Scammers impersonating WHO website taken down by UNICC and Group-IB.
Photo: WHO

Saving World Health Day: UNICC and Group-IB Take Down Scam Campaign Impersonating the World Health Organization

UNICC, together with Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specialises in investigating high-tech cybercrimes, detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Scammers created a distributed network of 134 rogue websites impersonating the World Health Organization (WHO) on its health awareness day, encouraging users to take a fake survey with a promise of funds in return. The scheme targeted millions of users around the world with the goal of tricking them into visiting fraudulent third-party websites.

Group-IB Digital Risk Protection Team detected the campaign and reached out UNICC’s Common Secure team as a trusted contact for cyber threat intelligence matters within the UN in order to assure that competent contacts with WHO are aware of its existence. 

Group-IB Digital Risk Protection Team performed the takedown of all the scam domains. Group-IB researchers established that one scammer collective, codenamed DarkPath Scammers, is likely to be behind the campaign. The investigation is underway.

Cyber-hygiene for the Sustainable Development Goals

UNICC works with the World Health Organization and many other UN Agencies to deliver on their mandates, represented by the Sustainable Development Goals, a collection of 17 interlinked global goals designed to be a blueprint to achieve a better and more sustainable future for all. Whether it’s health, eradication of poverty or hunger, rights for women and girls, actions to take on climate change, economic justice, sustainable cities and communities, or for peace and justice around the world, UNICC provides digital business solutions, including a threat intelligence network for over 30 UN Agencies and international organizations.

After warning us, we knew Group-IB was the team to deal with this World Health Day scam. They have the expertise and tools to get the job of takedown done, in short order.

Bojan Simetic, Information Security Specialist, UNICC 

We are excited to cooperate with UNICC in the detection and elimination of scams deceiving people into thinking they are dealing with legitimate websites. 

Dmitry Tyunkin, Head of Group-IB Digital Risk Protection Team

Detecting the Scam

On April 7, Group-IB alerted UNICC about a fake website impersonating WHO branding, where users were encouraged to answer a few simple questions to earn a 200 Euro reward on the occasion of World Health Day.  

Once users answered questions, they were prompted to share links with their WhatsApp contacts. This way scammers tried to ensure the viral distribution of their multistage schema. Group-IB researchers discovered that users would see several fake Facebook comments about gifts commentators supposedly received. When they then hit the Share button they would unknowingly involve friends in the scam by sharing the link with them – instead of the promised reward – with a redirect to third-party fraudulent resources offering participation in another lucky draw. 

By this time in the scam routine WHO is no longer mentioned as users would visit a hookup website, inadvertently install an extension for their browsers or subscribe for paid services. In the worst-case scenario, users would end up on a malicious or a phishing website.  

In addition to the multi-stage nature of the scam, which makes it harder to detect, victims saw customised content depending on their geolocation, user agents and language settings. For example, the currency of the reward would change depending on user location. 

What the Scam Looked Like

Group-IB Digital Risk Protection team discovered that it was not a one-off, short-lived website impersonating the WHO brand, but rather a sophisticated distributed scam infrastructure that included a network of 134 almost-identical, connected domains hosting web pages exploiting the World Health Day theme. Within 48 hours upon discovery, Group-IB managed to block all the rogue domains. 

Screenshot of Group-IB Platform Digital Risk Protection Platform showing network of scam websites taken down with UNICC.
Screenshot from Group-IB Digital Risk Protection Platform shows the network of 134 rogue websites impersonating the World Health Organization. Credit: Group-IB

Further investigation found that the 134 domains, identified and blocked by Group-IB, are part of a larger scam network, attributed to a single scammer collective.   

Group-IB researchers discovered connections between the blocked 134 websites involved in the WHO scam and at least 500 other scam and phishing resources impersonating more than 50 well-known international food, sportswear, e-commerce, software, automotive, e​nergy industry brands. The analysis of websites revealed that cybercriminals used scam kits, similar to phishing kits, which are sets of instruments for the creation and design of scam pages. One scam kit allows impersonating multiple brands at a time using the same template. Interestingly, after the takedown efforts by UNICC and Group-IB, the scammers stopped using the WHO branding across their whole network. 

