A massive network of 11,000 domains was found promoting different fake investment scams to European users. According to researchers, more than 5,000 malicious domains are active at present.

What happens at fake sites?

Researchers from Group-IB spotted the operation and tracked the massive network of content hosts, phishing sites, and redirections.
  • The aim of the operation is to fool users into an opportunity for high-return investments and persuade them to deposit the least amount of $255 to register for fake services.
  • The platforms hosted on fake domains display false evidence of enrichment and counterfeit celebrity endorsements to sound authentic.

The targeted countries are the U.K, Germany, Belgium, Portugal, Poland, Norway, the Netherlands, Sweden, and the Czech Republic.

How does the scam work?

At first, the scammers make efforts to advertise their scams on different social media platforms or use hacked Facebook or YouTube accounts to reach more audiences and find potential victims.
  • Users lured into the trick and click on the ads are redirected to landing pages with fake success stories. Subsequently, the scammers request the contact details of the victims.
  • After that, a customer agent from a call center contacts the victim and provides more details about the social engineering scam. The victim is convinced to deposit 250 EUR (or $255) or more.
  • If a potential victim deposits the funds, they get access to a fake investment dashboard to follow their daily gains. This is an illusion of legitimate investment asking users to deposit more amount to earn more profit.

The scam is disclosed when victims try to withdraw money from the platform.

Concluding notes

It is essential to understand that investments never come without risk, and therefore, it is recommended to stay away from risky shortcuts to earn money, which often ends up in fraudulent scams. Never put blind faith in any investment platform an unknown broker offers, and always implement minimum security standards, such as anti-malware solutions and MFA.
Cyware Publisher