Scams "evolve" with technology to counter telecommunications network fraud
Produced by Deep Eye Studio
Written by: Our reporter Cui Shuang Planning: Liu Li
The rapid development of the Internet industry has accelerated the changes in criminal tactics and methods. Often, as soon as new network technologies and new formats appear, telecommunications network frauds carried out by them will follow. At present, the technical confrontation between online fraud and anti-fraud is in a state of anxiety. Basically, every time a fraud is cracked, the technical means of criminals will be upgraded.
"The account is at risk, please verify the true identity of the other party before transferring."
On October 11, the 2021 National Cyber Security Promotion Week was launched in Xi'an. At the Cyber Security Expo held at the same time, the interactive simulation product "Anti-Fraud Blind Box" attracted many people to stop and experience.
Opening this blind box, the experiencer harvested a "boyfriend" dropped out on the Internet.
This "boyfriend" used sweet words to entice you to transfer money. Although it was only 2 cents, Alipay still blocked it through pop-up prompts and anti-fraud test papers. The AI customer service even spent more than 5 minutes, "satisfying" to persuade you.
New technologies such as artificial intelligence are becoming "anti-fraud weapons."
But at the same time, what makes people helpless is that it also makes the liar stronger.
As people put more and more life scenes on the Internet, security on the Internet has become more and more important.
Fraud and anti-fraud are like a war without gunpowder. It is protracted and unpredictable: the post-90s generation has become the hardest hit by fraud, the fraud "industry chain" is becoming more complete, and fraud can also be "technology outsourcing"...
Handling the relationship between security and development has also become an issue that we must face in the online world.
General Secretary Xi Jinping issued important instructions this year on combating telecommunication network fraud crimes, emphasizing the need to put the people at the center, coordinate development and security, strengthen system concepts, rule of law thinking, focus on source governance, comprehensive governance, and adhere to joint management and collective defense. We will fully implement various measures for prevention and control and the responsibility of financial, telecommunications, Internet and other industry regulatory bodies, strengthen legal system construction, strengthen social publicity and education prevention, promote international law enforcement cooperation, and resolutely curb the high incidence of such crimes.
There is no "immune population" for scams
The post-90s are the hardest hit area deceived
People with a high degree of education and a certain financial foundation cannot be "immune" against online fraud
If you are asked to portray the victims of online fraud, what do you think they are?
Mental emptiness, love taking advantage, and lack of judgment are the characteristics of "vulnerable constitution"?
In fact, most of them are young, well-educated, and familiar with the Internet.
The post-90s and post-00s generations, who are aborigines of the Internet, are becoming the main targets of fraud gangs.
According to the "Report on China's Mobile Phone Security in 2020" jointly issued by China Academy of Information and Communications Technology and 360, among the users who reported online fraud, mobile phone fraud victims born in the 1990s accounted for 37.5% of all victims, and criminals engaged in online fraud. The main audience of the group; followed by 00, accounting for 28.7%.
The post-70s and post-60s people who are more likely to suffer fraud in the impression are less than 10%.
The Shanghai Municipal Public Security Bureau also disclosed that in the completed telecommunication network fraud cases reported in the city, more than 60% of the victims were born after 1990.
Some time ago, some media released news that one of them, a post-90s editor who has compiled and distributed numerous telecom fraud news, was defrauded of 50,000 yuan by the fraudulent means of "pretending to be the public security law."
The other party called himself the "police", saying that he was suspected of money laundering and wanted to transfer his property to a "secure account."
Under the control of the scammers, he not only transferred the nearly 30,000 yuan in his account, but even borrowed nearly 20,000 yuan on the online lending platform.
According to the summary afterwards, the other party’s deception is actually not clever, and there are many opportunities to avoid traps: don’t pick up strange calls with strange numbers at will, don’t believe that public security organs’ calls will be forwarded, and don’t trust the so-called "secure accounts". ...... But for a moment, the news person becomes the news party.