Brands impersonated by DarkPath scammers, collective involved in the WHO scam taken down by Group-IB and UNICC.
Brands impersonated by DarkPath Scammers. Breakdown by industries. Credit: Group-BI

Scam Syndicate 

During the infrastructure analysis, Group-IB researchers examined the domains and other digital indicators and concluded that the whole network is likely to be maintained and controlled by a scammer collective codenamed DarkPath Scammers. Most of the domains with phishing and scam content are using CDN’s (Content Delivery Networks) to hide IP-addresses of the real servers. Thanks to its proprietary Graph Analysis system, Group-IB researchers analysed dozens of SSL certificates, SSH keys, DNS and were able to track down malicious infrastructure, unveil the IP-addresses of the real servers where phishing content was stored and connect the domains into one distributed scam network. The scammers are using the same infrastructure configuration with its own traits and misconfigurations across all their servers. Group-IB continues to monitor the scammers’ activity. 

Most of the scam websites controlled by DarkPath Scammers remain active at the moment and keep targeting millions of users around the world. The scammers advertise their resources using email blasts, paid ads and in social media. According to Group-IB estimates, the scammers’ whole network attracts around 200,000 users daily from the US, India, Russia and other locations.

Dmitry Tyunkin, Head of Group-IB Digital Risk Protection team in Amsterdam, noted that “many brands, however, still underestimate the impact of such scams on their businesses and customers. Most organizational approaches to eliminating brand abuse online seems a lot like tilting at windmills. They miss this continuous trend toward the use of multistage scams and distributed infrastructure. Scammers use smart, advanced technologies. They are successful due to the lack of comprehensive digital asset monitoring by brand owners.”

Organizations should carry out seamless online monitoring to promptly detect any cases of illicit use of their brands. Many institutions monitor only separate brand infringements, like phishing pages and domains but overlook other elements of fraudulent infrastructure. To see the comprehensive picture of all brand violations, companies should use Group-IB Digital Risk Protection solutions that will promptly eliminate all brand infringements online on a pre-trial basis without additional investment and lengthy litigation.  

To avoid falling prey to this scheme, online users should carefully check the website they are interacting with. It is never redundant to check if the link you’re going to click on is identical to the domain of the organization’s official website since fraudsters often register domain names mimicking official ones. Stay suspicious of any website on which you plan to enter your data is a habit that must be developed by everyone willing to keep their money safe.

UNICC 107th Management Committee UN Geneva

UNICC 107th Management Committee Celebrates Earth Day and Girls in ICT Day with Briefings on Sustainability and Diversity Efforts

UNICC Updates Partners on Key Developments in Operations, Cyber Security, Finance, Business, Audits and Digital Transformation Areas

UNICC’s Management Committee (MC), the organization’s governance body, met virtually on Wednesday 21 and Thursday 22 April for the 107th session and the first of 2021. The MC is comprised of representatives from over 40 Partner Organizations and meets twice every year. This body shares responsibility with UNICC’s Director for key decisions, providing guidance for the organization’s strategic direction and approving the Centre’s budget, financial reports and service rates.

On Wednesday, the session covered statutory business, highlighting some of the key developments in the organization over the past six months, since the 106th Management Committee meeting. UNICC’s Director Sameer Chauhan informed attendees about the progress of several workstreams of the organization’s ongoing digital transformation and provided updates in the areas of operations, cyber security, finance, business and audits.

Growth was the watchword of the day, with a healthy financial outlook, new partners, an upcoming pipeline of projects and innovative technology services to support the needs of UNICC’s Clients and Partner Organizations. ‘We are listening’ and ‘we are responsive’ have been the organization’s refrain. To answer the question of how to maintain this organization’s growth, the answer was a resounding: Listen, anticipate needs of Clients and stay relevant.

On the second day of the 107th Management Committee, UNICC shared near-term initiatives and discussed with its Partners forward-looking digital trends where UNICC can add value. 

I thank all UNICC’s Partners for the active, interesting and positive board meeting and the healthy discussion about the opportunities and challenges with technology the UN system is facing.

