Hackers are preying on amateur crypto investors as cost-of-living crisis bites

Huge crypto scam targeting newbie investors uncovered

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers from Group-IB have spotted a major crypto scam campaign whose goal is to defraud people out of at least €250.

That may not sound like a lot, but the attackers have employed more than 11,000 domains to carry out the scam, potentially netting huge returns.

The premise is simple: the fraudsters created a fakeinvestment platformwhere people can “invest” in different cryptocurrencies. The platform guarantees earnings and high gains for everyone who signs up and uses the service. When the victim makes the deposit, it shows up in their dashboard, where they can track their earnings. The platform, obviously, shows bogus numbers, which sometimes even motivate the victims into depositing even more of their investmentbudgets, expecting even more earnings.

Troubles with withdrawals

However, once they try to withdraw the money from the platform is when the scam becomes obvious. Not only does the platform prevent the user from withdrawing the cash, but it also demands one last payment.

This fake investment platform is supported by a network of more than 11,000 promotional domains. The threat actors would use these domains, together with stolen social media accounts, to promote the platform, often using celebrity identities to try and add more legitimacy to the ad.

If the victim clicks the ad, and ends up on the fake platform (after a series of redirects), they’ll get a call from a “customer agent” that explains the terms and conditions, and guides the victim through the onboarding process.

Apple, Google told to explain themselves after crypto scams hit app stores>Crypto scams are now a billion-dollar market>These are the best bitcoin wallets right now

It’s quite an elaborate scheme.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The researchers are saying that right now, more than 5,000 malicious domains are still actively promoting the platform. People in the UK, Belgium, Germany, the Netherlands, Portugal, Poland, Norway, Sweden, and the Czech Republic, are among the victims.

When it comes to cryptocurrency investments andstock trading, it’s always a good idea to double-check, and triple-check everything. There are very few celebrities actually involved in the industry, while others, such as Elon Musk, are being abused left and right.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

5 must-have Android apps