"Many people think that people with older ages and lower levels of education are the most vulnerable to online fraud. In fact, people with a high degree of education and a certain financial foundation are not the "immune population" for online fraud." Hu Yongtao, director of the preparatory office of the conference, said, “As online fraud gradually becomes the mainstream, the deceived population is becoming younger and younger.”
He said that, overall, the highest proportion of the victimized groups are those aged 18 to 40. The post-90s and post-00s are the "key targets" of fraudsters. The types of frauds that accounted for the highest proportions include credit checking and online fraud. Loans, investment and financial management, refunds by pretending to be shopping customers, fraud by pretending to be acquaintances, etc.
According to incomplete statistics, the post-90s generation is the hardest-hit area for being deceived, and the number of deceived people exceeds the total number of other age groups, accounting for 63.7%.
According to data released by the Shanghai police, in the completed telecommunication network fraud cases encountered by post-90s, post-00s and other groups, part-time ordering accounted for 24.7%, online shopping accounted for 23.2%, impersonating customer service accounted for 13.2%, and "killing pigs." Category (a telecom fraud that uses online dating to induce victims to invest in gambling) accounted for 12.1%.
These scams are not new, but they are enough to lure young people and even minors into the trap.
Online fraud also has an "industry chain"
Good and evil technology against anxiety
Scams are constantly being renovated, and fraud "upstream and downstream of the industry chain" is also "evolving"
What kind of people are engaged in online fraud?
"It is not easy to open people's money bags." Hei Mao was a policeman and is now a security expert in the "Guardian Project". He found that many fraud companies have already developed a set of ideological courses, technical courses, and role-playing. The complete "training process" including.
They write more than 100 pages of "scripts" on their own, teach tricks of deception, and group members have to perform role-plays and simulate battles.
When writing scripts, scammers will even consider the different levels of vigilance and negative reactions of users, and set up different plans to break down the opponent's psychological defense.
For example, to trigger tensions, you must take into account the customs and the seasonal solar terms, and naturally speak your lines-ticket fraud is more frequent during the Spring Festival; “passport application” fraud is mainly used before Golden Week; speaking to the northerners is usually straightforward, and the southerners must be particular. Order and logic.
In the workplace where the sound-absorbing sponge is installed, each operator has to make at least 300 effective calls per day, each call for more than 30 seconds.
This means that a criminal gang of about 20 people can even make nearly 10,000 calls a day.
In addition to scams that are constantly being renovated, the "upstream and downstream of the industry chain" of fraud is also "evolving."
"Ten years ago, there was a certain threshold for telecommunications fraud. To build a den outside of the country, it may require an investment of two million yuan and some knowledge of technology. Now, only one person and one computer are enough. Others are outsourced to'professionals'. '——Drainage promotion, account maintenance, payment channels, money laundering...All kinds of cyber crimes are invisible and intangible, but they have developed a complete industrial chain, collectively referred to as "black and gray production"." "Guardian Plan" security Expert Xiaoshu said.
In 2016, Xu Yuyu, an 18-year-old girl who had just been admitted to college, passed away due to telecommunication fraud, which caused a shock of public opinion.
In the same year, Tencent launched the “Guardian Program”, a joint anti-fraud public welfare platform between government and enterprises, and established the first anti-fraud laboratory. Relying on its secure big data, underlying technology and the advantages of massive users, Tencent cooperated with various social forces to provide the public with Comprehensive network security protection.
After fighting for many years, Xiaoshu talked about the "advance with the times" of scammers: the physical work of making phone calls has long been handed over to the group of mechanized machines. personal information.
On March 28 last year, the Xi'an Beilin police disclosed a case of illegally providing "group calling" equipment: They found out that there was a GoIP device den with multiple mobile phone numbers in the jurisdiction, which may involve multiple telecommunications network fraud cases across the country. .
It is understood that the GOIP device is a device that has multiple lines and can be equipped with multiple mobile phone SIM card slots, supports mobile phone card access and converts traditional telephone signals into network signals, enabling simultaneous calls with hundreds of telephone numbers.