Sameer Chauhan, Director, UNICC

One of the conversations focused on supporting hybrid conferencing events involving governing bodies and a second was related to the monitoring of accounts receivable, both topics proposed by MC members. The two other topics on the second day’s agenda were brought forward by UNICC. 

Coinciding with ITU’s International Girls in ICT Day, one of the sessions revolved around how to ensure UNICC has a diverse workforce. Partners were briefed on current initiatives for gender, diversity and inclusiveness in the digital business field, including HR gender balance efforts targeted at achieving UNICC’s goal to reach complete gender parity by 2028. 

Greening UNICC Initiatives

Thursday was Earth Day and UNICC celebrated this international milestone by sharing ongoing efforts to make UNICC a more sustainable organization. Milena Grecuccio, Chief of Staff and Chief of Corporate Services (OIC), and Marco Liuzzi, Chief, Operations Officer, explained that UNICC is currently concentrating its attention on green data centres and workspaces, where significant progress has already been made. The organization is establishing new goals for mapping a way forward.

In addition, UNICC has recently joined the UNEP Greening the Blue initiative with a staff focal point who will work with experts to collect data and define and report on UNICC’s environmental metrics as part of the Greening the Blue system.

The discussion on sustainability was well-received; UNICC will continue to brief Partners on this topic in the coming meetings.

MC Appoints New Chair

During the 107th Management Committee meeting, the MC members appointed a new Chair to serve during the next year. The incoming Chair, Fabrice Boudou, Director of IT Solutions Division at WTO, will steer the committee with continuing Vice Chair Anthony O’Mullane, Director of Operations Support Division at UN OICT. UNICC thanks the entire Management Committee and especially the outgoing Chair Enrica Porcari for her excellence guidance and steer, and extends a warm welcome to the incoming Chair Fabrice Boudou. 

Thank you UNICC for the work you do to be a true technology partner to all UN Agencies. It has been an honour to serve as Chair of the Management Committee.

Enrica Porcari, CIO and Director of Technology, WFP and outgoing Chair of the UNICC Management Committee

I am extremely excited for the months ahead and the opportunity to be part of the UNICC adventure alongside Sameer and the team. There is a need for more digital transformation in the UN to succeed in a digital world, and our organizations need UNICC for this.

Fabrice Boudou, Director of IT Solutions Division, WTO and Chair of the UNICC Management Committee

The UNICC Management Committee will meet again in the Fall for the second session of 2021. 

Screenshot of UNICC's 107th Management Committee Meeting
Photo: UNICC
Digital CE App
Photo: UNJSPF

UNJSPF and UNICC Present Digital Certificate of Entitlement at UN Innovation Network Webinar

​On Thursday 15 April, the UN Innovation Network (UNIN) hosted a webinar as part of its Blockchain Learning series on the Digital Certificate of Entitlement solution, developed by UNICC and the UN Joint Staff Pension Fund (UNJSPF) for the Pension Fund’s beneficiaries around the globe.

The webinar began with a presentation by Dino Cataldo Dell’Accio, CIO, UNJSPF, who detailed the broader objectives of the Digital Certificate of Entitlement solution, revolutionizing the Pension Fund’s 70-year-old manual processes. 

With a pool of nearly 80,000 beneficiaries, UNJSPF annually holds the responsibility of ensuring the proper delivery of all 80,000 pensions. A tedious, antiquated and risk-prone procedure was in need of updates. Objectives for this solution included process automation, reliability, privacy, security and scalability.

Shashank Rai, CTO, UNICC then described the technical functionalities that serve UNJSPF’s objectives. He noted the application’s ability to confirm biometric Identity of every beneficiary, addressing the Pension Fund’s need to prove facial recognition, proof of existence and physical location. 

We need to congratulate UNICC for its flexibility in navigating the challenges of implementing the application in the middle of the pandemic. The blockchain technology applied in this Digital Certificate of Entitlement brings about endless possibilities to automate other aspects of the pension distribution process and beyond.

