Eager would-be investors should exercise caution as the popularity of online investments continues to rise, because the prevalence of associated scams is also growing. This fact was verified by Kaspersky as it discovered a widespread gas investment scam that targets both Android and iOS users. The cybersecurity company’s investigation revealed over 300 fraudulent applications and a series of fake endorsement videos featuring deepfakes of prominent figures.
Kaspersky's investigation has uncovered a vast network of fraudulent applications designed to lure unsuspecting users into investing in natural gas and purported quantum investment algorithms. These applications have been distributed through various Android app stores, including GetApps on Xiaomi devices and Palm Store on Tecno devices. Some of these fraudulent applications have even made it to the recommended list in one app store, falsely implying endorsement and misleading users into installing them.
Kaspersky experts have discovered Android adware used to promote fraudulent "gas" and "quantum" investment schemes, mirroring deceptive websites that lure users with promises of effortless wealth through "investments" in natural resources and advanced algorithms.
Beyond the deceptive applications and websites, Kaspersky has identified a substantial number of videos promoting various "investment platforms." These videos feature well-known figures deepfakes, including politicians, actors, and business leaders, endorsing fraudulent investment schemes. The videos are meticulously crafted, incorporating genuine footage of official events and public appearances, lending an air of authenticity to the scams.
In one video targeting the Russian-speaking audience, an investment platform named "Tesla X" is promoted, claiming that it is a side project by “Elon Musk” to develop self-driving car technology. Another video, in Turkish, features "Recep Tayyip Erdogan" endorses an investment platform that supposedly allows users to earn substantial profits by investing a mere 5000 Turkish lira (about US$17.00) in shares of BOTAŞ, the Turkish state-owned oil and gas pipeline company.
Similar videos were identified in Spanish, where alleged Mexican billionaire "Carlos Slim" recommends investing in oil through the "Oil Profit" platform.
Kaspersky's investigation found hundreds of similar videos tailored for different countries and regions, exploiting local familiarity to maximize the impact of the scams. These fraudulent endorsements target citizens with promises of guaranteed returns, ranging from Moldova's Moldindconbank to Kazakhstan's KazMunayGas, Romania's Romgaz, and even global giants like Samsung.
The investigation extended to the Apple App Store and Google Play Store, where Kaspersky identified several applications with the term "Oil Profit" in their names. These applications have been reported to the platforms and consequently deleted from the app stores.
"While scams themselves are not a new challenge, the use of deepfake videos involving global leaders, the spread of fake news reports in different languages, and a widespread advertising push present a notable shift in deceptive strategies. Although we've encountered such scams in the past, the incorporation of deepfakes featuring well-known figures, multilingual fake news reports, and an extensive promotional campaign is a unique and concerning development,” comments Dmitry Kalinin, cybersecurity expert at Kaspersky.
To learn more about investment scams, read the blogpost on Kaspersky Daily.
To protect yourself from phishing and scam, Kaspersky recommends:
- If you encounter an offer to make money with minimal effort, treat it cautiously.
- Do not trust an offer if it is too good to be true. Equipped by the modern AI technologies, it is easy for fraudsters to make a deepfake to make a scam look legit.
- Check the link before clicking. Hover over it to preview the URL, and look for misspellings or other irregularities
- Even if a message or email comes from one of your best friends, remember that their accounts could also have been hacked. Remain cautious in any situation. Even if a message seems friendly, treat links and attachments with caution
- Sometimes emails and websites look legitimate. It depends on how well the criminals did their homework. But the hyperlinks, most likely, will be incorrect – they’ll often contain spelling mistakes, or they redirect you to a different place
- Install a trusted security solution and follow its recommendations. Then secure solutions will solve most problems automatically and alert you if it is necessary.