Studies reveal that for the first half of 2022, there was an increase of over 300% of scam websites promoting fake cryptocurrency giveaways. Over 2,000 malicious domains used in this campaign were found by security researchers, mostly targeting English and Spanish speakers.
Compared to the same period in 2021, the 300% observed uptick in cryptocurrency scam websites was about five times more today. According to the experts, if each website has an average reach of 15,000 viewers, there are at least 30 million people that the operators could victimise in this campaign. Moreover, the scammers used top-level domains, such as [.]com, [.]net, and [.]org, in the malicious sites, which augments the chances of it being successful.
Aside from the scam websites, the cryptocurrency giveaway scammers also abuse online video platforms to host live streams using deepfakes of famous personalities.
Some notable personalities that the scammers imitate through deepfakes are Elon Musk, Cathie Wood, Brad Garlinghouse, Nayib Bukele, Cristiano Ronaldo, and Michael J. Saylor. The live streams were mostly hosted on YouTube and Twitch, where many cryptocurrency enthusiasts can be found.
The study also mentions that most accounts used in the streams were hacked with a large follower count or accounts rented from the dark web. Through this, it would not be easy to trigger YouTube’s moderation system and block the live streams.
Experts believe that the significant rise in the availability of tools to make cryptocurrency scam websites contributed mainly to its amplification for 2022’s first half. They added that the enhanced arsenal and accessibility to the tools could allow threat actors to create and operate malicious campaigns, even those with low technical expertise.
Furthermore, the existence of services offered on underground forums also helps scammers establish their malicious campaigns, especially those with readily available tools prepared exactly for fraudulent operations.
Beginner threat actors could invest around $200 for a complete crypto scam stream package. Meanwhile, the malicious crypto landing sites can cost around $200-$600, excluding manuals that are separately sold for $100. The fully automated toolkits are available for a $500 to $1,500 monthly subscription.
Since massive funds are usually at stake in cryptocurrency, digital asset enthusiasts must be more careful about participating in promotional programs or giveaways they see online. It should always be considered that if an offer is too good to be true, it likely is.