Dino Cataldo Dell’Accio, CIO, UNJSPF

Another aspect of the Digital CE solution that Shashank described was the immutability of the process of identity verification, whereby all private, biometric data for beneficiaries is hosted on individual mobile devices onto which the app is downloaded. Because of various obstacles around data privacy and security in the process of verification, the respective hosting of a beneficiary’s data, named a “blockchain wallet,” is “a way to bring back the ownership of one’s data into their own hands.”

The webinar also featured a Q&A session during which many representatives attending from organizations such as UNDP and WFP inquired about numerous aspects of the solution, such as the application’s development process, particularly over the course of the pandemic. Despite the its hampering of plans to properly present the solution throughout the UN ecosystem, UNICC developers and involved stakeholders were able to successfully roll out the Digital Certificate to 250 test beneficiaries in WFP and FAO. 

 UNIN’s feature of the Digital Certificate of Entitlement solution serves as a testament to the UNICC and UNJSPF commitment to Sustainable Development Goal 9: Industry, Innovation and Infrastructure, and Goal 17: Partnerships for the Goals. The partnership extends form UNICC and UNJSPF to working with the UNIN to share innovative digital business solutions.

The UNIN is an informal, collaborative community of UN innovators interested in sharing their expertise and experience with others to promote and advance innovation within the UN System. The UNIN is open to innovators from all UN Agencies as well as external partners and to date, 3,000 colleagues from 65+ UN Entities in over 140 countries have joined the Network.

Photo: Unsplash/heylagostechie

UNICC Participates in Swiss and Italian Career Fairs

UNICC strives to build a dynamic pipeline for its talented workforce, with commitments to gender parity, diversity and inclusiveness. With this goal in mind the organization regularly shares its profile and job and internship opportunities with career fairs in countries where it has offices (Italy, Spain, Switzerland and the United States). UNICC also supports the UN’s Youth 2030, an ambitious system-wide strategy to guide the United Nations and its partners to work meaningfully with and for young people around the world.

With the goal to build visibility and partnerships with academic institutions, UNICC offers internship opportunities for college students in a variety of fields, from all areas of digital business and technology, to enhance their educational experience with professional training and exposure to the organization’s work. Through internships, students can learn from the UNICC community, while UNICC benefits by creating a diverse workforce, expanding the organization’s expertise and reach to the latest theoretical and technical knowledge and staff resources.

Last week, Geneva and Brindisi colleagues met students and graduates interested to learn more about joining the UNICC family. 

ICT Career Days in University of Salento

In Italy, UNICC virtually attended the ICT Career Days organized by the University of Salento on 29 and 30 March. Service Management Assistant Luca Contursi delivered a presentation and together with Service Management Coordinator Angelo De Angelis and HR Assistant Julia Cassista, interviewed students in 15-minute, one-to-one meetings. The team’s goal was to share current and potential internship opportunities in UNICC’s Brindisi, Italy office. To give the students a glimpse of work there, the interviews were conducted in Italian and English. 

While this was the first time UNICC participated in ICT Career Days there, an event focused on students with technical profiles, the partnership between the University of Salento and UNICC has been in place for five years. UNICC has attended previous Career Weeks with a wider scope and hosted several interns from the institution.

Swiss International Career Day

Also on 29 March, UNICC attended for the fifth time the International Career Day (ICD) event organized by the Swiss Federal Department of Foreign Affairs. This fair offers young professionals and students a platform to meet with representatives of international organizations and find out about jobs and career opportunities in the multilateral environment. 

UNICC’s HR and Communications teams worked together to create an attractive virtual booth, a platform with information about the organization, including UNICC’s Working With Us video, available internship and job opportunities and a presentation about UNICC. The UNICC team was ready to answer direct messages from attendees with questions about how to get started in an international organization.

HR Officer Martin Alirol and HR Assistant Isabel Guardeno Exposito hosted two breakout rooms where students could meet the HR team. The third breakout room was hosted by current UNICC interns in different units, including HR’s Gianna Gkramozi and Diego Arista Vinaixa, Laura Reis from Procurement and Finance, and Ha-Young Kwon, interning in Communications. Students also had the opportunity to schedule short one-to-one interviews.

