A sophisticated information-stealing fraud network that lures victims to fake web shops via malicious Facebook ads has been uncovered by security researchers.
Dubbed “Eriakos” after the content delivery network (CDN) used by the threat actor, the campaign exclusively targets mobile devices and users, with the scam websites only accessible via malvertising in order to evade security scanners, said Recorded Future.
The specialist in threat intelligence claimed to have discovered 608 fake e-commerce websites controlled by a single person or group.
According to the report’s explanation, “Merchant accounts and related domains linked to the scam websites are registered in China, indicating that the threat actors operating this campaign likely established the business they use to manage the scam merchant accounts in China.”
“Through transactions with linked merchant accounts, the scam campaign was designed to steal victims’ funds, card data, and personal information. We found scam e-commerce websites that combined brand exploitation with offers that expire quickly, likely to make victims feel like they have no time to waste.
Even if some of the advertisements associated with a single fraudulent website are blocked by Facebook’s filters, others reach their victims because the threat actor sends out dozens of them.
“The fact that the actual scam domains only lasted a short time suggests that the advertising campaigns were likely designed to also only last a short time, indicating that the perpetrators intended to quickly entice and defraud their victims. Recorded Future explained, “When scam advertising campaigns are operated at scale, as was the case for this campaign, this tactic is more likely to be effective.”
“Whether or not the ads are detected and blocked promptly, the concurrent presence of over 100 ads for a single domain of a scam website on the same platform is likely to attract victims to the linked domains.”
The campaign, according to the report, takes on the personas of two well-known brands: a significant online e-commerce platform and a manufacturer of power tools.
Eriakos was discovered on April 17 and continues to exist today, though its beginning date is unknown.
