stock

Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe.

The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims.

The goal of the operation is to trick users into an opportunity for high-return investments and convince them to deposit a minimum amount of 250 EUR ($255) to sign up for the fake services.

Researchers at cybersecurity company Group-IB discovered the operation and mapped the massive network of phishing sites, content hosts, and redirections.

Map of the malicious infrastructure network
Map of the malicious infrastructure network (Group-IB)

According to Group-IB, more than 5,000 of the identified malicious domains are still active.

Currently, the countries targeted in this scheme are the UK, Belgium, Germany, the Netherlands, Portugal, Poland, Norway, Sweden, and the Czech Republic.

Scamming process

The fraudsters put an effort into promoting the campaigns on various social media platforms or use compromised Facebook and YouTube to reach as many users as possible.

Facebook post promoting the scam
Facebook post promoting the scam (Group-IB)

Victims that fall for the trick and click on the ads to learn more are redirected to landing pages showing alleged success stories.

The fraudsters then request contact details. A "customer agent" from a call center reaches out to the victim and provides the investment terms and conditions in an elaborate social engineering scam.

Fake investment portal targeting Dutch users
Fake investment portal targeting Dutch users (Group-IB)

Eventually, the victim is convinced to deposit 250 EUR or more, while the details provided on the fake site are stored and used for future campaigns or resold on the dark web.

Adding a deposit on the fake site
Adding funds on the fake investment site (Group-IB)

Once the victim deposits the funds, they get access to a fake investment dashboard that supposedly lets them track daily gains.

This is to prolong illusion of a legitimate investment and entice victims to deposit more money for larger profits.

The scam is revealed when the victim tries to withdraw money from the platform but not before asking for a final payment.

Investment scam steps diagram
Investment scam steps diagram (Group-IB)

During the investigation, Group-IB researchers interacted with the scammers and recorded the conversation with the operator.

The audio below comes with parts that have been muted for privacy reasons:

Investments are never guaranteed to come without a risk, so promises of sure profit should be seen as red flags.

Also, real investment platforms don't offer personal account managers for small investments.

When an investment platform grabs your attention, it is advisable to make sure that it's from an established broker. Looking for reviews from other users and analyzing multiple comments for a pattern may also reveal the fraud. Many times, scammers don't make an effort to mimic a real user's opinion and publish variations of the same text.

Related Articles:

Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million

Savvy Seahorse gang uses DNS CNAME records to power investor scams

Americans lost record $10 billion to fraud in 2023, FTC warns

FTC warns scammers are impersonating its employees to steal money

US moves to recover $2.3 million from "pig butchers" on Binance