Content fraud takes a bite out of brand reputation

Scammers leverage user-generated content on trusted sites to trick consumers into sharing sensitive data, causing financial and reputational harm to those businesses.

Fraud / deception / social engineering  >  A wolf in sheep's clothing in a binary environment.
Joss Dim / Aleksei Derin / Getty Images

Organizations that allow users and third parties to list products and services, post reviews, classifieds and other content on their ecommerce, mobile and social media platforms have become major targets for scammers looking to steal credentials, take over accounts and conduct other malicious activity.

Though such scams are not new, the growing volume and intensity of the activity is driving the need for better risk and fraud management practices at many organizations, according to security experts. A recent study by Sift, a company that provides a range of content integrity, account protection and other online fraud prevention services, found a 109% increase in instances of attempted content abuse between January and May 2020 over the same period last year.

The company found digital channels belonging to organizations in certain industries—such as ticketing and events, digital marketplaces and those providing local services—were more prone than others to host malicious user-generated content. Also heavily impacted were online learning, streaming entertainment and donation platforms. On average as much as 11.2% of the user-generated content on ticketing and event sites and 8.9% of it on digital marketplaces are fraudulent.

Understanding scammers' motivations

Nearly half (48.8%) of the fraudulent activity is financially motivated. Sift found scammers are increasingly using fake and misleading content on sites belonging to trusted organizations to lure users into sharing personally identifiable information (PII), payment data, banking information, online credentials and other sensitive data. Often the data harvested through such activity is then sold in criminal markets or monetized in other ways.

To continue reading this article register now

The 10 most powerful cybersecurity companies