Cybercrime follows a worryingly upward trend, and by 2029 is estimated to drain $15.63 trillion from the global economy. With the proliferation of AI, it’s even easier for hackers and threat actors to use social engineering and brute force hacking to exploit vulnerable people and code.
Bad signals, generated by threat actors, act as a red herring for online safety practitioners. The Global Signal Exchange aims to weed these out and act quickly to prevent bad websites, links, and applications from conning unsuspecting targets.
The internet, much like the ocean, is a vast and expansive space. A clean-up of this magnitude requires a concerted effort across the board. Partnering up to realize the dream of a safer, more secure online experience, are three internet and digital heavyweights.
In a joint effort to combat internet fraud and online scams, Google, the Global Anti-Scam Alliance (GASA), and the DNS Research Foundation have partnered to create the Global Signal Exchange. This centralized platform was created to combat threat actors exploiting vulnerabilities and provide a coordinated approach to reducing the risk of fraud.
What is the GSE?
The Global Signal Exchange uses a collaborative approach to counteract bad signals and eliminate online fraud and scams. The trio of powerhouse stakeholders include:
Google: the founding member providing decades’ worth of experience in combating cyber fraud
GASA: a partner organization with an extensive network of digital safety and online practitioners
DNS Research Federation: a data platform with over 40 million signals.
Together, they aim to act as a global clearinghouse, identifying bad signals and rooting out threat actors before they claim victims. Their collective vision is to create a user-friendly solution for qualifying institutions. Through rapid detection and identification of harmful signals, the GSE aims to scale online defense against fraudulent activity across various sectors, platforms and services.
GSE Partner Organizations
The Global Anti-Scam Alliance (GASA)
GASA’s mission is to create a safe online environment where internet users are “safe from the financial and emotional trauma caused by online scams.”
They work to facilitate impactful collaborations between various stakeholders which include governments, law enforcement agencies, financial authorities, and cybersecurity companies. GASA advocates for the victims and targets of internet fraud and online scams by partnering with relevant groups to create guardrails.
DNS Research Federation
This non-profit company was founded in 2021 and established in Wales. They have a global reach and an agenda that focuses on facilitating partnerships between key stakeholders from all aspects of the DNS ecosystem: big brands, domain name industry, public safety, and academia.
The Research Federation has utilized strategic partnerships with academia to further support researchers in the DNS arena. In terms of the Global Signal Exchange, DNS hopes to provide a holistic understanding of internet fraud and scams, and develop new ways to detect and identify malicious and suspicious activity.
GSE Development plan
If you’ve ever seen the warning in the image above, then you’ve experienced Google’s powerful diagnostic tool at work. With over 100,000 malicious URLs identified, the GSE is piloting its program through Google Shopping, an application regularly targeted by scammers.
In fact, scams on Google Shopping have become so sophisticated that even a senior employee at Google was duped, which led to a global probe into the issue. They’re determined to put a stop to the fraud and regain consumer confidence.
“Our mission is to make a platform like Google Shopping so safe, that people will feel like, ‘OK, I found this through Google Shopping so I trust it,’” says Saikat Mitra, the Head of Trust and Safety.
They have a long road ahead and plan to utilize data from various Google enterprises to improve the testing, detection, and identification process. The GSE will act as a comprehensive guardrail against threat actors exploiting internet users.
The program is hosted by Google’s Cloud Platform and in time users will be able to use the GSE program to share and consume signals identified and gathered by others.
“We know from experience that fighting scams and the criminal organizations behind them requires strong collaboration among industry, businesses, civil society and governments to combat bad actors and protect users,” Google wrote in a blog post. “We’re committed to doing our part to protect users, including through our continued work developing tools, publishing research and sharing expertise and information with others to protect people online.”
They went on to say that, “By joining forces and establishing a centralized platform, GSE aims to improve the exchange of abuse signals, enabling faster identification and disruption of fraudulent activities across various sectors, platforms and services.”
Scams, Fraud, and Online Threat Actors in 2024
Artificial Intelligence is a double-edged sword. On the one hand, we’ve been able to use this incredibly powerful technology to make advancements in medicine, engineering, and technology. But in the wrong hands, AI makes it easier for threat actors to create convincing replicas of websites, impersonate individuals, and scale their brute-force attack attempts.
Combating cybersecurity in the context of AI is a challenge. From sophisticated social engineering scams, convincing phishing attempts, and deepfakes, a concerted effort is needed across all spheres of society. This is why the Global Signal Exchange stands out as a forward-thinking solution; their collaborative approach doesn’t stop at the three partner organizations that founded the program; it will soon include users.
Spike in third-party data breaches
While the GSE is currently focused on providing a secure internet experience for users, there’s a wider conversation to be had about how comprehensive tools can be used to improve organizational cybersecurity.
2023 saw a dramatic increase in global data breaches, with up to 20% more reported incidents. As the numbers continue to climb, experts predict that major tech companies will be at the receiving end of threat actors’ efforts. There are a number of reasons why cyber attackers will focus on big tech companies, which include:
A large number of APIs, which are easier to infiltrate
Large pools of (sensitive) customer data
Zero-day vulnerabilities that lurk undetected.
The hope is that in the future, enterprise cybersecurity will match the strides being made to protect consumers in the open marketplace. The GSE provides a framework for an innovative approach to solving modern-day cybersecurity challenges.
Alex Tampolskiy, the CEO of SecurityScorecard, succinctly wraps up this topic by stating that “threat actors will continue evolving their tactics, techniques and procedures and organizations must pivot accordingly.”
Concluding Thoughts
The internet is synonymous with Google. Their partnership with leading cybersecurity experts DNS Research Federation and the Global Anti-Scam Alliance signifies a new era in internet safety and security.
The Global Signal Exchange is a joint effort that arose out of concern for the steadily increasing online fraud and scam activity. Putting internet users at the center of their priorities, Google Shopping is the application selected to pilot the program.
While consumer activity is the main focus of the GSE, the model provides an interesting approach to internet security that could be applied at scale. When we think about the broad spectrum of cyber fraud, major tech companies are at risk of threat actors exploiting zero-day vulnerabilities and utilizing artificial intelligence to enhance hacking.
Still, in our increasingly digital world where everything from banking to healthcare takes place online, knowing that the major players in the online environment are taking a stand is a great comfort.
