Table of contents
Scalpers who scalp votes are getting more and more crazy
A surge in malicious web crawlers
The increasingly rampant wool party
An endless stream of new risks
Business risks present four trends
Statistics from the "Business Risk Data for 2023" of the Defense Cloud Business Security Intelligence Center show that malicious crawlers have the highest risk, accounting for 37.8% of the total; followed by false account registration, accounting for 18.79%; ranking third is wool harvesting, accounting for 11.28%; people Face recognition risks and face forgery risks have gradually emerged, reaching 1.45%; in addition, other types of risks (loan fraud, cash out, account theft, copycat apps) accounted for 30.67%.
Other types of risks account for as high as 30.67% of all business risks. Other risks include loan fraud, cash out, money laundering, account theft, copycat apps, etc.
Scalpers who scalp votes are getting more and more crazy
As people's demand for cultural performances, sports events, large-scale exhibitions and other activities continues to increase, the number of tickets for events is relatively limited, resulting in an increasingly prominent contradiction between supply and demand. Scalpers use network technology, artificial intelligence and other means to snap up a large number of tickets through false identity information, machine ticketing, etc., and make huge profits by reselling them at increased prices. This has further led to a surge in the contradiction between supply and demand, diversification of vote scalping methods and other factors, and the price of scalper scalping has continued to rise.
Hard-to-get show tickets
In 2023, various data in China's performance market will continue to rise. Young users have gradually become the main consumption force in the performance market. New formats and new space performances that meet the needs of young consumers for viewing performances have increased significantly.
Jay Chou's concert in Tianjin was sold out in less than 30 seconds, with more than 130,000 tickets sold out . Many netizens have complained about being unable to grab tickets, and at the same time, "scalpers" have raised ticket prices to outrageous levels. Some tickets in the first three rows of the infield are said to sell for 19,800 yuan. Some people even priced a ticket with a seat originally priced at 2,000 yuan at 150,000 yuan. A similar situation also occurred at the TFBOYS 10th Anniversary Xi'an concert. More than 5.2 million people wanted to attend the concert, and the tickets were sold out immediately after they went on sale. However, no matter what measures are taken, ticket scalping cannot be completely eliminated.
Museum tickets that cannot be reserved
Museums are important places to display human civilization and history, and are also an effective way to improve public literacy and knowledge. After the epidemic is reopened in 2023, many people want to enter the museum in person to feel the atmosphere of history and learn the essence of culture. Many parents also want to take their children to museums to increase their knowledge and interests.
Some museums release 1,000 tickets from time to time, but they are all sold out in just 26 seconds, and even about 500 tickets are sold out in less than 3 seconds . A platform that claims to be able to provide ticket sales services for 200 museums across the country claims to be an "official ticket source, with tickets available every day" and each ticket requires a payment of at least 89 yuan.
Museums across the country that require reservations, especially the popular Internet celebrity museums, are basically attacked by "ticket dealers" and "scalpers". They use various means to reserve places in advance and then sell them to tourists at a higher price, resulting in a situation where the supply of tickets exceeds demand and makes the museum, which was originally free and open, a profit-making tool for "scalpers".
Sell air tickets at 30,000 feet
In 2023, the demand and supply of international flights in China will fully recover. Many people want to take advantage of this opportunity to go to the country they want to visit, experience different customs, expand their horizons and abilities, or reunite with relatives and friends. This has caused tension in international flights, and many people need to book in advance or use a ticket agency to buy tickets.
Dingxiang Defense Cloud Business Security Intelligence Center BSI-2023-ivru intelligence shows that small "ticket agents" create web crawler programs, steal airline ticket checking interfaces, and illegally grab flight information on airline B2C websites or official apps and other platforms , not only consumes a large amount of airline bandwidth resources, but also wastes aviation query fees, and also generates a large number of false queries, causing airlines to misjudge flight demand.
In addition, small "ticket agents" use malicious web crawlers to grab flight ticket information, and then use any passport information to book route tickets. Within the booking and payment period allowed by the airline, they resell them to passengers who really need to buy tickets at a higher price. This kind of "ticket scalping" behavior not only harms the legitimate rights and interests of consumers, but also seriously disrupts the normal operations of airlines.
In addition to selling high-priced tickets, many "ticket agents" also sell "mileage redemption" tickets on communities, e-commerce, and social media. "Mile redemption" tickets are also called point tickets, and their origins can be complex. In fact, they use points from airline membership accounts to redeem air tickets. Criminals even use other people's credit cards to buy tickets, and then sell them to unsuspecting passengers as mileage tickets.
Greedy hospital account dealer
The epidemic has had a huge impact on people's health and lives. It has made people aware of the fragility and preciousness of life. It has also made people more concerned about the health of themselves and their families, more eager to enjoy the fun of life, and more pursuing personalized and quality products. lifestyle.
The Dingxiang Defense Cloud Business Security Intelligence Center monitored and found that since November 2022, the high-quality account sources of multiple registration platforms have always been snatched up, and patients who want to get an expert account can only go through "account dealers" hand. "Account dealers" hoard high-quality account sources through cheating methods, and then resell them at high prices to make a profit. This behavior caused the registration website to be unable to register normally, seriously disrupted the medical order, and would even lead to serious consequences of batch leakage of platform user information.
The scalper team has professional registration equipment and account grabbing software, and earns service fees by grabbing accounts on their behalf. They have their own marketing personnel who conduct transactions through social software such as Weibo, WeChat, and QQ. They also open a WeChat public account where they can directly sell registration services and maintain long-term customer relationships.
A surge in malicious web crawlers
Arkose Labs released the "Malicious Crawler Report" for the third quarter of 2023, which shows that in the third quarter of 2023, malicious crawler programs and fraudulent traffic accounted for 73% of Internet traffic . Malicious crawlers are used for a variety of purposes, primarily to steal data, defraud users, or disrupt services. It has brought huge losses and risks to various fields, some are cross-industry, and some are industry-specific.
Steal e-commerce platform data
The e-commerce industry is also the industry most vulnerable to web crawler attacks, which poses a particular threat to cross-border e-commerce. Web crawlers are automated programs that can crawl a large amount of information from a website for analysis and processing in a short period of time. Web crawlers can not only obtain key information of businesses and breed counterfeit websites, but also collect sensitive information of users, posing a serious threat to users’ property security and privacy. At the same time, crawler attacks will also disrupt normal promotional activities and cause irreversible damage to merchants' reputation.
Grab tickets on popular flights
Dingxiang Defense Cloud Business Security Intelligence No. BSI-2023-038g shows that since September 7, an airline’s B2C official website orders have increased fourfold. A large number of newly added transactions only place orders but do not pay, which is a typical false occupancy attack. The data shows that the criminal gang’s attack behavior is clearly reflected in the order time, order quantity, route and specific IP address.
Plagiarism of original social media content
According to data from Dingxiang Defense Cloud Business Security Intelligence Center , fraudsters use registration machines to conduct large-scale automated account registration. and developed malicious web crawler software to steal original content. The stolen data includes user information and user-generated articles, pictures, videos and other content. This kind of theft not only infringes the intellectual property rights of users, but also has a serious impact on the content quality and user experience of social media platforms.
What is even more worrying is that fraudsters use AI technology to fabricate false information. The spread of such false information not only misleads users, but also poses a serious threat to the credibility and credibility of social media platforms. In addition, fraudsters also create a large number of accounts pretending to be well-known figures to attract fans and conduct promotion, promotion and fraud activities.
Illegal misappropriation paid consultation report
Information No. BSL-2022-a3c28 from the Dingxiang Defense Cloud Business Security Intelligence Center shows that black and gray products obtained viewing and downloading permissions through cheating, bypassed restrictions and downloaded report data in large quantities, and resold it for profit through certain channels.
The analysis report data itself is part of the consulting company's property. When the report data is leaked, this part of the data assets is equivalent to being handed over to others, which will pose a threat to the company's competitiveness, and when the company's official channels are not the only way to obtain data reports , will indirectly reduce the company's revenue, and will have a direct impact on the company's user loss and economic interests.
The increasingly rampant wool party
With the continuous development of the Internet economy, the preferential activities of various platforms will become more abundant and diverse, and will also provide more opportunities for illegal wool harvesting. Black production gangs will use artificial intelligence, big data and other technologies to conduct precise analysis of preferential activities on various platforms, and use more covert means to formulate more effective strategies to harvest wool.
An event, mostly woolly parties
According to the business security intelligence of Dingxiang Defense Cloud with the number BSI-2023-rutq , an e-commerce platform launched a high discount coupon benefit in order to attract popularity and promote sales, and all registered users can receive it for free. At the same time, in order to further expand the scope of influence, it was also shared to the WeChat group with one click to attract more people to participate in the coupon collection activity. As more and more people join the ranks of flash sales and coupon hoarding, wool gangs also begin to use cheating methods to hoard coupons, and then sell the coupons they grab at low prices to make profits, thus causing huge economic losses to the platform and merchants.
This e-commerce company has three flash sales events a day. Within 15 minutes of the flash sale event, the Woolies began to gather, and the peak reached 95. Within 5 minutes before the start, the wool party account reached a maximum of 84.15%. After the flash sale event ended, the activity volume of the wool party dropped sharply, and the risk volume accounted for only about 6.84%.
A new game that makes the biggest profit by reselling accounts
Information from Dingxiang Defense Cloud Business Security Intelligence Center No. BSI-2023-9cx2 shows that on June 26, 2023, a well-known mobile game was opened for pre-download. In order to grab the characters of their favorite regions, 45 million players rushed into more than 30 servers after leaving the room at 10:30 in the morning.
The very next day, June 27, a large number of products for the mobile game account suddenly appeared on a certain second-hand trading platform. The account nicknames not only include Tianxian, Xiang'er, Ah Hai, Xiao Xin, etc., but also the names of many celebrities and artists. Nickname account. The selling price of accounts ranges from a few hundred to tens of thousands of yuan, and even an account named "Baby" was sold for 500,000 yuan.
Mini program promotion without any real users
According to the intelligence monitoring of Dingxiang Defense Cloud Business Security Intelligence Center BSI-2023-ugwf , in order to increase the number of users, enhance user activity and attract more users to share and fission secondary dissemination, a new media applet launched a reading check-in Receive red envelope activities. This activity has set up multiple award levels. For example, if you check in for 7 consecutive days, you can receive a cash red envelope of 2.8-18 yuan, and if you check in for 14 consecutive days, you can receive a reward of 20-50 yuan.
However, this activity encountered a problem. Malicious users registered a large number of fake accounts and controlled the accounts in batches to log in to receive red envelopes. This resulted in a large number of red envelopes being maliciously snatched, and normal users were unable to obtain the rewards they deserved. At the same time, promotion funds were wasted in vain.
An endless stream of new risks
With the rapid development of artificial intelligence, big data and other technologies, criminal gangs can use these technologies to upgrade traditional criminal methods and develop new criminal methods. For example, AI forgery technology can generate realistic false documents, documents, etc. Express hairy crab gift card fraud takes advantage of people's habit of express delivery and disguises fraud information as express delivery information to deceive victims.
Mobile phone screen sharing, bank balance emptied
Analysis by Dingxiang Defense Cloud Business Security Intelligence Center found that scammers often pretend to be "public prosecutors" or bank staff who cancel campus loans, platform customer service staff, etc., to induce victims to use the "share screen" function in online conference videos. Once the victim uses this function, even if the fraudster does not actively ask, he can see all the information on the victim's phone, including the characters that jump when entering the password, the verification code received, etc., and then transfer the funds in the victim's card.
Ms. Geng, who works in Dalian, Liaoning, received a call from a person who claimed to be a "policeman from the Dalian Public Security Bureau", saying that he was involved in a fraud case in Guangzhou and asked her to contact the Guangzhou police. After Ms. Geng added the so-called "Guangzhou police officer"'s WeChat account, the "police officer" sent Ms. Geng a "wanted order" and asked Ms. Geng to cooperate with the investigation, otherwise "coercive measures" would be taken. Subsequently, the other party made a video call with Ms. Geng, saying that due to the need to handle the case, Ms. Geng was required to provide a "security deposit" and put all the deposits into a bank card, and then transfer the money to a "safety account."
