Cryptocurrency scams are increasingly targeting users in Asia, significantly impacting regions like Japan. These scams employ a unique blend of fraudulent advertising and strategic social engineering to deceive investors.
Combining Malvertising with Social Engineering
Cybercriminals are integrating two distinct fraudulent techniques: malvertising and a method known as “pig butchering.” This combination allows them to reach a broad audience through deceptive advertisements while manipulating victims psychologically over time. Reports have shown that some individuals have lost up to ¥10 million in these scams.
The initial phase involves malvertising, where scammers post fake ads on platforms such as Facebook and Instagram. These ads often feature fabricated endorsements from financial experts or promote exclusive investment opportunities, enticing users to click through.
The Path to Financial Loss
Once users engage with these ads, they are directed to counterfeit websites resembling legitimate investment platforms. These sites encourage users to join chat groups on apps like LINE, WhatsApp, or KakaoTalk, promising specialized investment advice.
According to Infoblox analysts, a significant number of suspicious domains were accessed by users in Japan, revealing the scam’s extensive reach. In these chat groups, victims are likely interacting with AI-driven bots, which build trust through fabricated success stories and prompt initial small investments with seemingly high returns. Eventually, victims are pressured to invest more, only to face demands for a “release fee” when attempting to withdraw funds.
Automated Scam Infrastructure
The scalability of these operations is facilitated by advanced automation techniques. Scammers use Registered Domain Generation Algorithms (RDGAs) to quickly create thousands of new domains, complicating efforts to curb their activities. Over 23,000 domains are connected to this network, often employing lookalike names to appear credible.
The chat interactions are managed by AI systems capable of instant responses and language transitions, enabling the execution of high-quality social engineering attacks. This setup supports a “service” model, allowing multiple operators to carry out scams simultaneously with shared resources.
To safeguard against these schemes, it is crucial to verify the authenticity of financial experts’ accounts before acting on social media ads. Additionally, be wary of investment offers promising unrealistic returns and avoid engaging with unverified links or QR codes. It is advised not to transfer cryptocurrency to individuals only met through online chat groups.