UNICC promotes and facilitates cooperation with academic institutions in many ways. In addition to internships and engaging with students in specific projects such as the recent Global Hackathon: Data for Good, UNICC collaborates with researchers, benefiting from high and deep level of skills in specific areas, co-sponsoring events, and much more.

UNICC Trusted Partnerships Rountable Screenshot of Panellists

UNICC Partners Discuss Trusted Partnerships for Digital Public Solutions

UNICC is commemorating its 50th anniversary and as part of the celebration the organization brought together preeminent partners to discuss the topic of Trusted Partnerships: Catalysts for Creative Digital Public Solutions in a public roundtable. 

In this 23 March event, prominent thought leaders from the UN family and beyond discussed the power of partnerships, guided by questions from moderator Prado Nieto Barrantes, Chief, Business Relationship Management, UNICC. 

The panellists of the Trusted Partnerships roundtable were:

  • Enrica Porcari, CIO and Director of Technology, WFP and Chair of the UNICC Management Committee
  • Hans Baritt, Controller and Director, Division of Financial and Administrative Management, UNHCR
  • Dianne Dain, WHO Innovation, Digital Health and Innovation, WHO
  • Jean-Louis Ecochard, Chief Innovation Officer, NetHope
  • Sameer Chauhan, Director, UNICC

The participants defined what successful partnerships look like. Enrica Porcari noted some of the key ingredients in the secret sauce of a strong partnership: hard work and patience to build trust, a shared ethos and continuous support. “We look for partners that are there every step of the way, working side by side with WFP, and who are not there just for the spotlight,” she said.

The discussion moved into the evolution of technology partnerships over the last years and the driving factors of this shift. One of the great values of trusted partnerships is that it allows for more resource efficiency. To that end, panellists noted that UN Agencies should collaborate and share solutions, instead of working independently.

Partnership is the art of understanding shared value. In WFP we have a number of partnerships, not many, but the ones that we have are deep, are sustained, are long-term. And definitely UNICC is one of them. 

Enrica Porcari, CIO and Director of Technology, WFP and Chair of the UNICC Management Committee

Participants shared their views on how partnerships encourage and drive more creative solutioning, with specific examples. They also discussed some of the most critical changes that organisations should make now to have robust, resilient and sustainable partnerships to face the future effectively. 

Dianne Dain reminded the audience of the UN Secretary-General’s description of the current global situation: “The world is facing the greatest crisis since the United Nations was created.” Global challenges including the Covid-19 pandemic, climate change and many more can’t be solved by any single individual or organisation, but have to be tackled from different angles through partnerships.

Technology and partnerships play a large part in making the dollars go further. We have to partner across Agencies, leveraging and building on institutions like UNICC.

Hans Baritt, Controller and Director, Division of Financial and Administrative Management, UNHCR

Jean-Louis Ecochard offered his view on the value of trusted partnerships and going from the I to the We: “Diversity in partnerships brings creativity and innovation. We need this creativity to design digital solutions to conditions that don’t fit the current technological stack.” 

After half a century, UNICC continues providing shared services to UN entities and related organizations around the world, connecting groups who can come together to collaborate and make impactful digital solutions. 

UNICC depends on its partnerships with Clients and strategic partners, including public and private sector, NGOs, academic institutions and other entities, and appreciates organizations working together for social good, often counting on UNICC, to make the world a better place.

Abraca-Data: A Team of Young Talent, Forged by Chance, Fortified by Data

Several days before the start of the UNICC Global Hackathon: Data for Good, five students from five different universities in India received an email from UNICC informing them they would be participating in the hackathon together as a team. Himanshu Bajpai, Birla Institute of Technology and Science in Pilani; Aanisha Bhattacharyya, Institute of Engineering and Management in Kolkata; Foridur Rahman, Savitribai Phule Pune University in Pune; Swaraj Priyadarshan Dash, Silicon Institute of Technology in Bhubaneswar all registered individually without knowing each other or what to expect. 

Our team consisted of students from India with an enthusiasm for data science… Our participation as a team was entirely a stroke of luck.

