BAITING NEWS SITES - CTM360

Page created by Ray Wilson

Finance

English

Like
Share
Embed
Fullscreen
Slides
Download HTML
Download PDF
Abuse

←

→

Page content transcription

If your browser does not render page correctly, please read the page content below

Severity:
          HIGH

   BAITING NEWS SITES
Reference: CTM-ADV-14520
Date: 14th May 2020
Category: Incident Type

       THREAT TARGETS:                   POSSIBLE IMPACTS:                           TARGET AUDIENCE FOR CIRCULATION:
     ●     News platforms                ●   Compromise of financial credentials &   ●   Employees, Customers and general public
     ●     Financial Institutions
                                             confidential data

     ●     Public & Private sector
                                         ●   Compromise of user data
                                         ●   Financial and Data loss

    Over the last few years, CTM360 has observed a rapid rise of fraudulent and bogus websites disguised as
    genuine news sites. In this particular type of fraud, users are misled via fake/bogus news with fake claims. Such
    claims include “Shutting down of bank accounts, Employee quits job and makes a fortune, Royal families
    investing in a particular company share, golden opportunity, financial freedom, fake partnerships, subscription in
    company shares” etc. Such fake news/claims act as a bait to lure/trick the general public into giving out their
    personal information and engaging with bogus trading,investment and financial companies. To solve this
    problem, Team CTM360 has named this problem as Baiting News Site (BNS).

    There are a couple of major areas of concern that make it necessary to solve this problem. Firstly the general
    public is defrauded financially. Especially with the current impact of Covid19 the probability for people falling in
    the trap of making money from home is much higher. Secondly, these news sites are using VIP names and major
    organization names in their bogus news articles in order to put validation in their trap. This aspect directly
    impacts negatively on the reputation and brand value of those VIPs and organizations. Moreover they also sort
    of impersonate major news companies by naming their news sites very similar to them.

    The workings of the scammers are not that difficult. They simply register domain names containing the keyword
    ‘news’ to host such websites or have sub-directories with targeted brand names in most cases. These sites are
    made frequently and have no authenticity and are mostly created in regional languages. These sites are pushed
    via ads through social media channels or targeted SEO ads pushed through search engines, where Ads of the
    bogus news sites appear on genuine news site’s section of paid Ads, such as on BBC, CNN, etc.

    The whole purpose of creating such Baiting News sites is to mass target users of various regions in order to make
    them invest in bogus trading platforms, investment schemes, and bitcoin trading sites. These sites after
    deceiving the users with fake news/claims of bogus individuals claiming big wins and asking individuals to input
    their personal information, banking details, and a fixed amount of money for participating in similar investments.
Copyright ©2020 CTM360®                                 www.ctm360.com                                                             1
            #staysafe                                                                                  #‫كلنا_فريق_البحرين‬

Severity:
HIGH

The fraud normally operates in the following phases summarized as below:

Phase 1: Asking the users to register themselves on these sites by entering their Full name, phone number, email
address, etc.
Phase 2: Receiving a phone call or email with a Fake investment plan
Phase 3: Small Investment of $250 which requires Debit/Credit Card Information or Bank Transfer
Phase 4: Once the scammers are done with the above phases, they ask for more investments by further luring
users.
Phase 5: Give access to users onto a bogus trading platform where they see their investments returning big
profits.
Phase 6: When the trapped user wants to withdraw money the scammers ask them for bank account details,
User ID & password, and attempt to take out money from the account whereas the user is thinking that money
will come into the account.

The size of the problem has just exploded over the period as it went on unchecked. Very seldom the abused
brands and VIPs come to know of the problem. Even if they do they feel very challenging on how to address it.
Team CTM360 estimates that there is at least 500+ bogus sites at any given day promoting this fraud. The irony
is that the dubious financial Forex and trading platforms are advertising through genuine websites and there is
no identification and process by any authority to block them. Following are just a few of such bogus financial
organizations and BNS.

The problem has been recognized from one aspect of fraudulent Forex and Trading platforms as financial
authorities in various countries have mentioned to be aware of such frauds. Such as
https://www.fca.org.uk/scamsmart/online-trading-scams

Ways to combat against such fraud websites and protect customers
● Awareness campaigns must be carried in the organization to aware employees and associates about such
emerging scams.
● Be wary of unsolicited offers. Be especially careful if you receive an unsolicited pitch to invest in a
company, trade their shares, or see it praised online, but can't find current financial information about it
from independent sources.
● The Local Internet services regulators should block such Fake news sites.
● Request relevant authorities to proactively take down such websites.

CTM360 is actively performing a lookout for such fake news sites through our detection engine Cyber Blindspot
(CBS). Please feel free to reach out to us for any further information on these scams

Severity:
         HIGH

   Appendix:
   Impersonated / Fake News site promoting bogus investment and trading schemes:

      Disclaimer
      The information contained in this document is meant to provide general guidance and brief information to the intended recipient pertaining to the incident and
      recommended action. Therefore, this information is provided "as is" without warranties of any kind, express or implied, including accuracy, timeliness, and
      completeness. Consequently, under NO condition shall CTM360®, its related partners, directors, principals, agents or employees be liable for any direct, indirect,
      accidental, special, exemplary, punitive, consequential or other damages or claims whatsoever including, but not limited to: loss of data, loss in profits/business, network
      disruption…etc., arising out of or in connection with this advisory.

   For more information:
   Email: monitor@ctm360.com Tel: (+973) 77 360 360

Copyright ©2020 CTM360®                                                    www.ctm360.com                                                                                 3
           #staysafe                                                                                                                       #‫كلنا_فريق_البحرين‬