AI-Powered Investment Scam Targets Through Social Media Ads

A sophisticated investment scam is spreading across the globe, using artificial intelligence (AI) and social media ads to deceive victims. This alarming scheme combines fake endorsements, phishing websites, and AI-generated video testimonials featuring celebrity likenesses to steal both money and sensitive personal data.

Cybersecurity researchers report that the scam, known as “Nomani” (a play on “no money”), has grown by over 335% in 2024. Every day, more than 100 new phishing URLs linked to this scam appear. Fraudulent ads actively target victims on social media platforms.

How the Scam Operates

Scammers exploit malvertising and fake profiles to promote fake investment opportunities. These profiles often belong to small businesses, governmental entities, or micro-influencers with tens of thousands of followers. Fraudsters also use stolen accounts to post deceptively positive reviews and distribute ads through messaging apps like Messenger and Threads. In many cases, scammers lure victims who have already been defrauded by promising assistance or refunds.

The phishing websites mimic trusted news outlets, organizations, or cryptocurrency platforms with names like Quantum Bumex or Bitcoin Trader. These sites collect personal data by pretending to be legitimate investment platforms. Cybercriminals then call victims, coercing them into investing in fake schemes.

The Impact on Victims

Victims often see fake profits in these scams. This tactic convinces them to invest more money. When they request withdrawals, scammers demand additional fees or sensitive information, such as credit card details or ID verification. In some cases, scammers persuade victims to take out loans or install remote access apps, further exposing them to exploitation. Ultimately, the criminals disappear with the victims’ money and data, employing tactics similar to the “pig butchering” fraud model.

The Scale and Origins of the Scam

Evidence points to Russian-speaking cybercriminals orchestrating Nomani. Cyrillic code comments and the use of Yandex tools for tracking strongly suggest this origin. These operations involve multiple teams, each focusing on areas such as phishing site development, social engineering, and call center operations.

In South Korea, authorities recently dismantled a massive fraud network linked to fake trading platforms. This network defrauded victims of over $6.3 million using similar tactics, such as fake stock trading software that spied on users’ screens and blocked withdrawal requests.

Always verify the authenticity of investment opportunities to avoid falling victim to scams. Avoid clicking on links in unsolicited ads or messages, especially those promising financial assistance or refunds. Use trusted platforms for investments and enable multi-factor authentication on all accounts. Educate yourself about phishing tactics and report suspicious ads or profiles to social media platforms.

Staying vigilant and informed helps reduce the risk of becoming a target of these increasingly sophisticated fraud schemes.