Researchers have uncovered a sophisticated and far-reaching scam campaign in which threat actors impersonate leading global news websites including CNN, BBC, CNBC, News24, and ABC News to promote fraudulent investment opportunities.
According to the Report, the operation spans at least 50 countries with the United States identified as the primary target.
The scammers leverage the credibility of well-known news brands to lend legitimacy to their scheme, significantly increasing the likelihood that unsuspecting users will fall victim.
Massive International Campaign
The attack vector begins with the purchase of sponsored advertisements on major platforms, most notably Google and Facebook.
These ads invariably feature headlines designed to entice clicks through sensationalist language, often naming local celebrities as alleged endorsers of a “breakthrough” passive income opportunity.
Once targeted users click the ad, they are redirected to a professionally crafted website that convincingly mimics the look and feel of established news outlets.
The sites, numbering more than 17,000 globally, host fabricated articles that aggressively promote the supposed investment platform, touting immediate and effortless returns.
Victims are encouraged to register their personal details name, email, and phone number ostensibly to access more information or begin investing.
Shortly after submitting their information, users are contacted by individuals purporting to be financial advisors.
These “advisors,” in reality scammers, reference the fake news article and guide victims to make an initial deposit, typically around $240, into a bogus trading platform.
Popular names for these fraudulent platforms include Eclipse Earn, Solara Vynex, and Trap10. To enhance the illusion of legitimacy, the scammers sometimes invoke Know Your Customer (KYC) regulations as justification for further data collection.
The fraud continues as these platforms show victims fictitious profits in their accounts, encouraging them to invest larger sums under the pretense of maximizing their returns.
However, when victims attempt to withdraw funds, they encounter a series of obstruction tactics ranging from demands for additional fees and complex verification steps, to outright account lockouts.
At this point, most realize they have been defrauded, often losing not only their principal investment but also subsequent payments made in vain attempts to reclaim their funds.
Making matters worse, the scammers routinely sell victim data to other fraud syndicates, exposing users to further exploitation.
Targets Users With Fake News Sites
Technical analysis of the campaign reveals several consistent indicators of fraudulent activity.
The social media accounts running the sponsored ads typically have no posting history, negligible numbers of followers, and incomplete profiles.
URLs associated with these imitation news sites frequently employ cheap or obscure top-level domains such as .xyz, .io, .shop, or .click, and frequently deploy typosquatted variations of well-known brands.
The content of the ads or fake articles often guarantees implausible profits within a short period an immediate red flag for experienced observers. Researchers urge users to remain vigilant against such tactics.
Security experts recommend utilizing real-time security solutions capable of blocking malicious domains, refraining from clicking on unsolicited links, and independently verifying the authenticity of any investment offer, especially those allegedly endorsed by celebrities.
Consumers are also advised to confirm the legitimacy of financial platforms through official regulatory bodies such as the SEC in the US or the FCA in the UK before committing any personal information or funds.
For those who may have inadvertently interacted with scammers or disclosed sensitive information, immediate action is essential.
Advisories include ceasing all communication with the fraudulent party, changing account passwords, enabling two-factor authentication, contacting financial institutions to flag or freeze dubious transactions, and monitoring credit reports for signs of identity theft.
Reporting the incident to relevant authorities is also crucial in combating this growing threat.
As the scale and sophistication of these campaigns continue to increase, digital literacy and constant vigilance remain the first line of defense for both individuals and organizations against a rapidly evolving cybercrime landscape.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant updates
