A network of more than 11,000 websites being used for industrial-scale investment fraud has been uncovered by security researchers at Group IB. The scammers use advertisements on social media networks such as Facebook and YouTube, which direct users to websites offering fake investment schemes. The posts, adverts, and websites often appear to have been endorsed by well-known local celebrities, and the websites themselves are well designed and believable. The campaign is being conducted across Europe, including the United Kingdom, Belgium, the Netherlands, Germany, Poland, Portugal, Norway, Sweden, and the Czech Republic.
Investment fraud is big business. The Federal Bureau of Investigation Internet Crime Complaint Center received complaints from 20,561 victims of investment fraud in 2021, who lost a total of $1.46 billion to the scams. Investment fraud is the second biggest cause of losses to cybercrime behind business email compromise scams.
In this European campaign, a click on the social media ad will see the victim directed to a fake investment broker website that includes testimonies from investors who have made successful trades on the sites and have cashed out and withdrawn their earnings. These pages include notifications indicating people have recently withdrawn hundreds of Euros in profits from trading. In order to get involved, an initial investment of €250 is required.
In one of the social media posts identified by the researchers, Belgian presenter, singer, and entrepreneur, Gert Verhulst claims to have invested in the scheme and has surprised experts and frightened banks. His image has been used without consent and the presenter is not associated in any way with the scam. A comment under the post indicates an individual has recently invested €250 and earned €700 in just 3 days.
In order to join this get-rich-quick scheme, a user must register on the site and provide their contact details. They will then receive a telephone call from someone who will help them create their profile and account and make the initial €250 deposit. The fake account manager will also try to increase the size of the initial deposit, with the victim is required to provide their credit card details.
The Group IB researchers registered on the site to determine how the scheme works. They were called soon after registering on the site and were asked how much they want to invest, how much they could invest, how they made their money, and how much time they spent on work. They were encouraged every step of the way and were pressured into providing their credit card details for the deposit.
If a deposit is made, the user’s dashboard makes it appear that they are earning well to encourage them to reinvest; however, no trading takes place and the figures in the dashboard are fake. The victim will be told that in order to meet the payment threshold, they will need to invest more funds, and so the process continues until the victim realizes it is a scam and their money has been lost.
Group-IB said that at the time of publication of the report, 11,197 domains had been registered and were being used in the investment fraud scheme, of which 5,091 remain active.