Romance Scammers Target Cryptocurrency Investors with Social Engineering and Fake Exchanges

AhnLab’s Mobile Analysis Team has issued an alarm about an insidious new breed of romance scams specifically targeting cryptocurrency enthusiasts. These scams go beyond the typical emotional manipulation seen in traditional romance scams, incorporating elaborate schemes involving fake cryptocurrency exchanges and social engineering tactics to defraud victims of their money and personal information.

The perpetrator sending a DM upon being followed by the victim and urging them to take the conversation to a messenger app with a translation feature

Romance scams have traditionally involved fraudsters feigning romantic interest to solicit money directly from their victims. However, the latest tactics observed by AhnLab have seen these scams evolve into more complex schemes involving fake cryptocurrency exchanges, banks, and shopping portals. By posing as potential romantic partners or overseas friends, these perpetrators initially establish a strong emotional rapport with their targets.

The initial contact in these scams typically begins not with direct messages but through social media interactions. Scammers post content that is designed to attract the specific interests of potential victims, making these posts appear benign and unrelated to any financial schemes. When a victim engages with the content, the scammer uses this as an opportunity to express gratitude and slowly cultivate a relationship through direct messaging, eventually persuading the victim to continue the conversation on messaging platforms equipped with translation features, catering to an international audience.

Over several days, the fraudster gauges the victim’s susceptibility to the scam. Once a potential target is deemed receptive, the scammer begins to weave tales of lucrative investment opportunities in secret cryptocurrency insights supposedly obtained from an acquaintance. This stage is crucial as it is where the hook is deeply embedded, preparing the victim for the introduction of a fake cryptocurrency platform.

“CoinB” listed on Namuwiki and Wikipedia

As the relationship deepens, the scammer introduces the concept of a lucrative investment through a specific, supposedly exclusive cryptocurrency exchange. This platform, often referred to under a plausible name like “CoinB”, is backed by fabricated reviews and articles on popular platforms like Wikipedia and Namuwiki, misleading victims about its legitimacy. The scammer dissuades the victim from using well-known, legitimate exchanges by fabricating restrictions or insider secrets that can allegedly only be exploited via their recommended platform.

After convincing the victim to download a fraudulent app and guiding them through the setup of a virtual account, the scammer manipulates the app to display fictitious profits, thus solidifying the victim’s trust and desire to invest real funds.

Similar fake cryptocurrency exchange sites

Once the victim decides to invest actual money, they are directed to enter sensitive personal and financial information into the app. This not only risks financial losses from the initial fraudulent investments but also exposes the victim to potential identity theft and further financial exploitation.

AhnLab’s research has revealed a web of interconnected fake exchanges, all sharing the same underlying code and likely controlled by a single entity. This suggests a highly organized operation, capable of adapting and evolving its tactics to stay ahead of security measures.

To safeguard yourself from falling victim to these scams, exercise caution when interacting with new acquaintances online, especially those who quickly steer conversations towards investments. Always verify the legitimacy of any cryptocurrency exchange before using it and be wary of platforms that promise unrealistic returns or pressure you to invest hastily. Remember, legitimate investment opportunities do not require secrecy or urgency.