It seems that Twitter has become so saturated with cryptocurrency scams that attackers are finally starting to target other platforms, like Facebook.
Unlike the standard Bitcoin free scams on Twitter, the scam of Facebook (as noted by Hard Fork) is designed to trick users into giving up sensitive data, like information on their credit card. As a distraction tactic, the attackers created a series of fake and call-to-action pages, the first of which is a fake Sponsored A.D.
The announcement, which addresses the malevolent replication of CNBC, promotes a "big" investment opportunity in a non-existent cryptocurrency called CashlessPay. It was published on the Facebook page of a musician named Jonatanas Kazlauskas; We asked Kazlauskas if his account had been violated, but we still have to listen to him.
Once the announcement leads you to the new website, the scam becomes slightly more noticeable, although it may still deceive some less knowledgeable people.
Among other things, the URL (which we decided not to share as a precaution) does not correspond to a CNBC domain. The false news report basically claims that Singapore has approved new legislation that favors the adoption of cryptocurrencies.
"Singapore, in an unprecedented move, has just announced that it is officially adopting a certain cryptocurrency as the official currency of Singapore," reads the false CNBC report. "The Singapore government has just informed us that they have chosen a preferred company for the purchase and marketing of their new currency – CashlessPay Group. "
Adorned with false testimonies of celebrities (including that from the British business man Richard Branson), the rest of the passage accompanies readers through the process of "investment" in CashlessPay.
In the end, the fraudulent replication of CNBC leads to another false page, this time the website of the false cryptocurrency CashlessPay.
All links on the website are interrupted, with the exception of a registration form at the top of the website that asks users to enter their personal information, including phone number and email address.
Once a victim has filled out the form, the website takes you to another fake page, which redirects you to a series of fake cryptocurrency trading desks.
So far, Hard Fork has identified at least two of these pages: a call Roiteks and another call CoinPro Exchange. According to the ScamBroker scam database, both pages have been registered by Bulgaria. ScamBroker also notes that both "exchanges" seem unregulated, not that this is surprising.
Regardless of which page you finish, you will be asked once again to enter your personal information – and then your credit card details. Interestingly, both pages look like they have a live chat window.
We used PayPal's credit card generator, a popular payment test tool, to see what would happen once users sent credit card information, but each transaction was rejected.
This is the error returned by the site:
Interestingly, although scammers use the cryptocurrency hype as a hook for their cheating, they are still trying to get old-fashioned funds – via credit cards and bank transfers.
In any case, if in some way you end up on a suspicious exchange, always make sure to check its legitimacy before entering your personal information. It is likely that someone could be a phishing for your data.
Cryptocurrant ads on Facebook
What makes this case particularly interesting is that the attackers managed to foil malicious cryptocurrency ads beyond Facebook's defense mechanisms.
At the beginning of this year, the social media giant banned blockchain and cryptocurrency ads, but the witty marketers have still found ways to introduce them. In the end, the company canceled some of the restrictions on crypto-ads allowing pre-approved advertisers to promote on its platform.
But now it seems that the scammers have found a way to exploit its updated policy.
Cryptocurrency thieves addressed to social media platforms
Even if the last one, Facebook is not the only platform targeted by scammers.
Twitter has struggled to curb a series of giveaway scams on its platform since at least February.
Although the attackers initially deployed armies of robots – often impersonating crypto-celebrities – for mass-spam links to tributes, their strategy evolved over time. Instead of simply publishing large volumes of free links from random accounts, scammers have found ways to hijack verified profiles (and disguise them as fake Elon Musk).
In fact, many politicians and government accounts, as well as giants like Google and Target, eventually fell victim to tactics.
It will be interesting to see if Facebook can deal with the problem more effectively than Twitter. We have contacted Facebook for a comment and we will update this piece accordingly, if we were to respond.
In the meantime, be careful where you click when you scroll on Facebook: the cryptocurrency epidemic is spreading.
Published 28 November 2018 – 14:48 UTC