Rapid Increase in Scams and Phishing in MENA Region
Group-IB has released a report called “Digital Risk Trends,” which provides an analysis of two prevalent cyber threats: scams and phishing. The report reveals a significant increase in scam activities, with the average number of scam resources per brand more than doubling globally in 2022 compared to the previous year. In the Middle East and Africa region, this increase was even more pronounced, reaching 135% year-on-year. Moreover, the number of phishing websites detected in 2022 was over three times higher than in 2021.
Group-IB highlights the role of social media in the proliferation of scams, with scammers leveraging platforms to engage with victims. The MEA region saw the highest proportion of scam resources shared on social media, particularly targeting companies in the oil and gas, financial, and banking sectors.
The research utilized Group-IB’s Digital Risk Protection platform, which employs neural networks and machine-learning algorithms to monitor online resources and provide comprehensive coverage against digital risks to brand identity and intellectual property.
Scams and phishing are distinguished in the report, as scams involve attempts to deceive victims into voluntarily giving up money or sensitive information, while phishing focuses on stealing personal information. Scams accounted for 57% of financially-motivated cybercrime in 2021, surpassing phishing, ransomware, malware, and DDoS attacks. The financial sector experienced a dramatic increase in scams, with a 186% rise in scam resources per financial brand in 2022. Other sectors targeted include oil and gas, manufacturing, lotteries, and retail.
Automation plays a significant role in the surge of scam activities, enabling threat actors to scale their operations more quickly and evade countermeasures. The use of AI-driven text generators further enhances the effectiveness of scam and phishing campaigns. Classiscam, a scam-as-a-service scheme discovered by Group-IB, exemplifies the increasing automation trend. It initially emerged in Eastern Europe and has spread globally, with 1,366 Classiscam groups identified, carrying out more than 486,000 attacks and causing at least $64 million in financial damage.
The report also highlights the prevalence of scam resources hosted on domains like .tk, .gq, and .ml, indicating the growing impact of automation in the scam industry.
Overall, the report underscores the escalating threat of scams and phishing, urging organizations to enhance their digital risk protection measures to mitigate the growing risks to brand reputation and financial losses.