“Yula” spun scammers // Free classified ads have exploded in imitators

In the first quarter, the number of fraudulent sites imitating free message boards has grown tenfold compared to the same period in 2020, according to Kaspersky Lab and Yulia. The pandemic has spurred the use of such services, and the threshold for entering fraud on such sites has decreased, experts say.

Kommersant got acquainted with the joint report of Kaspersky Lab and the free classifieds service Yula on the fight against fraudsters for the first quarter. It follows from it that in three months of 2021, Kaspersky Lab blocked more than 2.5 million attempts by users to click phishing links in the e-commerce segment in Russia. At the same time, the company estimates that the number of phishing pages mimicking message boards has grown tenfold compared to the same period in 2020.

In the first quarter, Yula blocked 1,400 fraudulent resources copying its website, the company said. As a rule, scammers create pages disguised as the Safe Deal service and send them to victims in third-party messengers. When you click on such links and enter bank card data, the money is debited, and the attackers disappear. The main problem that Yulia had to deal with in the first quarter was automated parsing of phones (collection of data from open sources). In April, this led to an increase in calls to the support service by 23%, the company notes, but they assure that they quickly dealt with the problem.

Avito said that in April the company managed to reduce by 50% compared to March the number of users whom scammers managed to deceive with the help of phishing schemes. For this, additional scoring was introduced (assessment of the reliability of users), specified in Avito.

After the outbreak of the pandemic, classifieds (message boards) became more in demand, since even those who had not previously considered such an opportunity were forced to use various online services, Kaspersky Lab noted. “Not only the process of choosing goods has become habitual, but also remote communication, calculations and registration of necessary services. This, as well as the low digital literacy of potential victims, was often used by cybercriminals, ”the company argues.

Since the beginning of 2020, Infosecurity a Softline company has identified more than 2 thousand phishing resources associated with fraud at Avito and Yulia, said CEO Kirill Solodovnikov. “Throughout the year, phishing sites have been actively developing, improving the mechanisms of operation, and expanding the geography of fraud,” he said.

The popularity of fraud on Avito and Yulia is due to the fact that such a criminal scheme spreads according to the CaaS principle – Cybercrime as a Service, according to which some people create advanced tools for committing crimes and provide people with the opportunity to use them without special technical knowledge, explains Kirill Solodovnikov. An analysis of thematic Telegram channels shows that up to 80% of the community members devoted to fraud on trading platforms are minors, he said. “Although the amount of theft is usually small within each episode, their mass character allows the organizers to receive a consistently high income,” the expert adds.

Victims are lured to phishing pages through mailing lists for “profitable sales” on ad sites or through social networks, says Igor Bederov, head of Internet-Search. But in his opinion, it is possible to recognize the criminals: they provide a link for the transition that only partially imitates the original site.

Anastasia Gavrilyuk

Leave a Reply

Your email address will not be published. Required fields are marked *