

"Fraudsters are keeping an eye on all the emerging trends. Hundreds of suspicious resources have appeared on the back of the feverish demand and difficulties with receiving ordered items", comments Andrey Busargin, Director of Brand Protection, Group-IB. "At best, you will end up with a fake phone, at worst – fraudsters will steal your money and confidential data and infect your device with malware. When iPhone X goes on sale officially, the number of fraudulent websites will only increase."

One of the widespread scamming schemes is based on a 100% payment for an iPhone X preorder at a bargain price. The price of the new model on one of such websites is almost 30% lower than in the official store. To make it more convincing, the website displays a picture with the store's 5-star rating on Yandex.Market.
To buy the phone, the user has to fill in an application form with an indication of his full name, email, phone number and residential address. After filling in the form, he receives an email with order information. Fraudsters offer to pay for the phone by transferring money to their card via an online banking service or using e-wallets. Upon completion of the operation, the user is required to send a screenshot with transfer confirmation.
Some customers have left their comments on Yandex.Market stating that they were unable to contact the seller after paying for the order.
Using big data technologies, the Group-IB system has detected links between this website and 10 more similar websites. They were created by the same scammers and registered this summer. The monthly audience of one website amounts to about 6,000 users. With conversion of 1% and the price of $1,200 per unit, one such website can yield over $68,000 per month.

When the product is bought on fraudulent websites, bank card details may be added to hackers' databases. For a while, your money may be left in your account, but later, bunches of compromised cards are found on sale in hackers' forums.

Another popular scamming scheme involves using websites with a free iPhone X raffle. Users follow a link on a website to get the smartphone. Then they are automatically redirected to dozens of other websites.
As a result, a user enters a page, where he/she is asked to confirm getting of a gift and prove that he/she is not a robot.
In some cases, raffle participants are asked to fill in a detailed form with an indication of their email, full name, mobile phone, date of birth and residential address. These data may be leaked to the Dark Web or used for targeted attacks.
Then the user is again redirected to dozens of resources and as a result ends up on a website featuring ads or a page offering to install a malware program.
Internet fraudsters often use the brands of famous companies. According to Group-IB, they mostly focus on industrial and pharmaceutical companies, retail chains, premium brands, insurance and financial companies, airlines, media and entertainment companies.
"Scamming schemes based on using brands may cause serious financial loss and damage to the company's reputation. In order to protect our customers on the Internet, we use our proprietary technologies allowing us to detect fraudulent resources at an early stage, block them quickly, identify links between websites and their owners and gather legal evidence automatically"
Andrey Busargin
Director of Brand Protection
Group-IB recommendations: how to avoid being scammed:
  1. Visit only official websites of companies.
  2. Check the date when the website was created. Use free Whois services, where you can find out registration dates, payment dates and information on domain owners.
  3. Do not trust low prices, do not make advance payments and do not transfer money to sellers' cards or e-wallets.
  4. Do not pay with your bankcard on websites with an unsecured connection, without an https certificate. The presence of this certificate in the address bar reduces fraud risk considerably, but in some cases it may also be forged.
  5. Observe digital hygiene rules. Do not click on suspicious links. Do not leave your personal data on suspicious resources. Pay attention to domain names and interfaces. Install the latest updates of your operating syst