The page features Elon Musk’s Tesla logo instead of Trump’s campaign logo, demonstrating how criminals tailor their content to appeal to different audiences, i.e., politically engaged vs cryptocurrency minded. The perpetrators of these scams commonly use social engineering tactics via email, social media platforms, and messaging apps to coax victims into visiting a phishing website where the fraudulent transaction then takes place. By removing the need for custom text, and by using short, generic copy, threat actors alleviate any need to review their content or adapt it for different scenarios. The three crypto-doubling variants identified through our research use similar tactics, but their variances reflect how criminals’ resource and time investment differs scam to scam. Variant 3 appears to hot swap personas while retaining the same core content, i.e., a new persona is used, while the other webpage assets remain the same. The scam uses the same header, which consists of a logo, navigation links to page sections, and a “Participate” call to action (CTA) which links to a page containing wallet addresses for the transaction. All the examples exploit the image of Republican presidential nominee Donald Trump, tech entrepreneur and billionaire, Elon Musk, or a blend of both. In variants both 1 and 2, we observe extra, custom assets (logos, text, diagrams, etc.) being used to provide a theme to the web content. The only variances in these examples are the target personas (different headshots) and in some cases the page colour and/or appearance (see fig. To summarize, variant 3 demonstrates the speed and efficiency with which threat actors make use of ready-made, easily customizable assets to improve the efficiency of their campaigns, potentially increasing their gains. The page content is rich, incorporating graphs and diagrams with step-by-step instructions and QR codes linking victims to a payment page. Unlike variant 1 (and variant 3), variant 2 includes an extra “What’s Happening” section, providing context on the cryptocurrency “giveaway” (see fig. Netcraft logged the following common characteristics from variant 3 in this crypto-doubling scam. To help brands and internet users act with greater caution during that time, this article analyzes the different variants from this latest, debate-themed scam. Crypto doubling leaves harms victims financially and emotionally and impacts customer/voter trust in the brands and personas being imitated. However, it calls out the US presidential election debate between Donald Trump and Kamala Harris directly in the text (see fig. Netcraft has identified many examples using this approach, which is distinguished by its use of the distinctive hexagonal image frame and stock copy. Off-brand language and grammatical errors—common telltale signs of fake content—still occur across the site, such as, “Donald Trump immersing himself in the world of cryptocurrency to offer a nice gift to cryptoinvestors” or simply “Check instruction”. Netcraft observed similar tactics being used in attacks in March, during some of the earlier primary elections. Variant 2 utilizes content assets like those in variant 1. Crypto-doubling scams lure victims into transferring cryptocurrency under the false pretence that their investments will be doubled. The characteristics of variant 3 are particularly interesting in the context of resource expenditure on the criminals’ behalf. NEW WEBINAR: Watch Netcraft's latest deep dive into P2P messaging scams like never before.
This Cyber News was published on www.netcraft.com. Publication date: Wed, 02 Oct 2024 09:43:07 +0000