Cybersecurity researchers uncover disproportionate rise in investment scams on social media

CloudSEK, a leading threat intelligence firm, has released an in-depth report exposing a troubling rise in investment scams targeting individuals in India and other countries.

These scams primarily operate through popular social media and messaging platforms like WhatsApp and Telegram, and the findings indicate a significant escalation in both the scale and sophistication of these fraudulent activities.

Rising Threats
In early 2024, CloudSEK detected a surge in malicious content on these platforms. The report reveals over 29,000 fraudulent investment ads on Facebook and 81,000 fake investment groups on WhatsApp.

Furthermore, more than 81,000 Twitter accounts mimic well-known financial institutions, lending legitimacy to these scams.

Elaborate Deception Tactics
The scammers employ advanced tactics to fool potential investors. By impersonating reputable financial institutions and professionals, they draw individuals into fake investment groups with promises of substantial and quick returns. These schemes involve stolen data, fake profiles, and manipulated trading platforms, all aimed at deceiving victims and stealing their money.

These scams are not limited to one region but affect several countries, including India, Malaysia, the USA, Thailand, and Vietnam. According to the report, scammers buy personal data at $100 for every 10,000 lines of data containing phone numbers and names. They also pay between 10,000 USD and 30,000 USD for data from a single site. It is a cryptocurrency known as Tether. Since January 2024, the extensive operations have resulted in over 29,000 fraudulent ads on Facebook, 81,000 fake WhatsApp groups, and more than 81,000 impersonated Twitter accounts.

Financial Impact
A single scam operation can lead to monthly consumer losses of around USD 50,000 (over INR ₹41 lakh). The modus operandi involves acquiring hacked stock trading data from brokers who source it from underground forums. These brokers then sell the data to organized crime groups running large-scale trading scams.

Handlers and actors pose as successful investors within these groups, using social media to lure victims into WhatsApp groups. Once inside, victims are shown fake proof of earnings and promised high returns, only to see their investments vanish.

Different Types of Scams
The report categorizes the scams into two primary types: crypto scams and stock trading scams. In crypto scams, victims are enticed to invest in cryptocurrency through fraudulent websites. In stock trading scams, victims are coaxed into investing in stocks with false promises of high returns.

Scammers use various strategies to gather data, including targeted social media ads, unsolicited direct messages, fake investment groups, and SMS invitations. They often impersonate real financial advisors and institutions to build credibility and trust with potential victims.

Social Engineering Techniques
The report details the social engineering techniques scammers use to manipulate victims, such as pre-scripted messages, fake training setups, and strategic group chat management. Scammers exploit psychological pressure tactics, creating a sense of urgency and fear of missing out (FOMO) to push victims into investing more.

A common tactic is impersonation, where scammers create fake profiles that mimic real financial advisors, firms, or regulatory bodies like SEBI. They steal genuine contact information and credentials to gain the trust of victims. Multiple WhatsApp groups are managed strategically to handle many victims, with team members taking on roles such as impersonators, hype creators, and affiliates.

Fake Training and Trading Platforms
Scammers also create fake training setups, design web applications that mimic live training platforms, and use legitimate trading training videos that have been repurposed and tweaked to appear as part of their scam. Additionally, they create fraudulent apps that resemble genuine trading platforms. These apps show fake profits to encourage further investments but ultimately block withdrawals.

CloudSEK’s report emphasizes the need for increased awareness and vigilance among investors to recognize and avoid these sophisticated scams. Understanding the methods and tactics used by these fraudsters can help potential victims protect themselves. The report aims to educate and safeguard investors, helping them navigate the complex world of online investment opportunities.

Share your love

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed