20 June

Group-IB protects tens of thousands of social media users against fraud

Group-IB blocks fraudulent websites offering social network users ’free tickets’ masquerading as Aeroflot and other major airlines

Group-IB, one of the global leaders in providing high-grade Threat Intelligence and best in class anti-fraud solutions vendor, has helped to protect tens of thousands of people from criminals using recognized airlines’ logos for fraudulent schemes. Existing and future customers of airline companies were saved from potential implications of the attack by the joint effort of the information security service at Aeroflot and Group-IB’s Brand Protection team.

The first posts abusing the airlines’ logos appeared on social media on Sunday, June 4. Aeroflot was one of the 19 brands compromised as part of this global fraud scheme. The affected brands include major international airline companies, luxury brands and several chain stores offering online sale services: Virgin America, Delta Air Lines, Lufthansa Rolex, Spar, Tesco and others. Obviously, the attack was targeted at Western users — this can be inferred from the list of compromised brands, and from the fact that the Russian translation on the fake websites was done unprofessionally showing incorrect language usage.

Once the first few phishing websites were identified, Aeroflot alerted its customers in a statement and via posts on various social networks. CERT-GIB specialists blocked the fraudulent websites their side eliminating the threat to users by the evening of June 6.

A preliminary investigation was conducted into the incident, and all participants in the fraudulent scheme will be identified shortly. It is already clear that they used intellectual property of other owners to misdirect both customers of the airline companies and other well-known brands to third-party websites to generate advertising traffic. The attackers used a partner program, and some of the websites where users were redirected to contained malicious software.

«Incidents where fraudsters use a company’s brand, logos and brand colors, or even completely replicate its website are unfortunately, not uncommon. The company’s reputation may suffer irreparable damage as a result. Our Brand Protection service enables promptly response to criminal activities as we follow many discussions on fraudulent schemes, sale of advertisements for counterfeit products and databases, information collected and searched for insiders in the company in the dark web,» says Dmitry Rusakov, Head of Brand Protection at Group-IB.

The Group-IB Brand Protection service leverages 14 years of experience in combating cybercrime and unique Threat Intelligence. A high-tech monitoring system dedicated to mapping cybercriminals’ infrastructure and interrelations, which allows Group-IB to track websites, mobile applications and ads misusing a company’s brand as well as associated promo tools, i.e. e-mail distributions, contextual advertising, SEO manipulations and bot activities to increase search output. A criminal’s attempts to resume activities are be exposed at domain registration and hosting stage.

Find more info about Group-IB Brand Protection service

Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, headquartered in Singapore. The company’s threat intelligence and research centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), Europe (Amsterdam), and Russia (Moscow).

Group-IB’s Threat Intelligence & Attribution system has been named one of the best in class by Gartner, Forrester, and IDC. Group-IB’s Threat Hunting Framework (earlier known as TDS) intended for the proactive search and the protection against complex and previously unknown cyberthreats has been recognized as one of the leaders in Network Detection and Response by the leading European analyst agency KuppingerCole Analysts AG, while Group-IB itself has been recognized as a Product Leader and Innovation Leader. Gartner identified Group-IB as a Representative Vendor in Online Fraud Detection for its Fraud Hunting Platform. In addition, Group-IB was granted Frost & Sullivan’s Innovation Excellence award for its Digital Risk Protection (DRP), an Al-driven platform for identifying and mitigating digital risks and counteracting brand impersonation attacks with the company’s patented technologies at its core.

Group-IB’s technological leadership and R&D capabilities are built on the company’s 18 years of hands-on experience in cybercrime investigations worldwide and 70,000 hours of cybersecurity incident response accumulated in our leading forensic laboratory, high-tech crime investigations department, and round-the-clock CERT-GIB. Group-IB is a partner of Europol.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to fight high-tech crime while protecting our clients in cyberspace and helping them achieve their goals. To do so, we analyze cyber threats, develop our infrastructure to monitor them, respond to incidents, investigate complex high-tech crimes, and design unique technologies, solutions, and services to counteract adversaries.

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
Report an incident