Remotely steal ETC cards
Information No. BSL-2022-a3c32 from Dingxiang Defense Cloud Business Security Intelligence Center shows that black and gray products obtained a large number of car company user login accounts through credential stuffing, password blasting, etc., and logged in in batches to crawl personal information in the accounts, including account binding. Determine the email address, mobile phone number, number of points, registration time and other information, and then sell the successfully obtained data for cash through trading platforms such as the dark web.
Such behavior not only causes users to have distrust in the company, damages the company's reputation, and causes the loss of users, but also causes the company's stock price to drop, high-level turmoil, affects normal business operations, and even worse, causes the company to face risks such as litigation.
Receiving hairy crab gift cards is a trap
On October 7, actor Sun Yizhou posted on Weibo, "I received a crab card by express delivery. I thought it was from a friend. I scanned it and felt something was wrong. I searched again and found that it seemed to be a scam! These are beautifully packaged. After the crab card is opened, there will be the words "scan the code to collect". After scanning the code, most of them are operations such as "join the group and then receive the gift", "guide you to download the app" and "do the task". Some netizens said that they Many people in Bohe Moments have been tricked one after another.
The police said that this kind of "unknown express delivery" is actually a new type of fraud. Criminals deliver hairy crab redemption cards, wet wipes, mobile phone holders, etc. on a large scale. On the pretext of receiving prizes, they guide the victims to scan codes to enter phishing websites or communities, and then To commit fraud, consumers should be vigilant and never scan QR code cards in unknown packages.
AI changes face and voice, making it difficult to distinguish true from false
The police reported multiple cases of telecommunications fraud using intelligent AI technology.
According to publicly disclosed information, in this telecom fraud case, the scammer conducted a long period of observation and information collection on the victim, and had a detailed understanding of the victim’s family, work, social relationships, whereabouts, trajectory, habits, daily routine, etc. A relatively clear understanding, and then using counterfeit accounts, synthetic voices, AI face-changing and other methods to carry out fraud. It is a targeted APT attack that uses a variety of social engineering methods.
Create fake accounts. Add the victim's social account, download the social account avatar, and copy the friend circle and information updates posted by the victim in real time, then simultaneously create a counterfeit account of the victim, and add the victim's friends, classmates, and colleagues as friends through various methods .
AI sound synthesis. The victim's voice is extracted through phone recordings, communication video voices, etc., and then the voice is synthesized through AI, so that the victim's voice can be faked.
AI technology changes faces. Through deep forgery technology, it is also possible to replace faces in video/image content, and even use algorithms to manipulate and replace the victim's facial expressions, and then confirm the information through video to gain the trust of the other party.
Business risks present four trends
Analysis by Dingxiang Defense Cloud Business Security Intelligence Center found that business risks in 2023 will present the following four trends.
AI technology makes fraud more complex. The use of AI to create fake news, fake news, fake accounts, fake voices, fake pictures, etc. has an increasingly serious impact on society. Such false information will not only mislead the public's perception and judgment, but also undermine social trust and order, and even trigger panic and violence.
Fraud based on technology + social engineering is on the rise. Criminals deliver hairy crab redemption cards, wet wipes, mobile phone holders, etc. on a large scale. On the pretext of receiving prizes, they guide victims to scan codes to enter phishing websites or communities, and then commit fraud. This kind of fraud combines technical and psychological operations and is difficult to prevent and see through.
CaaS threats have driven a significant increase in cyber fraud. "Crime as a Service" (CaaS) allows those with attack intentions but no skills to easily launch attacks using one-stop attack services; for those who provide attack services, they manufacture and sell attack products , attack services, and you can easily enjoy simple, fast and repeatable continuous benefits. CaaS reduces the threshold and cost of black and gray attacks, increases the scale and efficiency of online fraud, and makes businesses face greater security challenges.
Black and gray attacks are becoming more frequent. In the economic change cycle, more and more people are resorting to any means to pursue interests, resulting in the intensification of black and gray cyber attacks.