Example of deepfake video with QR code. Image Source: Bitdefender. |
The NJCCIC recently received reports of cryptocurrency scams exploiting current events, similar to open-source reporting. Opportunistic cybercriminals are using the recent assassination attempt that targeted former President Donald Trump to lure unsuspecting victims into a new pig-butchering cryptocurrency investment scam. The scam involves hijacked YouTube channels that broadcast deepfake videos of Tesla CEO Elon Musk, promising to share insights into the attack. The compromised channels, many of which have millions of subscribers, are cleared of their original content and rebranded with attention-grabbing name-drops, such as “Tesla” and “Donald Trump Jr.”. |
Image Source: Bitdefender. |
These broadcasts feature a repeated deep fake video of Elon Musk urging followers and the crypto community to join a giveaway by scanning the embedded QR code. The QR codes direct users to fraudulent websites hosted on domains that imitate the impersonated brand or domains associated with Musk’s and Trump’s names. The cybercriminal attempts to convince the victim to invest in cryptocurrency to take advantage of the potential high-yield returns. After individuals have made multiple cryptocurrency investments through these fraudulent websites that promise significant returns, requests to withdraw or cash out their investments are denied for various reasons. The cybercriminal then cuts off contact with the victim and disappears with the invested money. |
Recommendations |
Exercise caution when encountering videos with click-bait titles and avoid scanning QR codes in YouTube videos promoting cryptocurrency giveaways. Verify investment claims that offer higher-than-average returns. Consider running recommendations by a third party or an investment professional with no stake in the investment. Inspect YouTube channels promoting cryptocurrency giveaways for suspicious activity and report any suspicious activity to the respective platform or authorities. Educate yourself and others regarding these types of scams. Additional recommendations can be found in the Bitdefender blog post. Maintain robust and up-to-date endpoint detection tools on every endpoint and consider using a comprehensive security solution that can block phishing attempts and fraudulent links. Cryptocurrency scams and other malicious activity may be reported to the FBI’s IC3 and the NJCCIC. |