Sophos, a global cybersecurity company, has released new findings on CryptoRom scams, a type of fraud that tricks users of dating apps into making fake cryptocurrency investments. Scammers have recently enhanced their techniques by incorporating an AI chat tool, such as ChatGPT, to their strategies. They have also expanded their coercion methods by informing victims that their cryptocurrency accounts have been hacked and require additional upfront money.
In addition, Sophos X-Ops has discovered that scammers have managed to sneak seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores. This increases the potential for more people to be victimized by these fraudulent schemes.
Investment fraud, including cryptocurrency scams, caused the highest reported losses in 2022. According to the FBI’s Internet Crimes Complaint Center (IC3), investment fraud resulted in losses of $3.31 billion in the United States alone. Frauds involving cryptocurrency, including CryptoRom scams, accounted for most of these reported losses, with a 183% increase from 2021 to $2.57 billion.
Sophos X-Ops first became aware of scammers utilizing the AI chat tool when a victim of the scam reached out to the team. The victim was contacted through Tandem, a language sharing app, initially used as a dating platform. The scammer convinced the victim to switch to WhatsApp for further communication. The victim grew suspicious after receiving a message that appeared to have been partly written by an AI chat tool.
Sophos X-Ops also uncovered a new tactic by scammers to extort more money from their victims. Traditionally, when victims attempt to withdraw their supposed profits from CryptoRom scams, fraudsters demand a 20% tax payment. However, a recent victim revealed that after paying the tax, the fraudsters claimed the funds had been hacked and required an additional 20% deposit for the withdrawal.
Further investigations by Sophos X-Ops revealed the existence of seven fake cryptocurrency investment apps in the official Apple App and Google Play stores. These apps have seemingly harmless descriptions but present a fraudulent crypto-trading interface once opened. The developers of these apps use a technique previously identified by Sophos to bypass the Apple App Store’s review process and modify the app with the fraudulent interface after it has been approved.
Awareness of these scams is crucial in protecting oneself from becoming a victim. Sophos encourages users who suspect they have been scammed to reach out for assistance.