“Website Cloning” scams have quadrupled in recent years, as criminals have become much more sophisticated in their attacks. While their objectives range from stealing valuable credit card data to phishing login credentials or tricking victims into investing real money into fake products or companies, fraudsters almost always use the same methods. By setting up bogus websites containing forged documents and fake adverts, they impersonate well-known brands and their respective corporate identity to deceive their victims. To gain further insights into fraudsters’ methods, researchers at usd AG, a consulting company specialized in cyber security, recently took a closer look at those clone sites.
At RiskConnect, Matthias Göhring, Member of the usd Executive Board, and Florian Haag, IT Security Consultant at usd, will elaborate on their quest to automatically detect and identify cloned websites in order to make the Internet a safer place. In an unexpected turn, multiple cloning frameworks that were left on the servers by the scammers provided a deeper look into the methods and tactics of those fraudsters. Spoiler: They seemingly do not follow a secure software development lifecycle.
RiskConnect Virtual content is brought to you as free on-demand videos on our Web Shield Online Academy platform. Here's how you gain access: