Cybersecurity researchers recently uncovered a massive network of over 11,000 domains being used to host multiple bogus investment schemes and promote them to users throughout Europe.

The online platforms show fake evidence of enrichment along with falsified endorsements from celebrities to appear legitimate and lure in victims.

The aim of the malicious operation is to fool users into investing funds in seemingly high-return investments by convincing them to deposit a nominal sum of €250 (around £210) to enrol in the bogus services.

Investment fraud on a massive scale

A research team based at the cybersecurity firm Group-IB encountered the operation and recently mapped the extensive network of phishing sites, redirections, and content hosts. According to the researchers, over 5,000 of the malicious domains identified remain active.

Presently, the countries being targeted by scheme include the United Kingdom, Belgium, Germany, Poland, the Netherlands, Portugal, Norway, the Czech Republic and Sweden.

The fraudsters behind the attack have put considerable effort into promoting their campaigns via multiple social media platforms, and have used compromised accounts on YouTube and Facebook to reach potential victims. Interested investors who fall for the ploy and click on the linked ads for further information are redirected to insidious landing pages that show falsified success stories.

The threat operators then request user contact details. A fake customer agent then reaches out to the investor and provides them with details about the investment’s terms and conditions in complex social engineering scheme.

In the final stage of the scam, the investor is convinced to submit a payment of €250 or more, while their personal details entered on the bogus landing page are stored and harvested so that they can be used in future campaigns or sold to other hackers via dark web forums.

Warning signs of an online investment scam

After the victim deposits the requested funds, they are granted access to a bogus investment dashboard that claims they can use it to track their daily profits. This element of the scheme is designed to extend the illusion of being involved in a legitimate investment opportunity and entice targets to deposit further funds to enjoy larger profits.

However, if the victim attempts to withdraw their gains from the online platform, a final payment is requested, before the scam is revealed.

Most types of investments come with a certain amount of associated risk. As a result, investors offered opportunities that guarantee profit and no risk should always be identified as scams and schemes. Another red flag present in this recent scheme is that no legitimate investment platform will offer a personal account manager for such a small investment.

If an investment platform is advertised, users are always advised to ensure that it is operated by an established broker before submitting any funds, or risk losing their savings or company funds. Here in the UK, the Financial Conduct Authority (FCA) acts as a watchdog against investment scams and fraudsters. Fake investment scams should always be reported to the FCA and the National Cyber Security Centre (NCSC) when encountered.