Get 24/7 incident response assistance from our global team
Please review the following rules before submitting your application:
1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.
2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.
In this report, we share our key investigative findings and observations, including UNC2891’s tactics, techniques, and procedures.
Learn moreReal-time fraud defense through privacy-preserving collaboration. Patented GDPR-compliant tokenization lets participants exchange suspicious data without exposing PII, turning isolated alerts into network-wide protection
A typical fraud lifecycle involves a 4–8 week warm-up phase before rapid execution. While privacy rules delay traditional sharing until after losses, Cyber Fraud Intelligence Platform detects suspicious activity during this warm-up period, enabling proactive blocking before fraud happens.
Group-IB provides the technology for the Cyber Fraud Intelligence Platform, which participants deploy within
their own infrastructure, maintaining full data control. The system-agnostic, modular framework builds on your
existing setup without costly replacements, turning isolated organizations into a defense network against
coordinated fraud.
Share customer PII across institutions—previously limited by privacy rules. The platform tokenizes phone numbers, device IDs, and account details for network-wide pattern correlation. Our Distributed Tokenization provides privacy protection that hashing methods fail to deliver. Sensitive data stays in your environment, transforming isolated alerts into crime-blocking decisions in real-time.
Group-IB’s Cyber Fraud Intelligence Platform helps
organizations exchange risk signals safely in real time,
predicting and stopping fraud before funds are moved
Group-IB has extensive, hands-on experience in high-tech crime investigation and is an official partner to
international law enforcement agencies. This "detective DNA" is embedded in all our technologies.
Interested in collaborating securely and stopping fraud before losses?
Talk to one of our experts to learn more about Cyber Fraud Intelligence Platform.
A collaborative platform enabling secure, real-time fraud intelligence sharing across participating entities without exposing sensitive data.
Regulators are recognizing that fraud prevention requires collaboration. The UK’s Payment Systems Regulator mandates data sharing to prevent APP scams, Singapore’s MAS launched COSMIC for collaborative defense, and the EU’s proposed PSD3 includes fraud information sharing requirements. The Cyber Fraud Intelligence Platform helps institutions meet these emerging requirements while maintaining GDPR compliance.
Sensitive identifiers never leave your environment. Distributed Tokenization generates irreversible tokens that can be safely shared and analyzed.
Yes. Its microservice architecture connects easily to case management, risk engines, and transaction monitoring tools. It is highly customizable, which means institutions can tailor workflows, risk rules, and integrations to their operational and regulatory needs. There is no need to replace or rebuild your infrastructure.
No. The Cyber Fraud Intelligence Platform is fully data-agnostic and adapts to new fraud schemes without changing its core infrastructure. Each participant runs a Cyber Fraud Intelligence Platform Connector in its secure environment, which can be configured to process new data types, such as IP addresses, device IDs, or shipping details. This flexibility allows the platform to evolve with emerging threats, from APP fraud to loan fraud or e-commerce chargebacks, while maintaining GDPR compliance.
Participants benefit immediately from Group-IB Threat Intelligence and fraud data that prepopulate risk context. Value grows as more institutions connect, but early adopters receive instant access to fraud data from more than 60 global intelligence sources.
No. The platform serves any participating entity: payment providers, e-commerce platforms, telecom operators, crypto services, regulators, and industry associations.
Institutions can start detecting repeat schemes and blocking mule accounts within weeks of deployment.
Yes. It is fully GDPR-compliant and designed for ISO 20022 data-sharing standards, with independent Veritas certification.
Access to broader intelligence enables detection of mule networks, APP fraud, and synthetic identities at early stages. This reduces fraud losses, lowers false positives, and enhances customer trust. It also helps position participating entities as industry leaders influencing wider anti-fraud practices.
Regulators can host the Processing Hub under a custodianship model, gaining systemic oversight without ever handling raw data. This provides national or regional visibility into fraud trends while leaving day-to-day prevention in the hands of participating banks.
