Investigators Uncover Crypto Scammers Lure Phish Hooks on YouTube

by · February 15, 2023

Investigators Uncover Crypto Scammers Lure Phish Hooks on YouTube

A report reveals a new network of miscreants in the lucrative crypto-fraud market using videos, channels and web apps.

Image: RareStock/Adobe Stock

Helsinki-based security firm WithSecure has uncovered a kudzu-like network of fraudulent content aimed at tricking people into investing in fake cryptocurrency investments.

Driven by what WithSecure characterized as a group of around 30 threat actors, the network encourages participation in online apps posing as investment schemes using the cryptocurrency Tether. The company estimated that the fraudulent apps it discovered were capable of generating just over $100,000 in revenue from approximately 900 victims.

Jump to:

How YouTube Cryptocurrency Scam Works

WithSecure, which collected data for the report in the latter half of 2022, claimed that the perpetrators spread thousands of videos that received engagements from viewers across hundreds of YouTube channels.

The group uses Telegram, which was a vector used by the Keona Clipper malware last June, as a communication channel and deploys copy-paste automation to add comments to the videos to camouflage them as legitimate, according to the security firm.

Investigators found 700 URLs hosting fraudulent web apps linked to videos and served by the network, but parallel data from cryptocurrency wallets “implicated the possible involvement of thousands more,” the report said.

WATCH: FBI Warns Against Fake Cryptocurrency Apps Aiming To Steal Money From Investors (TechRepublic)

According to the report, victims transfer money from an existing cryptocurrency wallet to one of the apps in a one-way transaction. The researchers said there was no movement of crypto back to the victims (Figure A).

See also  The states will enter crypto in 2023

Figure A

Image: WithSecure. A node edge graph of interactions between channels captured in one of the Tether datasets, showing that many of the videos received comments from entirely separate account groups, with activity in the center of the graph showing overlap between commenters.

Victims have to create an account in the advertised app which is delivered as web pages, mobile applications or even automation that interacts with users on Telegram. The victim must then deposit a small amount into the app – tens of dollars, which is immediately drained by the scammers.

WithSecure said many of the videos encourage victims to invite friends and family to participate, dangling a small amount of money for each person invited. The apps also include bonus “VIP” structures that unlock better “investment” options that boast higher returns. These require a larger deposit commitment.

WATCH: Visa breaks down $9 billion investment in security, fraud initiatives (TechRepublic)

“This network seems to be targeting existing cryptocurrency investors with low-quality videos in different languages ​​without localizing them to reach different regions, so I’d say it’s a pretty opportunistic approach,” said WithSecure Intelligence researcher Andy Patel. “Usually this results in a large volume of small transactions.

“But as the volume increases, so do the chances that they will get lucky and find someone who can and will invest more significant amounts.” (Figure B)

Figure B

Image: WithSecure. Presenter talks about the mobile app’s withdrawal functionality.

He said the darker picture, despite the scams’ relative unprofitability, is that the scammers have gamed YouTube’s recommendation algorithms and that the description fields associated with the videos also use a unique style of SEO designed to game YouTube’s search functionality.

“Moderating content on social media is a huge challenge for platforms, but the successful amplification of this content using fairly simple, well-known techniques makes me think that more can be done to protect people from these scams,” Patel said in the report (Figure C).

See also  Trends in the crypto job market are not resonating with traditional tech, hiring experts say

Figure C

Image: WithSecure. Node edge graph of interactions in another dataset tracked by WithSecure. Nodes are marked with weighted out degree: the higher the number, the more comments the account published.

FTC: Crypto scams published small numbers, but overall lucrative

In a June 2022 memo, the US Federal Trade Commission said that crypto is proving a lucrative fraud channel, with more than 46,000 people reportedly losing a total of over $1 billion in crypto to fraud since 2021.

The memo said that cryptocurrency was identified as the payment method for 24% of reported dollar losses in fraud reports to the FTC, and that the median individual reported loss was $2,600. The top cryptocurrencies that people reported using to pay fraudsters were Bitcoin (70%), Tether ( 10%) and Ether (9%).

Crypto Scams to Watch for in 2023

Financial software firm Abrigo, in a 2023 report, reiterated FTC warnings about nine more crypto scams that institutions and individuals should watch out for this year:

  • Romance Scams: Preying on relationships and can have both an investment and payment angle. In a recent memo, the FTC reported that last year nearly 70,000 people reported a romance scam, and reported losses reached $1.3 billion, with a median loss of $4,400.
  • Fraud with businesses, authorities or job impersonation: Threat actors present themselves as trusted online sources and convince users to send them money by buying crypto.
  • Rye pull scam: Investment scammers propose a new crypto opportunity or NFT that requires funding.
  • Phishing Scams: Emails (or “smishing” text messages) contain malicious links that gather details such as a user’s crypto wallet and other key information that provides access to the victim’s crypto.
  • Social media scams: These begin with an advertisement, post or message on social media, especially Instagram, Facebook, WhatsApp and Telegram.
  • Ponzi scheme: Fraudsters collect funds from new investors via cryptocurrencies.
  • Upgrade Scams: Consumers, accustomed to upgrades, can easily be tricked into giving up their private keys as part of an “upgrade”.
  • SIM Swap Scam: Theft of a mobile phone’s SIM card can provide access via DFA to the victim’s crypto wallets.
  • Fake crypto exchanges and crypto wallets: Inexperienced crypto users may be lured into investing in a new high-value cryptocurrency exchange opportunity or a “cheap” Bitcoin that doesn’t exist.
See also  Can You Trust Free Crypto Exchanges?

WithSecure’s Patel told TechRepublic that while there are no obvious business implications associated with this particular scam, both individuals and businesses should always be wary of investment schemes that seem too good to be true. This is especially the case when considering anything related to cryptocurrencies.”

Blockchain, for better or for worse, is here to stay. If you’re interested in learning more about the basics of the technology behind cryptocurrency, check out these blockchain development basics.

Related posts:

  1. Protagonist launches $ 100 million fund to make early-stage crypto companies the protagonist – TechCrunch
  2. CoinW Ventures establishes American branch, strengthens development and innovation of the crypto industry
  3. Web 3.0, Metaverse Signals The Dawn Of A New Crypto Economy, Online Era For People: Report
  4. Top exchanges in battle to buy Voyager Crypto Holdings

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Headline Posts