Father
Professional
- Messages
- 2,602
- Reaction score
- 831
- Points
- 113
Partner programs will bring down a flurry of deception on the elderly by Victory Day.
Cybercriminals are launching new large-scale fraud campaigns, timed to coincide with May 9. F. A. C. C. T. experts have discovered new partner programs aimed at older people — including veterans. Over the past week alone, about 1,500 people have fallen victim to phishing pages disguised as the Roskachestvo portal.
The general scheme is quite simple: scammers create fake resources that promise users one-time cash payments from 50,000 to 300,000 rubles. However, to receive funds, victims are offered to pay a "commission", "currency conversion" or pay for "legal services" in the amount of 378 to 1112 rubles. As a result, trusting users lose their money, and malicious users get rich with impunity. According to F. A. C. C. T., the amount of damage is still small, as the sites work for several days.
Scammers borrowed this model from a business, when a partner is paid a reward for a new client. According to F. A. C. C. T. experts, only since the beginning of 2023, 10 active fraudulent partner programs specializing in deceiving Russian Internet users have been identified. The average monthly income of one such scheme is more than 4.3 million rubles.
Most affiliate programs work as follows:
Partners often use auxiliary scripts to hide their activities and automate processes. Some of them check the health of links and automatically change them when they are blocked. Others are engaged in cloaking - disguising phishing resources to hide them from the non-target audience, so that only users who fully meet certain parameters (device, IP, language, etc.) can get to the site.
Partner programs attract cybercriminals thanks to a well-thought-out business model with a clear distribution of roles of participants and the ability to scale the scheme. To attract new partners, administrators implement a variety of motivational programs - bonuses for activity, ratings of top partners, gamification in the form of completing tasks and receiving cash prizes for them. Many programs also offer partners to earn extra money on the referral system.
According to experts of the company F. A. C. C. T., only 4 studied affiliate programs steal more than 17.4 million rubles on average per month by about 23.5 thousand successful payments. The average amount of a single payment is 740 rubles. At the time of the study (June), there were 156 active fraudulent offers on these programs. The maximum number of partners per offer reached 746 people. Interestingly, 87% of offers target Russian-speaking users.
One of the partner programs, launched in Q2 2023, showed a rapid positive trend in the profit of attackers over the summer. If in June it was 908 thousand rubles, then in July it increased by more than 2 times to 2.3 million rubles. And in August, the affiliate program's profit reached 3.1 million rubles.
The TOP 3 most popular fraudulent offers include:
To protect against fraudulent affiliate programs, users are advised to::
Cybercriminals are launching new large-scale fraud campaigns, timed to coincide with May 9. F. A. C. C. T. experts have discovered new partner programs aimed at older people — including veterans. Over the past week alone, about 1,500 people have fallen victim to phishing pages disguised as the Roskachestvo portal.
The general scheme is quite simple: scammers create fake resources that promise users one-time cash payments from 50,000 to 300,000 rubles. However, to receive funds, victims are offered to pay a "commission", "currency conversion" or pay for "legal services" in the amount of 378 to 1112 rubles. As a result, trusting users lose their money, and malicious users get rich with impunity. According to F. A. C. C. T., the amount of damage is still small, as the sites work for several days.
Scammers borrowed this model from a business, when a partner is paid a reward for a new client. According to F. A. C. C. T. experts, only since the beginning of 2023, 10 active fraudulent partner programs specializing in deceiving Russian Internet users have been identified. The average monthly income of one such scheme is more than 4.3 million rubles.
Most affiliate programs work as follows:
- The author of the offer registers a domain, creates a fraudulent website, and hosts it on a hosting service.
- Then they register and go to the affiliate program's website, where they place an offer with the created site and the thematic design of the web page.
- The program administration checks the resource and, upon successful verification, provides phishing forms or payment acceptance forms for embedding in the site.
- Partners choose the offer they like, get a referral link, and attract traffic to it in various ways (mailing lists, advertising in social networks and instant messengers, etc.).
- Payment fraud. In this case, the victim is encouraged to transfer money to criminals on their own under various pretexts. For example, the user wins a prize, but you need to pay a commission to receive it. After paying once, the victim is usually asked to pay something else.
- Phishing form. These offers are initially aimed at stealing personal data, for example, from a bank's personal account or an account in a social network.
Partners often use auxiliary scripts to hide their activities and automate processes. Some of them check the health of links and automatically change them when they are blocked. Others are engaged in cloaking - disguising phishing resources to hide them from the non-target audience, so that only users who fully meet certain parameters (device, IP, language, etc.) can get to the site.
Partner programs attract cybercriminals thanks to a well-thought-out business model with a clear distribution of roles of participants and the ability to scale the scheme. To attract new partners, administrators implement a variety of motivational programs - bonuses for activity, ratings of top partners, gamification in the form of completing tasks and receiving cash prizes for them. Many programs also offer partners to earn extra money on the referral system.
According to experts of the company F. A. C. C. T., only 4 studied affiliate programs steal more than 17.4 million rubles on average per month by about 23.5 thousand successful payments. The average amount of a single payment is 740 rubles. At the time of the study (June), there were 156 active fraudulent offers on these programs. The maximum number of partners per offer reached 746 people. Interestingly, 87% of offers target Russian-speaking users.
One of the partner programs, launched in Q2 2023, showed a rapid positive trend in the profit of attackers over the summer. If in June it was 908 thousand rubles, then in July it increased by more than 2 times to 2.3 million rubles. And in August, the affiliate program's profit reached 3.1 million rubles.
The TOP 3 most popular fraudulent offers include:
- offers that simulate lotteries and prize draws;
- schemes with cryptocurrencies that promise free coins or double the invested funds, as well as a new type of fraud-crypto drainers that steal digital currency from victims through a phishing transaction;
- pseudo-sweepstakes are supposedly from well-known brands and marketplaces, where you pay a commission to get a prize.
To protect against fraudulent affiliate programs, users are advised to::
- Check the domain name of the site where you are located. Use Whois services to determine the domain creation date. If the site pretends to be a popular brand, but was created recently, this should alert you.
- Don't enter personal and payment information on suspicious resources;
- Be skeptical about online advertising even on verified sites, as it can lead to phishing pages.