sophos-investigates-cyber-fraud-operations
Sophos Investigates Cyber Fraud Operations

Sophos Investigates Cyber Fraud Operations, Confirms Crypto-Romance Scams

Sophos, a global leader in innovating and delivering cybersecurity as a service, today released details of two expansive Cyber Fraud Operations, still operational, pig butchering or shazhu pan rings (elaborate and lengthy financial fraud scams that can cost victims thousands of dollars) that scammers are operating from Asia.

 

One of the rings, based in Hong Kong, involves a fake gold trading marketplace, while the other, based in Cambodia and with ties to Chinese organized crime, netted the scammers $500,000 in cryptocurrency in just one month. In both Cyber Fraud Operations, the scammers targeted Sophos’ principal threat researcher, Sean Gallagher, directly via Twitter and text message, respectively, rather than dating apps, the traditional method used to find and target victims.

Sean Gallagher, principal threat researcher, Sophos stated –

“For two years, we’ve been following and reporting on a subset of these pig butchering schemes called CryptoRom. This is a particular flavor of pig butchering that relies on romance-based lures with scammers approaching potential victims on dating apps and then asking them to invest in fraudulent crypto trading apps. But CryptoRom is really just the tip of the iceberg.”

 

For more latest updates on cryptocurrency crime, visit https://cryptoventurenews.com/category/cryptocurrency-news/crypto-crime-news/.

 

He goes on saying,

“Since the start of the pandemic, this type of cyber fraud has massively expanded. These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog.” 

In the first scam Gallagher investigated, he spent three months interacting with one of the scammers of the Cyber Fraud Operations after they approached him directly on Twitter. The scammer posed as a 40-year-old woman from Hong Kong who quickly attempted to move the conversation to WhatsApp to carry out the intended Cyber Fraud Operations

From there, the scammer tried to convince Gallagher to invest in a fake gold trading marketplace, touting her connections with her “Uncle Martin”—supposedly a former Goldman Sachs analyst. She then directed him to a site that copied the branding of a legitimate Japanese banking company called Mebuki Financial, where the foreign exchange and commodity trading services were to be conducted.

 

While the social engineering of these Cyber Fraud Operations was less polished than other cases Sophos has investigated, it showed a marked increase in technical sophistication for these types of groups. The scammers used an elaborate combination of highly effective SEO, polished scam pages to “register” new clients on their fake Mebuki website, and a pirated version of a legitimate trading app (MetaTrader 4) with additional malicious code to steal money from their victims. They are also actively updating their operation’s scam infrastructure to avoid being shut down. 

Gallagher mentioned,

“Both scam rings are still operational and will be difficult to shut down. While we marked the domains and IP addresses being used by the attackers in the Hong Kong ring as malicious, their scam operations have already shifted to new domains. They already have a new download infrastructure in place for their pirated version of the MetaTrader app, so, at this point, we’re essentially playing ‘whack-a-mole’. Unfortunately, that’s the reality as these operations become broader in scope, targeting more regions and across different platforms.”

 

He further mentions, 

The move from crypto to gold also shows how easily these groups can find a new niche to exploit. That means the best defense is public awareness of these types of scams. People should be wary of any SMS, dating app, or social media direct message from a stranger who strikes up a conversation and then suggests moving it to WhatsApp or Telegram—especially if they make claims about wealth obtained from crypto or other trading.”

 

We appreciate you taking the time to read the entire article. Please let us know if you found this interesting. If you have any comments, please let us know. Contact us if you would like an article written for you at — [email protected] or leave a comment down below. You can read more latest news on Crypto Crime or Cryptocurrency Fraud in the Crypto Crime News section under the Cryptocurrency News category. Get in touch with us via Facebook, Twitter, Instagram, Telegram, or the Official Website of Crypto Venture News.

Check Also

coindeal-crypto-scheme

CoinDeal Crypto Scheme Creator Charged With $45Mn Fraud

The Securities and Exchange Commission (SEC) today has charged the CoinDeal Crypto Scheme Creator and …

Leave a Reply

Your email address will not be published. Required fields are marked *