Do Son 
Image: RedHunt Labs
Threat intelligence researchers at RedHunt Labs have uncovered a sprawling network of AI-driven scams on Facebook and Instagram, where fraudsters use deepfakes, counterfeit news sites, and fake celebrity endorsements to lure Indian users into fraudulent investment schemes.
According to the report, βA new wave of AI-powered investment scams is targeting Indian users on Facebook and Instagram, luring them with fake celebrity endorsements and deepfake interviews.β Celebrities including Nirmala Sitharaman, Sadhguru, and Neha Kakkar were featured in manipulated videos and articles claiming to reveal their βsecret to wealth.β
The fraudsters employ generative AI to create highly convincing fake media: βScammers use AI-powered tools to clone a personβs voiceβ¦ [and] alter real interview footage or news clipsβ¦ creating a seamless and highly believable video where a trusted figure appears to make an endorsement or announcement they never did.β
Victims are directed to websites designed to mimic Indiaβs most trusted news outlets. RedHunt Labs explains: βAds featuring figuresβ¦ direct users to counterfeit news websites mimicking The Times of India, IndiaTime, and NDTV.β These sites publish standardized fake interviews, with fabricated testimonials and urgent calls to action urging readers to invest quickly.
The deception goes beyond just look-alike articles: βFake user testimonials and comments claim rapid earnings, purchases, and successful withdrawals to create social proof and convince readers that the scam platform is legitimate.β
The campaigns thrive by abusing Metaβs ad ecosystem. RedHunt Labs observed that, βFraudsters exploit Facebookβs ad review system, using short-lived campaigns, deceptive links, and AI-generated content to evade detection.β
Among the tactics:
- Ads often show Amazon.in links, which redirect victims to scam sites.
- Ad campaigns are short-lived (10β12 hours) before being replaced.
- Hijacked advertiser accounts once used for legitimate travel content are repurposed for fraud.
Through WHOIS data and infrastructure analysis, researchers found: βA significant cluster of these scam domains were registered within a short window in a coordinated effortβ¦ scammers are maintaining a pool of active domains and regularly switch between those domains to ensure uninterrupted operation.β
By pivoting across domains and hosting data, RedHunt Labs uncovered a network of more than 1,000 interconnected fraudulent websites serving victims across India and Southeast Asia.
The scale of losses is huge. RedHunt Labs points out: β63,000 investment scams were reported in India in just four months of 2024. Victims are suffering huge financial losses, with 48% losing over βΉ50,000. In a recent case, a woman from Faridabad lost βΉ7 crore to a similar scam.β
The scammers diversify their reach beyond social media. The report notes: βWe found fake trading bots being promoted through impersonated Medium blog pagesβ¦ multiple legitimate websitesβ¦ were compromised and injected with malicious HTML code.β In addition, fraudsters employ SEO manipulation with fake YouTube videos, Reddit discussions, doctored screenshots, and keyword hijacking to push their scams higher on Google.
With AI deepfakes being used to fabricate endorsements from politicians, spiritual leaders, and celebrities, Indiaβs digital population faces a new wave of AI-powered financial fraud that blends social engineering with cutting-edge generative technology.
Related Posts:
- Massive npm Supply Chain Attack: Qixβs Account Compromised, Billions of Weekly Downloads at Risk
- Thousands of Exposed Cloud Buckets Threaten Data Security
- Fake Crypto Platforms on Facebook Steal Your Data! Beware Celebrity Endorsements
- Beyond Phishing: How AI and Deepfakes Are Powering a New Generation of Scams
- Deepfake Scams on the Rise: CEOs, News Anchors, and Government Officials Impersonated
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
