In a recent report shared with The Hacker News, cybersecurity researchers have uncovered a new type of investment scam that combines social media malvertising, company-branded posts, and AI-powered video testimonials featuring well-known personalities. This scheme, known as Nomani, aims to lure victims to phishing websites and forms to extract their personal information. The scam has seen a significant uptick, with over 100 new URLs detected daily between May and November 2024, marking a 335% increase from the first half of the year.
The fraudulent ads associated with Nomani target individuals who may have fallen victim to previous scams, using enticing messages about reclaiming stolen money or seeking help from Europol and INTERPOL. These ads are circulated through fake and stolen profiles linked to small businesses, governmental entities, and micro-influencers, as well as through deceptive reviews on Google and posts shared on messaging platforms like Messenger and Threads.
Victims who interact with these ads are directed to phishing websites that masquerade as legitimate sources, such as local news media or cryptocurrency management platforms. Once the scammers obtain the victims’ contact information, they proceed to manipulate them into investing in fake products that promise high returns. When victims request payouts, they are coerced into providing more personal information and paying additional fees, resulting in both financial loss and data theft.
The origins of Nomani point to Russian-speaking threat actors, as indicated by source code comments in Cyrillic and the use of Yandex tools for visitor tracking. Similar to other major scam operations like Telekopye, different groups likely manage various aspects of the attack chain, including creating and abusing social media accounts, setting up phishing infrastructure, and operating call centers. Despite banks’ fraud prevention measures, scammers often succeed in outsmarting victims by building trust through social engineering tactics.
This revelation comes as South Korean authorities dismantle a large-scale fraud network that defrauded victims of millions of dollars through fake online trading platforms in an operation dubbed MIDAS. The fraud ring utilized SMS, phone calls, YouTube videos, and chat rooms to entice users into investing in illicit home trading system programs. Ultimately, these scams highlight the ongoing challenges posed by sophisticated cybercriminal operations and the importance of vigilance in protecting personal and financial information.
Source link