Cybercriminals are increasingly utilizing specialized mobile Android OS device impersonation tools to circumvent anti-fraud controls and impersonate compromised account holders.
According to a new report by Resecurity’s Hunter Threat Intelligence division, this new trend poses significant challenges for online banking, payment systems, advertising networks and online marketplaces around the world.
“Desktop-based detection prevention browsers have been used by attackers to evade account bans and manipulate systems since at least 2014, but the emergence of hostile mobile OS-based tools has It represents a new frontier for criminal innovation,” the company wrote.
Mobile anti-detection tools allow fraudsters to exploit stolen cookie files, manipulate device identities, and take advantage of victims’ unique network settings with astonishing efficiency. Cybercriminals can also impersonate legitimate customers to gain access to compromised accounts and carry out fraudulent activities without detection.
Impersonation Attack Details: Scammer impersonates Meta in Facebook campaign with 3200 profiles
“Hunter researchers first provided vetted members with access to XSS (Russia’s top cyber crime forum on the dark web) and specialized attack kits frequently used to steal online banking. We have gathered information about these tools from various underground communities, including several private telegram groups that are fraudulent,” the report reads.
These tools work by modifying the data parameters that anti-fraud solutions rely on to authenticate customer identities and identify device fingerprints. By circumventing these controls, cybercriminals can effectively target banking websites, e-commerce portals, and other online marketplaces to carry out online identity fraud.
Resecurity warned that as mobile-based anti-detection tools become more prevalent, the risk of fraudulent attacks by sophisticated attackers abusing anti-fraud techniques will increase.
“Mobile clients are a known ‘blind spot’ for most anti-fraud providers,” the company writes. “Financial Institutions (FIs) are trying to balance customer security and ease of use, ultimately allowing customers to use a variety of payment and investment services without being blocked.”
To meet these challenges, organizations must develop enhanced fraud mitigation controls and stay up to date with the latest trends in cybercrime.
“Stakeholders at financial institutions, payment providers and online retailers will continue to stay abreast of the latest fraud trends and strive to develop better, risk-based mitigations that enhance fraud prevention and consumer protection. should,” concludes the report.
The publication of this document comes months after Armorblox revealed a new business email compromise (BEC) scheme.
