×

Irish Information Security Forum

Scam Website Campaign Likely to Evade Detection

Source: Recorded Future
Release Date: July 2024

 

“ERIAKOS” Scam Website Campaign Screens Victims Based on Mobile and Ad Access

As of April 17, 2024, Recorded Future’s Payment Fraud Intelligence team identified a network of 608 scam e-commerce websites, listed in the Appendix of this report, that a single threat actor/group likely coordinated as part of the “ERIAKOS” scam e-commerce campaign targeting Facebook users. Recorded Future named this campaign after the content delivery network (CDN) oss[.]eriakos[.]com used for each scam website in the campaign.

 

The scam websites used brand impersonation and malvertising tactics, techniques, and procedures (TTPs) to lure victims before stealing their financial and personal data via fraudulent transactions. Notably, the scam website domains only presented their fraudulently branded scam websites when accessed via a mobile device and ad lure — likely a strategic move to avoid detection by automated scanners and our first direct observation of such a TTP.

 

Recorded Future identified merchant accounts directly linked to a portion of scam websites in the campaign and business information indirectly linked to the scam websites via their merchant accounts. These merchant accounts accepted payments from major card networks, and Chinese payment service providers (PSPs) processed transactions for the scam websites.

 

For financial institutions, this scam campaign presents a risk of financial fraud, specifically through chargeback disputes and irrecoverable financial losses. For impersonated businesses, the brand impersonation tactic employed in this campaign presents a reputational risk, especially among affected victims.

 

To reduce the threat posed by scam websites, blocklist the suspicious merchant accounts Recorded Future enumerate in this report and block all associated customer transactions or authorizations. Additionally, monitoring for customer transactions with likely scam merchant accounts using Payment Fraud Intelligence can reduce the risk of brand impairment and financial fraud, respectively. Recorded Future details more mitigation strategies in the report (below)s Mitigations section.


Read the full Report

scam websites screen users via mobile ad access

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter