The fraud and disinformation attack that began at the beginning of the year continues to spread in the Baltic countries, and the criminals are using highly advanced technologies, the disinformation analysis center Debunk.org reported on Friday.
The center also emphasizes that the authorities are unable to prevent the actions of criminals due to the slow cooperation of the company "Meta", which manages the Facebook social network, because the activities of fraudsters bring profit to it.
"We observed the highest intensity of the attack in September-October this year. We can see that active publicity combined with the actions of the police and authorities have made an impact. However, attempts to deceive continue, albeit on a smaller scale," says Viktoras Daukšas, head of Debunk.org.
In this case, criminals, using the names of various politicians, famous people, companies and news portals, as well as high-profile events, aim to lure the population into supposedly profitable investments in non-existent platforms, thus people lose money.
According to V. Daukš, fraudsters use technologically advanced schemes for this attack. Among them is the so-called cloaking technology. Its essence is to create many different websites or pages and show different content to different users based on certain criteria.
For example, potential victims are shown a fraudulent website and a fake investment platform, while Meta moderators or researchers are redirected to completely unrelated real websites or copies of them.
In addition, on fraudulent websites, scammers automatically display content in the language and topics of the user's country.
"All these processes are carried out by the fraudsters automatically identifying the user according to various criteria: country, IP address, browser, number of clicks, time spent and other behavior tracking parameters," claimed V. Daukšas.
To avoid detection, criminals also hide any traces of themselves by registering fake website domains through tax-exempt companies in countries such as Panama, St. Kitts and Nevis, and using a service that allows domains to be registered anonymously.
Debunk.org estimates that criminals used at least 119 fake website addresses and 124 Facebook profiles for this attack. These accounts served 1144 fake ads and reached an audience of nearly 10 million. users.
Stories were published in the Estonian media where people lost from several to several tens of thousands of euros due to such activities.
"Many people have lost larger or smaller amounts, but they do not make their cases public. So I guess that during this attack several hundred thousand euros were cheated from the residents", said V. Daukšas.
The Center has approached the Communications Regulatory Authority (RCT) regarding this fraud scheme. RRT identified Facebook accounts impersonating Ignitis as a potential risk and approached Meta about their removal. Some of them were deleted, but one fake account called "Ignitis" remained active because, according to Meta, it did not violate the rules.
"Although Facebook claims to have removed fake pages, fraudulent ads and links, many of them still exist and new ones flood the social network every day. The biggest problem is the lack of cooperation from Meta. "Unfortunately, the advertising distributed by Meta fraudsters is partly useful, because the company receives income for its distribution," said V. Daukšas.
In early December, the Lithuanian authorities, missing the reactions of the company Meta, which manages the social networks Facebook and Instagram, to reports of fraud, the creation of fake accounts, and ensuring the safety of users, announced that they would ask the European Commission (EC) for help.
Such an appeal is being prepared by the Communications Regulatory Authority and the Seimas Culture Committee - the EC wants to inform about possible violations of the Digital Services Act committed by "Meta" without ensuring the safety of users.
As the Deputy Chairman of the RRT Council, Darius Kuliešius, stated on BNS on Friday, this appeal will be sent at the beginning of next year.
"This is a wider circle of questions that does not include a specific situation. It is necessary in order to generally create cooperation in the reporting of possible violations of the Digital Services Act", said D. Kuliešius.
Author Augustas Stankevičius
