Scalper bots out of control in Israel, selling state appointments
Out-of-control scalper bots have created havoc in Israel by registering public service appointments for various government services and then offering to sell them to disgruntled citizens.
The bot's operators attempted to sell appointments for a range of government agencies for over $100, including passport renewal, the Israeli Ministry of Interior, the Ministry of Transport, National Insurance, Israel Post, and the Israeli state Electricity Company. . .
As the bot was made publicly available for everyone to benefit, malicious actors grabbed it and modified its functions to scalp all the available appointments.
The unethical individuals who operated the rogue bot set up a Telegram group and offered "instant appointments," even giving special discounts for those who bought two.
The sellers of the appointments present themselves as well-meaning developers who want to help people, but in reality, they are making it even harder for people to get appointments that are meant to be free.
Hard to stop
Putting the genie back in the bottle isn't straightforward now, as the state would have to scrap the current online platform, cancel many legitimate appointments, and generally create a highly problematic situation.
MyVisit attempted to stop the scalpers by adding CAPTCHA on the booking page, but the bot developers bypassed this step in a couple of days by adding CAPTCHA solving functionality.
"To beat today's modern bots, much more advanced measures are utilized by bot management products," comments Akamai.
"Device fingerprinting and behavioral analysis are combined with machine learning models, fed with billions of daily requests to detect trends and anomalies."
. . .If you live in the country, note that purchasing appointments via this illegal channel gives the operators an incentive to continue and even expand to more critical areas like hospital appointments, for example.
Related Articles:
Windows zero-day exploited in US local govt phishing attacks
Fake Binance NFT Mystery Box bots steal victim's crypto wallets
Costa Rica declares national emergency after Conti ransomware attacks
White House: Prepare for cryptography-cracking quantum computers
Microsoft's Azure SDK site tricked into listing fake package
No comments:
Post a Comment