At a glance.
- Investment fraud campaign in Europe.
- Raspberry Robin associated with EvilCorp.
- KillNet threatens hack-and-leak campaign against Lockheed Martin.
- KillNet leadership shuffle.
Investment fraud campaign in Europe.
A complex and ambitious investment scam has used more than 10,000 domains to induce speculators to give up not just funds, but personal information as well. Researchers at Group-IB describe the campaign as one that proceeds through several distinct stages. It begins with ads placed in social media, or with pages displayed in compromised Facebook or YouTube accounts. The come-on invites prospects to learn more about an investment opportunity, enticing them with bogus celebrity endorsements and (always a warning sign) promises of guaranteed returns. Should the prospect click through to learn more, they find that, for an initial investment of just €250 (roughly $255 USD), they’ll receive a personal investment counselor who will guide them through the process. And they’ll also receive a dashboard they can use to track their investment’s progress, which itself feeds them inducements to invest more. "The main goal of these fake investment schemes is to convince the victims to repeatedly transfer funds to the fake investment portal," Group-IB writes. "The victims are usually promised huge returns on their investments and are shown 'how I got rich' stories featuring celebrities." The campaign's success depends on volume; the mix of online social engineering and live phone scamming is a distinctive mark of an otherwise conventional con job.