April 27, 2020
The COVID-19 pandemic brings out the best in people and the worse in criminals. Exploiting fear and panic in these uncertain times, threat actors are selling counterfeit cures, fake coronavirus tests, and questionable PPE online. They are also sending out phishing emails impersonating the World Health Organization (WHO) and other government agencies to elicit donations that must be paid in Bitcoin. Threat actors are also persuading victims (especially remote workers) to download malware that can steal their online banking or credit card credentials, but also corporate assets of their employers.
Due to the lockdown and self-isolation that is forcing roughly half of the world’s population to be and work online, the number of potential targets has multiplied for cybercrooks. Since businesses of all sizes let their employees work from home, these companies are facing a major problem in addition to all the other challenges that they have to deal with. Remote working opens up more vulnerable points for cyberattacks and fraud attempts by threat actors. At their home office, employees are not protected by their usual corporate IT infrastructure. In some cases, companies do not have enough devices for their employees to use at home, which means that personal laptops are used for connecting to co-workers and clients. Needless to say, proper compliance management of these non-approved devices and conduct in almost impossible.
For years, threat actors have been using all levels of the internet for committing their crimes. Especially the dark web has been a great resource for them. Out of the watchful eye of authorities and law enforcement, the dark web is a safe haven for buying or selling data and hacker tools, planning crimes, and committing financial crimes such as fraud. Ransomware gangs have begun using the dark web to leak and post sensitive data and documents they stole from their victims when they refuse to pay the demanded ransom. By putting these stolen data and information up for sale, they can still monetize their ransomware attacks.
With law enforcement agencies being under tremendous pressure in a time of social distancing, investigating persons or groups suspected of committing these types of crimes is a huge challenge. The good news, it is definitely not impossible. More than ever, WEBINT can come to the rescue. To follow the trail of suspicious transactions, individuals, and groups, an artificial intelligence tool can trace threat actors using keywords such as “corona” or “COVID” used in their phishing attacks or “COVID-19” when selling their malware and exploitation tools on the dark web.
The web intelligence solution of Cobweb is an AI-powered WEBINT solution incorporating machine-learning algorithms. It allows law enforcement, investigators, police officers, and analysts to collect and process huge amounts of big data from the surface, deep web, and dark web to track and trace the digital footprints of the threat actors behind phishing attacks that target e.g., remote workers.
The WEBINT solution can also automatically analyze key data sets such as credit cards and payment services, which will help financial institutions and banks to receive real-time intelligence on threat actors gathered from publicly-accessible online sources. This artificial intelligence tool enables organizations and enterprises to receive instantly extracted data for analyzing and verifying the identity and pattern of behavior of persons of interests or groups to take action or to prevent them from committing online fraud or other cybercrimes even when they are using fake identities. This is especially important in light of the global fight against financial crime (including money laundering). Financial institutions must incorporate compliance management systems, such as the Customer Identification Program (CIP), to verify the identity of anyone wanting to do business with them.
The WEBINT solution of Cobwebs collects big data from publicly-accessible web sources (including websites, online platforms, social media postings, blog posts, public message boards, articles, manifests, and documents posted online) using unique de-anonymization tools. This allows for tracing dark web entities back to the real world, which in turn helps law enforcement to uncover cybercrime gangs, individual persons of interest, and even prevent cyberattacks. Financial institutions can use the AI-powered WEBINT platform to enhance their Know Your Customer procedures by using it for a comprehensive risk assessment of clients and entities. The harnessing of a web intelligence solution that incorporates artificial intelligence and machine learning technologies allows for conducting enhanced due diligence, which will help to prevent financial crime during this pandemic crisis.
In conclusion, the automated WEBINT solution of Cobwebs has the ability to search across the uncharted deep and dark web layers as well as the surface web, while also scouring multiple social media platforms. The AI-empowered WEBINT platform enables law enforcement agencies, organizations, and corporations to create custom search parameters and launch inquiries beyond the scope of traditional search engines. AI can identify correlations among the various data volumes that are generated by the WEBINT process for timely action.