{"id":3200,"date":"2025-04-22T05:34:09","date_gmt":"2025-04-22T12:34:09","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=3200"},"modified":"2025-04-22T05:34:10","modified_gmt":"2025-04-22T12:34:10","slug":"fake-crypto-investments-scam-users-with-pyramid-schemes","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/fake-crypto-investments-scam-users-with-pyramid-schemes\/","title":{"rendered":"Fake crypto investments scam users with pyramid&nbsp;schemes"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/SSL_Blog_Fake-crypto.png\" alt=\"\" class=\"wp-image-3143\"\/><\/figure>\n\n\n\n<p>With every online fad that promises to change how you do something forever, there always comes a brand new way to scam people. Cryptocurrency is no exception.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>The latest scheme is a campaign based in Africa and Asia sharing fraudulent cryptocurrency investment platforms designed to mimic real platforms. Find out how the scammers trick victims and who\u2019s behind it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Key details about the scam<\/h2>\n\n\n\n<p>Research <a href=\"https:\/\/unit42.paloaltonetworks.com\/fraud-crypto-platforms-campaign\/?web_view=true\">from Unit 42 discovered<\/a> that these shady platforms are generally promoted on a related website. These sites are often designed to look like a well-known brand or reflect a current trend, such as retail establishments, luxury brands, or cryptocurrency exchanges. They post a link to an Android mobile app, which cannot be found on Google Play (a sure sign something isn\u2019t right.)<\/p>\n\n\n\n<p>So, how do they lure and defraud users? Apart from looking a lot like popular brands, these platforms promise unrealistically high investment returns. One package claimed to yield a daily return of $3 on an $11 principal investment. According to Unit 24:&nbsp;<\/p>\n\n\n\n<p>\u201cThis represents a daily return on investment (ROI) of 27% that, when compounded, will yield an annual ROI of at least 2,650%. Such figures are unrealistic and should raise immediate red flags.\u201d<\/p>\n\n\n\n<p>As if shady investments weren\u2019t enough, these scams often offer affiliate commissions for recruitment, similar to a pyramid scheme or multi-level marketing program. Members are then believed to use social media to attract and sign up more members.&nbsp;<\/p>\n\n\n\n<p>Because of the nature of the scam, where victims are essentially tricked into luring in more victims, it may have quite a large reach. Related Telegram channels have thousands of members, with researchers finding one boasting 29,000.<\/p>\n\n\n\n<p>The apps also require sensitive permissions from the user, which the attackers could potentially misuse.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Who\u2019s behind the scam<\/h2>\n\n\n\n<p>Because of the similarity of these shady sites and related apps, researchers believe it\u2019s either multiple users using the same scam toolkit or a single user. This toolkit provides basic design elements to create a website and mobile app, such as brand names, images, multimedia, and copy. All these websites also use a similar front-end design framework, the Document Object Model (DOM) element. Additionally, all the mobile apps are Android, which likely made it a simpler task for the potential toolkit creator.&nbsp;<\/p>\n\n\n\n<p>The domain registrations for these sites provide evidence for a single threat actor. Looking into passive DNS records, researchers found that 15 domains were registered per day. Most registrations occurred in Singapore, which has relaxed registration rules. Commonalities of these registrations include similar registration records, similar hosting infrastructure, and similar SSL certificates.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The takeaway<\/h2>\n\n\n\n<p>This campaign has all the hallmarks of a classic online scam, from impersonating well-known brands to promising too-good-to-be-true rewards. Avoid becoming a victim by always keeping your wits about you online. Don\u2019t sign up for unfamiliar sites, avoid apps that can\u2019t be found in app stores, and don\u2019t hand over your cash to entities or people you\u2019re not 100% certain are legit.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With every online fad that promises to change how you do something forever, there always comes a brand new way to scam people. Cryptocurrency is no exception.<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3200","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/3200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=3200"}],"version-history":[{"count":1,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/3200\/revisions"}],"predecessor-version":[{"id":3201,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/3200\/revisions\/3201"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=3200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=3200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=3200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}