Similar devices only need a broadband connection and can be controlled by a computer.
"They are all controlled remotely, the equipment is in the country, but the gang that actually commits the fraud is hiding abroad. This is also the main reason why it is difficult to solve the telecommunication fraud case." According to the local police, the destroyed gang provided "technical support" to overseas fraud gangs. .
Only 8 days before it was knocked down, through the GoIP equipment set up, multiple overseas fraud gangs made more than 100,000 fraudulent calls, of which more than 130 frauds were successfully implemented. The high "efficiency" is evident.
"Currently, online fraud crimes show a trend of precision, organization, and professionalism, which has given birth to black and gray products that provide help and support for fraud crimes and profit from them, and become a breeding ground for online fraud." Hu Yongtao said, their research found Internet fraud crimes have formed a chain of black and gray production organizations constructed by account maintenance, account rental, number printing, coding and promotion, technical team operations, language scripting, and money laundering channels, which has accelerated the spread of Internet fraud crimes.
"The bottom layer is the basic technical links, such as verification code identification, automated software development, phishing website production, etc.; the middle layer is some accounts, user information providers, which organize, operate and promote fraudulent activities, and develop offline; Fraud activists use stolen information, accounts and fraud tools to carry out fraudulent activities including fraud, theft, and phishing to achieve profit." Wu Haisang, senior vice president of Zhixiang Technology, further explained.
Last year, "killing pigs" emerged as the type of fraud with the highest losses for victims.
Relying on this new type of fraud in the name of love, a small group of three or five people can cheat more than 800 people into "piggy", and the amount involved exceeds 200 million yuan.
The rapid development of the Internet industry has accelerated the changes in criminal tactics and methods. Often, as soon as new network technologies and new formats appear, telecommunications network frauds carried out by them will follow.
“At present, the technical confrontation between cyber fraud and anti-fraud is in a state of anxiety. Basically, every time we crack a fraud, criminals will upgrade their technical methods.” Wei Liang, director of the Anti-fraud Center of the Ministry of Industry and Information Technology and vice president of the China Academy of Information and Communications Technology, said with helplessness.
Hu Yongtao said that according to incomplete statistics, there have been more than 50 types of fraud cracked by public security organs in recent years.
In the past two years, the modus operandi has developed from telephone calls and text messages to the Internet. The proportion of online fraud cases has risen rapidly, reaching over 80%. Among them, online loans, online orders, online shopping, online investment and other fraud cases have been the most frequent. .
Clarify rights and responsibilities for social co-governance
Combating black and ash production requires teamwork
To build a mass defense and mass governance mechanism, it is necessary to strengthen organization and coordination
What is the difficulty in fighting online fraud?
The theft is unsuccessful and may enter the cell.
If the robbery is unsuccessful, you may be beaten violently.
The fraud was unsuccessful?
Change the phone to follow up.
Although the joke is a ridicule, it implies the main reason behind the repeated prohibition of online fraud.
Hu Yongtao said bluntly: the cost of illegality is low, the obstacles are large, and the punishment of misdemeanors is difficult.
He said that the core reason for the breeding of Internet black and gray products is "person (account) separation", especially the rent/sale of phone cards, bank cards, and online account numbers that are widely seen in the promotion chain and the capital chain, helping criminals to use the real names of others. Accounts and account numbers are used as a cover to avoid investigation by the public security organs, and to construct fraud scenarios, which increase the difficulty of preventing and cracking down with a small illegal cost.
What’s more difficult is that the illegal income of the black and gray personnel renting and selling online accounts is sometimes not enough for the filing standards. Some black and gray personnel have been engaged in related illegal activities for a long time, accumulated a lot of experience in confrontation and anti-investigation, and began to build a black and gray product technology platform. Provide professional support for overseas online fraud crimes.
"Guardian Project" security expert Zhou Ke mentioned that in a certain place in Southeast Asia, there is a telecommunications equipment store that specializes in serving criminal gangs. Professional HR uses the formal human resources recruitment process to abduct freshly graduated college students into black and gray programmers.
