The More Things Change, The More They Stay The Same
Social Media’s Influencer Woes, Fake Reviews, and a Breach in the Insurance Field. This Week in Fraud, August 9, 2019.
It’s been said before; the more things change, the more they stay the same. Based on the news we keep seeing about social media platforms, the maxim continues to be regrettably accurate.
As but one example, let’s journey back in time five years. What do we find?
How to Respond & Report Fake Reviews On Google, Yelp & Facebook
How to Spot a Fake Online Review
Back up here in the present, this, from TechCrunch, this week:
“Facebook has failed to clean up the brisk trade in fake product reviews taking place on its platform, an investigation by the consumer association Which? has found. In June both Facebook and eBay were warned by the UK’s Competition and Markets Authority (CMA) they needed to do more to tackle the sale of fake product reviews.”
As we learned from ZDNet this, fraud takes many forms on social media, and unfortunately, a heavy price is being paid:
“The scale of fraud in the emerging influencer market is far higher than we realize, according to a new report … Globally, influencer marketing spend is up to $8.5 billion in 2019, and the industry is forecast to hit up to $10 billion in 2020, according to research by Mediakix … Left unchecked the level of fraud in campaigns is expected to reach $1.5 billion by 2020.”
The question of whether dating sites are a form of social media remains an open one but based on the news from Forbes this week; they certainly share one key characteristic — costly fraud:
“The FBI has issued a warning for Americans to be wary of ‘confidence/romance scams,’ after the Bureau saw a 70% annual rise in reported fraud, where dating sites were used to trick victims into sending money, purchasing items or even laundering or muling money for people met online. The shift from basic fraud to money laundering is a significant worry for U.S. law enforcement and represents a nasty twist in the age-old problem of romance scams … In 2018, more than 18,000 complaints were received with losses totaling more than $362 million.”
If there’s one thing we know about modern fraudsters, it’s that they’re omnivorous. They’ll attack any platform, in any field, if there’s money to be had there. Some fraudsters attack all of them. From DarkReading, this week, comes this story, about a spoofing campaign mimicking … well … all sorts of things!
“While spoofing is not a new threat, Corin Imai, senior security adviser for DomainTools, says the number of domains in this campaign, coupled with the attackers’ ability to mimic the look and feel of target websites, signifies a group with both the resources and sophistication to launch a large campaign. There is sufficient traffic to these sites to warrant a further investigation into how many people are submitting their data. Security pros may be likely to check the domain of a suspicious- page, but consumers may not.”
Not only are modern fraudsters omnivorous, but they’re also agile and adaptive — they’ll use any technique they can to execute their crimes, and they vary their attack types frequently. DataVisor reported recently on a newly-emerging attack type knows as credential stuffing …
… and this week, we can see from Threatpost that this technique is now being used in the insurance field:
“State Farm Insurance is notifying customers that accounts have been compromised by hackers in a credential-stuffing attack … In the notification, the insurance giant said that it reset user passwords after it ‘recently detected an information security incident in which a bad actor used a list of user IDs and passwords obtained from some other source, like the Dark Web, to attempt access to State Farm online accounts. During our investigation, we determined that the bad actor possessed the user ID and password for your State Farm online account.’”
In a funny twist, if we again go back five years, we can discover Facebook and Insurance in a story together! Fortunately, this story has a good ending:
“A Phoenix woman, who was paid $26,500 by Travelers Insurance Company after she claimed she lost her wedding rings while swimming in the Pacific Ocean, pled guilty to two counts of insurance fraud. The fraud was uncovered, in part, by a Facebook photo showing her still wearing the distinctive rings after they were supposedly lost.”
Please join us next week for another episode of This Week in Fraud Trends!
