The UAE Cybersecurity Council and Group-IB, a cybersecurity firm released critical findings regarding a burgeoning fake investment scam that has been plaguing internet users worldwide. The majority of targets, approximately 60 percent, were from the Middle East and Africa (MEA) region.
The scheme, which continues to operate, has resulted in financial losses for individuals and serves as a stark reminder of the ever-evolving tactics employed by cybercriminals.
Group-IB’s Digital Risk Protection team has identified nearly 900 unique scam pages employed by the perpetrators, with these pages disseminated through Facebook advertisements.
The malicious ads entice users with promises of lucrative investment opportunities in renowned companies hailing from 13 different countries. To add a veneer of authenticity, the scammers frequently incorporate the logos of these impersonated companies into their advertisements.
The scam campaign peaked in December 2022, garnering a significant number of victims. The financial toll of this fraudulent operation was an estimated $280,000 in damages inflicted on internet users between March and June 2023, according to Group-IB’s estimations.
To combat this cyber threat, Group-IB implemented its zero-tolerance policy towards cybercrime, promptly blocking all scam pages featuring the likeness or branding of Group-IB’s clients.
The company’s cybersecurity experts employed their proprietary Digital Risk Protection platform, utilizing advanced artificial intelligence technology for accurate logo analysis and text recognition, in their ongoing investigation of this elaborate scam campaign.
The primary objective of the campaign is recognised to be financial gain, according to the report. They exploit individuals’ trust in well-known brands and employ sophisticated social engineering techniques to scam users.
Group-IB began tracking the scheme in June 2022, when the scam campaign first emerged. However, evidence suggests that the scammers may have acquired a portion of the domains used to host the scam sites as early as 2020.
In total, 884 unique scam pages were registered, with a peak in activity recorded in December 2022, during which 308 new pages were created. The majority of victims hailed from the MEA region, with the bulk of the advertisements featuring text in Arabic. Latin America accounted for 9.2 percent of the scam pages’ targets, while 4.8 percent were directed to the Asia-Pacific region. Approximately 25 percent of the scam pages lacked a specific geographical focus.
Financial and insurance companies proved to be the most frequently impersonated sector, accounting for 30 percent of all scam pages discovered during this campaign. Other targeted sectors included transportation, stock trading, oil and gas, and construction.
Estimated potential financial losses from the campaign over a four-month period, amounting to $280,000, based on their analysis of activity on several of the scam sites between March and June 2023.
H.E Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government said, “As technology continues to advance, so do its risks. Our eagerness to adopt new innovative technologies in the pursuit of advancement has made us an attractive target for cybercriminals. However, we’ve been resilient in the face of these challenges, learning invaluable lessons and placing cyber literacy as a priority. The UAE Cybersecurity Council has been dedicated to enhancing cybersecurity awareness and fortifying the digital landscape, contributing significantly to reducing the influence of scammers. The UAE, a leader in the cybersecurity space, stands as a prime example with its cutting-edge infrastructure and comprehensive strategy to bolster digital defenses. Agility in swiftly addressing emerging threats is paramount in today’s dynamic cyber landscape.”
Typically, victims of this scam encounter enticing advertisements on their social media feeds, often presented in multiple languages, including English, Arabic, and Spanish. Arabic-language advertisements, in particular, promise individuals the chance to make millions by investing a mere $200. The adverts may contain keywords such as “news,” “media,” “investment,” and “digital,” in English or Arabic. Spanish-language ads lure users with the prospect of earning money each month.
Once users click on these ads, they are redirected to scam pages with the logos and branding of reputable companies, urging them to register for a seemingly lucrative investment opportunity. The scammers request personal information such as the user’s name, email address, and phone number, exploiting the victims’ desire for quick and easy financial gain.
For those who may have encountered this scam or similar threats, it is crucial to exercise caution, verify the legitimacy of investment opportunities, and report suspicious activities to the relevant authorities.
Follow us on