They are strong, and some can provide "employees" with a monthly salary of tens of thousands of yuan, and provide "benefits" such as the new crown vaccine.
The "booming" of scam gangs has even increased local housing prices.
"It is estimated that the number of people involved in black and gray production reaches one million, and the righteous side does not even reach one-tenth of the number of the other side." Zhou Ke said.
However, after years of machine training, big data and artificial intelligence have gradually been able to find fraud risks on the platform by themselves.
Zhou Ke and his colleagues believe that any fraud will leave traces, whether through phone calls, text messages, phishing URLs or plug-in software, these traces will become part of big data. The larger the data volume, the stronger the analysis technology. The more precise and effective prevention, detection and combat are, "this is a law that cannot be violated."
In May of this year, the Ministry of Industry and Information Technology launched the "Card Broken 2.0" special action.
On July 14, the 12381 fraud warning and dissuasion short message system was officially launched. The Ministry of Industry and Information Technology organized the construction of a large anti-fraud platform for the information and communication industry to realize the integrated disposal of the number, domain name, and Internet account involved in the entire network.
Hu Yongtao emphasized that anti-fraud is a comprehensive management work that requires the participation of all social forces, which mainly includes combating crime, early warning and dissuasion, industry governance, publicity and prevention, etc.
He said frankly that in order to build a mass prevention and governance mechanism, it is necessary to strengthen organization and coordination, and further solve the problems of information sharing, crime prevention and governance, and legal construction.
"Our country has not yet issued laws against new types of cybercrime, and many telecommunication network governance information sharing work is in a state of unreliability." Hu Yongtao said that the governance of telecommunication network crimes involves the exercise of public power, the protection of public interests, and various enterprises. How to measure the conflict between the national, social and corporate interests and the individual rights and interests carried on personal information requires corresponding guidance and regulation.
At the same time, he also mentioned that the problems and clues discovered by some enterprises and public institutions in their governance work, due to the lack of clear governance rights, a large number of early warning clues and information have not been fully utilized.
On the one hand, because the problems discovered by companies often have not led to the case, or the victims cannot be found, it is difficult for the public security organs to quickly characterize and deal with them in accordance with the law. , It cannot be qualitatively dealt with, and it is also difficult to achieve joint prevention and control outside the scope of its own business.
This makes the establishment of laws and regulations and clarification of powers and responsibilities a top priority.
"We should first clarify the division of labor, responsibilities, and coordination mechanisms in anti-telecommunications network fraud by regulatory agencies, judicial departments, financial institutions, telecom operators, Internet companies, etc., to form governance synergies." Hu Yongtao suggested.
"On the one hand, Internet service providers must be required to take responsibility for data security protection in terms of technology, responsibility, and ethics from the legal level; The aggregation and sharing of technological capabilities, assembling the capabilities of security vendors, and better serving users.” Wu Haisang said that he specifically mentioned that relevant companies should fulfill their social responsibilities and actively advise on the formulation of regulations and standards.
In addition, anti-fraud must be "offensive and defensive simultaneously."
Jiang Guoli, deputy director of the Criminal Investigation Bureau of the Ministry of Public Security, said that telecommunications network fraud is a preventable crime, and it is better to prevent it after the fact.
Hu Yongtao also mentioned that because most of the fraud gangs are hiding abroad, coupled with the impact of the epidemic, the cost of public security to go abroad to fight such crimes is very high.
In contrast, the work of mass prevention and governance can greatly save the overall cost of society and reduce the risk of people being deceived.
The masses are an important force for "social governance".
As the black cat said, ordinary people can mark fraudulent calls, text messages, and URLs at will, report frauds in a timely manner, improve the anti-fraud security database, and contribute to the "national anti-fraud, no fraud in the world".
In the cat-and-mouse game of fraud and anti-fraud, everyone can be a victim or an activist.
(Black cat, Xiaoshu, and Zhou Ke in the text are all pseudonyms)