The scam websites used brand impersonation and malvertising tactics, techniques, and procedures (TTPs) to lure victims before stealing their financial and personal data via fraudulent transactions. Notably, the scam website domains only presented their fraudulently branded scam websites when accessed via a mobile device and ad lure — likely a strategic move to avoid detection by automated scanners and our first direct observation of such a TTP.
Recorded Future identified merchant accounts directly linked to a portion of scam websites in the campaign and business information indirectly linked to the scam websites via their merchant accounts. These merchant accounts accepted payments from major card networks, and Chinese payment service providers (PSPs) processed transactions for the scam websites.
For financial institutions, this scam campaign presents a risk of financial fraud, specifically through chargeback disputes and irrecoverable financial losses. For impersonated businesses, the brand impersonation tactic employed in this campaign presents a reputational risk, especially among affected victims.
To reduce the threat posed by scam websites, blocklist the suspicious merchant accounts Recorded Future enumerate in this report and block all associated customer transactions or authorizations. Additionally, monitoring for customer transactions with likely scam merchant accounts using Payment Fraud Intelligence can reduce the risk of brand impairment and financial fraud, respectively. Recorded Future details more mitigation strategies in the report (below)s Mitigations section.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more