As more individuals seek opportunities in the digital realm, the prevalence of associated scams has surged, prompting a word of caution from cybersecurity firm Kaspersky.
The company’s investigation brought to light a widespread gas investment scam targeting both Android and iOS users. Kaspersky’s latest research identified over 300 fraudulent applications and a series of fake endorsement videos, all part of an elaborate scheme to deceive unsuspecting investors.
The fraudulent applications, designed to lure users into investing in natural gas and purported quantum investment algorithms, were distributed through various Android app stores. Shockingly, some of these deceptive apps even managed to infiltrate recommended lists in certain stores, falsely implying legitimacy and misleading users into installing them.
Kaspersky experts also uncovered Android adware specifically created to promote these fraudulent “gas” and “quantum” investment schemes. These deceptive schemes mirrored fraudulent websites that promised users effortless wealth through investments in natural resources and advanced algorithms.
Perhaps the most alarming aspect of this scam is the use of deepfake technology in endorsement videos. Kaspersky identified a substantial number of videos featuring well-known figures, including politicians, actors, and business leaders, endorsing these fraudulent investment platforms. Crafted with meticulous attention, these deepfake videos incorporated genuine footage of official events and public appearances, creating a false sense of authenticity around the scams.
The fraudulent videos targeted different language-speaking audiences, tailoring the content to exploit local familiarity and maximise the impact of the scams. For instance, one video promoted an investment platform named “Tesla X” claiming to be a side project by “Elon Musk” for developing self-driving car technology. Another video featured “Recep Tayyip Erdogan” endorsing an investment platform in Turkish, promising substantial profits with a minimal investment in shares of BOTAŞ, the Turkish state-owned oil and gas pipeline company.
Kaspersky’s investigation extended to major app stores, including the Apple App Store and Google Play Store. Several applications with the term “Oil Profit” in their names were identified and promptly reported, leading to their removal from the app stores.
Dmitry Kalinin, a cybersecurity expert at Kaspersky, expressed concern over this unique and evolving development in deceptive tactics. “While scams themselves are not a new challenge, the use of deepfake videos involving global leaders, the spread of fake news reports in different languages, and a widespread advertising push present a notable shift in deceptive strategies.”
He added, “Although we’ve encountered such scams in the past, the incorporation of deepfakes featuring well-known figures, multilingual fake news reports, and an extensive promotional campaign is a unique and concerning development.”
As online investment opportunities continue to attract individuals worldwide, this discovery serves as a stark reminder for potential investors to exercise caution and due diligence in their pursuit of financial ventures in the digital space.
To safeguard yourself from phishing and scams, Kaspersky advises the following:
• Approach offers claiming to generate easy money with caution.
• Exercise skepticism towards offers that seem too good to be true, as fraudsters can easily utilise modern AI technologies to create convincing deepfakes for deceptive purposes.
• Prior to clicking on any link, verify it by hovering over to preview the URL, and be on the lookout for misspellings or other irregularities.
• Maintain vigilance, even if a message or email appears to be from a trusted friend, as their accounts may have been compromised. Exercise caution with links and attachments in all situations.
• Be aware that while emails and websites might appear legitimate, careful examination may reveal incorrect hyperlinks, often containing spelling errors or redirecting to unauthorised locations.
• Install a reputable security solution and adhere to its recommendations. Trusted security solutions are designed to automatically address most issues and will alert you if further action is necessary.