Himanshu Bajpai, Birla Institute of Technology and Science, Pilani, India 

UNICC’s Global Hackathon: Data for Good launched on Tuesday, 16 February 2021 with an introduction from the organization’s executive leadership to a global audience of UNICC and other UN organizations’ staff members, university representatives and over 140 students. Following the introductory remarks from UNICC’s Director Sameer Chauhan and Chief of Digital Business Solutions Ninna Roco, Anusha Dandapani, Chief of Data Analytics, introduced the three challenges of the hackathon: COVID-19 Open Challenge, Refugee Crisis: Predict Forced Displacement, and the UN75 Visualization Challenge. 

Himanshu, Aanisha, Foridur and Swaraj registered under the name Team Abraca-Data and opted for the Covid-19 Open Challenge. The challenge called for measuring the socioeconomic impact of the pandemic, identifying key stakeholders in managing the outbreak and forecasting the impact of phased vaccination cycles.  

The team began by breaking apart the segments of the challenge and delegating the analytic workstreams to members of the team: Swaraj focused on government measures implemented in developing countries, Aanisha investigated the global vaccination drive, Foridur observed the socio-economic impact of Covid-19 and Himanshu found trends in overall transmission of the virus. All of the students brought their individual fortes in data analysis, statistics and interpretation to approach their respective areas of research.  

Despite their varying approaches, all students on the team collectively agreed upon one thing: to look for trends not already known. Instead, the students focused on finding new insights, particularly how the Covid-19 virus is transmitted among children, the resulting behavioral changes in societies and patterns in the vaccination drive with other key international factors. They looked into data sets from the European Centre for Disease Prevention and Control, Johns Hopkins University, New York Times, The Covid Tracking Project, and UN data sets such as OCHA Coronavirus (Covid-19) Vaccinations, all of them open source. 

They found that the number of children testing positive was actually in regard to the number of cases identified as positive in Italy. The team presented that on average, 1/12 of all positive Covid-19 cases in Italy were children less than 15 years old, effectively marking a correlation between the number of cases among children and the general population that has the potential to guide future policy decisions in the pandemic. 

Credit: UNICC
Credit: UNICC

Additionally, the team presented a word cloud visualisation that was built from various data sets, including the ACAPS COVID-19 Government Measures Dataset which consists of related intel across sources from governments, media, the United Nations and other organisations. By building this visualisation, team members offered insight on shifts in public opinion through the observation of common verbiage, such as “Violence” and “Alcohol” pertaining to individual behavior and “Sanitation” and “Unemployment” related to government response. 

One thing that we were clear about though, was that we won’t try to find trends and patterns that we were already aware of. Instead, we’d try to discover new insights. 

Team Abraca-Data 

The final section of their presentation focused on the global vaccination drive, where they started by looking for correlations between countries that are leading the vaccination drive, such as Israel, Chile, United Kingdom and Serbia, and their ranking in GDP per capita. They also focused on other trends such as data concerning the overall rate of vaccination and the return rate for the second dose for Moderna and Pfizer/BioNTech vaccines. 

The team’s meticulous research and valuable data insights won them first place in the UNICC Global Hackathon Challenge 1: Covid-19 Open Challenge, where they were competing against four other teams. Furthermore, their award-winning project allowed for the development of their data skills capabilities and provided data-driven insights, addressing two of UNICC’s data strategy goals in alignment with the UN Secretary-General Data Strategy

When recounting their Hackathon experience, Abraca-data members expressed an overwhelming appreciation and an enriching experience. They thanked their mentors, whose dedicated attention and helpful feedback “only motivated us to push harder.”  

Team members aim to continue their collaboration and build upon their research, such as incorporating more data on vaccinations, for future presentations and publication. 

This article is part of a series of stories from the first UNICC Global Hackathon: Data for Good that took place in February 2021. The hackathon drew registrations from a total of 140 students from 54 universities located in 13 countries around the globe, all of whom came together to tackle three major UN related challenges: Covid-19 Open Challenge, Refugee Crisis: Predict Forced Displacement, and the UN75 Visualization Challenge. To learn more about this successful event and its wonderful finalists, please refer to this article here.