Cyber Security

New Breed of Romance Scams Employs Fake Cryptocurrency Exchanges

AhnLab’s Mobile Analysis Team has uncovered a sophisticated new wave of romance scams that exploit the burgeoning interest in cryptocurrency investments.

Unlike traditional romance scams that ask for money directly, these new schemes involve intricate manipulations, including the use of fake cryptocurrency exchanges to defraud victims.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Luring Victims

Scammers initiate contact through social media, creating posts designed to attract the attention of potential victims.

These posts are generally innocuous and do not mention cryptocurrency directly.

The perpetrator sends a DM upon being followed by the victim and urging them to take the conversation to a messenger app with a translation feature

Once a victim engages with the post, the scammer uses direct messages to express gratitude and gradually moves the conversation to a messenger app equipped with translation features, enhancing their deceit by breaking language barriers.

Over several days, the scammer builds a rapport and assesses the victim’s susceptibility to the scam, reports the AhnLab Team.

Offhandedly mentioning cryptocurrency profits

They hint at lucrative cryptocurrency investments, sharing tales of substantial profits from a secret source, thus sparking interest in their unsuspecting target.

When a victim shows interest, the scammer introduces a fake cryptocurrency exchange, steering them away from legitimate platforms.

They fabricate advantages and restrictions to convince the victim that their recommended exchange is superior.

The scammers go as far as listing their fake exchange, “CoinB”, on popular platforms like Wikipedia and Namuwiki, misleadingly associating it with the reputable “Coinbase”.

This false information is propagated through social media platforms like YouTube and Facebook.

“CoinB” listed on Namuwiki and Wikipedia

Victims are encouraged to use a virtual account to familiarize themselves with the app, deliberately designed only to showcase features necessary for the scam.

This step includes a fake demonstration of profit, deepening the victim’s trust and investment desire.

Exfiltration of Personal Information

In the final stages, victims input their financial and personal information into the app to register and purchase coins.

This risks their financial loss and exposes them to potential identity theft.

Entering financial and personal information in the app, including cryptocurrency wallet address

The impact of these scams is profound, extending beyond financial losses to include emotional distress and potential identity theft.

The global reach of these scams, facilitated by translation features in messaging apps, highlights online fraud’s increasing sophistication and danger.

To combat these scams, individuals must be vigilant and skeptical of unsolicited investment advice and opportunities.

Here are several preventive measures:

  • Verify the legitimacy of any cryptocurrency exchange before use.
  • Be cautious of individuals who rush or pressure you into financial decisions.
  • Keep anti-malware software updated to protect against malicious applications.
  • Educate oneself about common tactics used in online scams to recognize red flags better.

This new breed of romance scams underscores the necessity for continuous education on cybersecurity practices and the importance of maintaining skepticism online.

Users are urged to report suspicious activities and help authorities halt these fraudulent schemes.

IOC

7353b685c49432783906cd74ce4cefdc
f1e88bc7c240507b2bbbea646205c8de
8977ff762385e1c5dd1515d098147ad2
41d5e86dbfd90c994c3b2de8e014c89c
6443f4586afdd3ca6f8372ab569c2911
f42db78ae4fa84e85905c831087ca210

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free

Dhivya

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Bondnet Using High-Performance Bots For C2 Server

Threat actors abuse high-performance bots to carry out large-scale automated attacks efficiently. These bots can…

2 hours ago

Discord-Based Malware Attacking Orgs Linux Systems In India

Linux systems are deployed mostly in servers, in the cloud, and in environments that are…

2 hours ago

New Moonstone Sleet North Korean Actor Deploying Malicious Open Source Packages

In December 2023, we reported on how North Korean threat actors, particularly Jade Sleet, have…

5 hours ago

Life360 Breach: Hackers Accessed the Tile Customer Support Platform

Life360, a company known for its family safety services, recently fell victim to a criminal…

7 hours ago

Microsoft Delays Release of Controversial Windows AI Recall Tool Amid Privacy Concerns

Microsoft has announced that it will delay the broad release of its AI-powered Recall feature…

11 hours ago

SmokeLoader – A Modular Malware With Range Of Capabilities

Hackers misuse malware for diverse illicit intentions, including data theft, disrupting systems, espionage, or distortion…

1 day ago