Menu

20 June

Group-IB protects tens of thousands of social media users against fraud

Group-IB blocks fraudulent websites offering social network users ’free tickets’ masquerading as Aeroflot and other major airlines

Group-IB, one of the global leaders in providing high-grade Threat Intelligence and best in class anti-fraud solutions vendor, has helped to protect tens of thousands of people from criminals using recognized airlines’ logos for fraudulent schemes. Existing and future customers of airline companies were saved from potential implications of the attack by the joint effort of the information security service at Aeroflot and Group-IB’s Brand Protection team.

The first posts abusing the airlines’ logos appeared on social media on Sunday, June 4. Aeroflot was one of the 19 brands compromised as part of this global fraud scheme. The affected brands include major international airline companies, luxury brands and several chain stores offering online sale services: Virgin America, Delta Air Lines, Lufthansa Rolex, Spar, Tesco and others. Obviously, the attack was targeted at Western users — this can be inferred from the list of compromised brands, and from the fact that the Russian translation on the fake websites was done unprofessionally showing incorrect language usage.

Once the first few phishing websites were identified, Aeroflot alerted its customers in a statement and via posts on various social networks. CERT-GIB specialists blocked the fraudulent websites their side eliminating the threat to users by the evening of June 6.

A preliminary investigation was conducted into the incident, and all participants in the fraudulent scheme will be identified shortly. It is already clear that they used intellectual property of other owners to misdirect both customers of the airline companies and other well-known brands to third-party websites to generate advertising traffic. The attackers used a partner program, and some of the websites where users were redirected to contained malicious software.

«Incidents where fraudsters use a company’s brand, logos and brand colors, or even completely replicate its website are unfortunately, not uncommon. The company’s reputation may suffer irreparable damage as a result. Our Brand Protection service enables promptly response to criminal activities as we follow many discussions on fraudulent schemes, sale of advertisements for counterfeit products and databases, information collected and searched for insiders in the company in the dark web,» says Dmitry Rusakov, Head of Brand Protection at Group-IB.

The Group-IB Brand Protection service leverages 14 years of experience in combating cybercrime and unique Threat Intelligence. A high-tech monitoring system dedicated to mapping cybercriminals’ infrastructure and interrelations, which allows Group-IB to track websites, mobile applications and ads misusing a company’s brand as well as associated promo tools, i.e. e-mail distributions, contextual advertising, SEO manipulations and bot activities to increase search output. A criminal’s attempts to resume activities are be exposed at domain registration and hosting stage.

Find more info about Group-IB Brand Protection service

Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection. Group-IB Threat Intelligence system was named one of the best in class by Gartner, Forrester, and IDC.

Group-IB’s technological leadership is built on company’s 15 years of experience in cybercrime investigations all over the world and 55 000 hours of incident response accumulated in the largest forensic laboratory in Eastern Europe and a 24/7 CERT-GIB.

Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Group-IB is a member of the World Economic Forum.

Report an incident

24/7 Incident Response Assistance +65 3159-3798

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
Report an incident