Bitcoin Investment Scam Sent to 250k Via Text Messages Uses Endorsement and Spoof Websites to Trick Victims
A large-scale bitcoin investment scam has already targeted 248,926 people. The attack uses three stages to trick potential victims into giving money to a Bitcoin investment scheme, says a report from Group-IB’s Threat Intelligence and Brand Protection teams. The scammers are using phone numbers and other personally identifiable information (PII) to launch the personalized attacks.
The scammers are targeting people in UK, Australia, South Africa, the US, Singapore, Spain, Malaysia, as well as other countries. Cyber researchers found almost 250,000 phone numbers have been targeted.
This Bitcoin investment scam occurs in three stages – a personalized SMS text message, followed by geo-targeted celebrity endorsements on spoof websites, and finally the investment page itself. The scammers have obtained personally identifiable information about their victims – like names and phone numbers – so they can personalize the messaging. This increases their chances of success.
In the first stage of the scam, the target receives a text message in which the sender is spoofed to make it more believable. The text message contains information about a celebrity who supposedly has a money-making investment secret to share. The text message also contains a shortened link. If the target clicks on the link, it takes the victim to a spoof website.
Spoof Websites Look Convincing
To add more credibility to this scam, the hackers send the target to a landing page that is customized for the target’s geographical region. Depending on where the victims are from, they are taken to a spoof website that likely looks familiar to them. For example, UK targets were directed to a fraudulent website designed to look like The Sun or The Daily Mirror. Australian targets are directed to a spoof Australian Broadcasting Corporation (ABC) website. Victims from Singapore land on a webpage that looks like the legitimate page from The Straits Times.
These spoof web pages are branded to look like news sources that the target will recognize. The fake landing pages impersonate major news sites that are popular in the target’s geographical area. The web page content is also crafted to contain localized information. For example, Australian victims are shown endorsements from Australian business people while US targets are shown messaging from American singer Chris Brown.
The scammers are able to direct the victims to these localized websites because they have the target’s phone number which is tied to their geographical region.
The goal is to lure them into the Bitcoin scam in stage three. The celebrity endorsements claim to have a making money secret for Bitcoin trading platforms like Crypto Cash, Bitcoin Rejoin, Bitcoin Supreme, Banking on Blockchain. They contain fake endorsements from famous people, fraudulent interviews, and comments to help convince the victim into thinking that the investment scheme is trustworthy.
Bitcoin Investment Scam
Links on the spoof pages direct to targets the investment scheme sign up page. Targets can create an account and activate it for a modest fee of 0.03 BTC which is about $270 USD.
Most of the victims are from the UK with 147,610 targeted. Next, is Australia (82,263), South Africa (4,149), the US (4,147), Singapore (3,499), Malaysia (2,491), Spain (2,420), and other countries all with less than 5,00 each.
It’s best to stick with reputable investment platforms like Motley Fool for advice.
The source of the data leak and how the scammers acquired the personally identifiable information (PII) used for the text messages is not known. They have phone numbers, first or last name (possibly both), and in some cases an email address.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers