Andrey Busargin: The shadow segment of the digital world is growing year by year

Cyber criminals have become more active prior to the upcoming Russia World Cup 2018. However, football fans are not the only ones to suffer from phishing websites – big companies also do. Speaker of RGW-2018, director of brand protection and intellectual property department of Group-IB Andrey Busargin explains how to protect your brand against online fraudsters, and tells about the means of communication between Internet pirates and online casinos.

Interviewer: Russian Gaming Week (RGW)
Speaker: Andrey Busargin (A.B.)

RGW: Gambling revenues reach millions of dollars, making the gambling business attractive for investors as well as criminals. In your opinion, what poses a threat for companies engaged in online betting and gambling activity?

A.B.: Our company Group-IB has been dealing with fraud prevention and investigation in the high technology sector for 15 years. We can see that the organized crime goes online. The shadow segment of the digital world is growing year by year, meaning that the risks for business and customers are increasing. The main online threats to any brand include online frauds (misuse of trademark), information attacks, illegal online sales, and Internet piracy. The losses are substantial – the average damage of one Russian company, for instance, from fake websites equals to 1.5 million rubles. By counterfeiting websites, mobile applications, or accounts of brands in social networks, fraudsters exploit people’s trust in well-known companies and steal money and user data. Damage caused by phishing was estimated at more than 235 million rubles (in the period from Н2 2016 to Н1 2017). Not only buyers suffer, as brand owners risk losing customers, receiving tons of negative feedback, or even legal notices.

RGW: Very soon, the FIFA World Cup will kick off in Russia. Your company has registered a vigorous activity of fraudsters on the Internet. In your opinion, what should we beware of?

A.B.: For many fans, the big sports event can be clouded by actions of cyber criminals. We are witnessing the growth in the number of domain registrations that illegally exploit the topic of the 21st FIFA World Cup. In three months, the number of such domains increased by 13.5% and currently amounts to 42 thousand (the yearly growth of 40%). Domain names include such words as FIFA, Russia, WorldСup2018, tickets, and various combinations of these words. Such websites represent both scalpers that pump up prices to 150,000-300,000 rubles and fraudsters that leave their victims without tickets and money. Apart from fraud schemes involving tickets to the championship, thousands of registered websites are set up to sell fake souvenirs, spread viruses, steal credit card data, etc. They are actively promoted through social networks. According to estimates of analysts of Group-IB, the total reach of social network groups that illegally use FIFA symbols is over 1 million subscribers. Furthermore, for the first time ever Group-IB has registered targeted use of Instagram. This platform is deployed to forward users to fraudulent websites, for instance, with the help of ticket draws and promises of prizes.

RGW: Apart from brand protection, your department deals with Internet piracy. How big is this market and how are online casinos connected to it?

A.B.: We estimate that an average online pirate cinema makes around $90 thousand per year. Correspondingly, the overall illegal market equals to around $100 million basing the calculation on the number of unique visitors. But these figures are relevant for 2016, the current situation has changed. The sad thing is that the losses of the market from the activity of pirates are bigger than the sums earned by pirates. In other words, in case a pirate earns a hundred million, there will be a half a billion of losses. After Russia adopted the anti-piracy Federal Law No. 344-FZ and the Law on Mirror Websites, pirates found themselves in a miserable position. They were seriously harmed when all major advertisers stopped working with illegal resources not willing to spoil their reputation. However, online casinos came to their help. Two entities have met – pirates that have traffic but don’t have money, and casinos that don’t have traffic but have lots of money. They made a symbiosis – one party is buying ads, the other is providing traffic. Piracy business has become very profitable once again. Yes, the law on advertising contains a paragraph that bans mentioning casinos and gambling, the violation of which envisages a fine. However, it is difficult to fine online casinos because they do not have a legal entity and it is not clear who stands behind it all. Therefore, currently the law on extrajudicial blocking of websites that advertise casinos is under consideration. The issue falls under cognizance of the Federal Tax Service and FAS. Currently, a draft law is developed, aimed to make piracy commercially unprofitable. If things go well, the adoption of this draft law will be a hard hit, as pirates will have to say good-bye either to the website or to big incomes.

RGW: You have mentioned that one of the most common cyber threats faced by companies and Internet users is phishing (fake links, websites, mobile applications). Could you give recommendations to the participants of our conference concerning how to protect their brands?

A.B.: First, you should take it seriously. Constantly track references to your brand in domain name bases and phishing resources.

Look for fraudsters that duplicate your brand in search engines. Constantly monitor the use of your brand and key personalities of your company in social networks.

Look for mentions of your company and names of top managers in groups and accounts.

Reveal all websites connected to the fraudulent resource. Usually fraudsters create several website clones.

Track mobile applications in not only official stores but also unofficial ones, as well as forums, search engines, social networks, and websites that can promote them.

And the most important thing is to immediately block fraudulent resources. Turn to companies with corresponding competences for that purpose.

In such a way, cyber criminals daily capitalize on inexperienced Internet users, making hundreds of millions of dollars, and causing billions of losses for businesses. Online casinos have become a new goldmine for pirates, whereas fraudsters keep collecting private data through phishing websites.

You can learn more about future changes in the anti-piracy legislation and ways to protect your business against cyber criminals at Russian Gaming Week-2018 held on June 7.

Register!