Cybersecurity researchers from Sophos have revealed a new fraud campaign that involves catfishing on social media, a few fake apps, and a whole lot of cryptocurrency.
The premise is simple - a fraudster will create a fake identity (opens in new tab) (mostly female) on popular social media and dating sites, find gullible victims, and take them for all they’ve got.
After exchanging numerous messages and gaining their trust, the attackers will persuade the victims into jointly “investing” in cryptocurrencies, on imitations of popular trading apps. In one such instance, the attackers created RobinHand, a fraudulent version of the popular RobinHood trading platform.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
>> Click here to start the survey in a new window (opens in new tab) <<
Romance-based money scams are as old as time itself, but many have recently been updated with the proliferation of cryptocurrencies.
Distributing iOS apps
Sophos notes that the criminals were able to distribute these apps even on iOS, by abusing Apple’s “Super Signature” application distribution scheme, as well as TestFlight (a feature used to test “beta” versions of apps before they make it to the actual repository).
The “jointly investing” part is also a trick. As the fraudsters operate the app’s backend, they are able to show the victim’s account as having any amount of money, deepening their trust. However, the victim can never withdraw the money - it’s permanently lost.
The rabbit hole goes even deeper. Once the victim tries to withdraw the funds, and sees that they cannot do that, the fraudsters will suggest they reach out to “customer support”, where they’ll be told to pay 20% “tax” to withdraw the funds, taking every last penny out of their accounts. Those that deny will get a little “nudge” - their love interest will offer to “lend” a part of the tax funds.
> This fake crypto exchange has swindled millions from its victims (opens in new tab)
> Hundreds of Crypto.com accounts hacked after it was hit by major data breach (opens in new tab)
> Cryptocurrency crime hit an all-time high in 2021 (opens in new tab)
The whole operation, dubbed CryptoRom, first targeted the Chinese-speaking community, but as of late, has been expanding globally, Sophos says.
“These scams are well-organized, and skilled in identifying and exploiting vulnerable users based on their situation, interests, and level of technical ability. Those who get pulled into the scam have lost tens of thousands of dollars,” the report concludes.
- These are the best privacy tools (opens in new tab) right now