Menu

7 February 2020

Group-IB urges Singaporeans to remain vigilant due to a new wave of bitcoin scam which uses the names of local celebrities

Group-IB, a Singapore-based cybersecurity company, has discovered a network of 18 active fake resources aimed at tricking users from Singapore into visiting a shady bitcoin investment page. The fraudulent scheme is distributed via fake websites, posing as Singapore media outlet, the Straits Times. These websites, in order to establish trust, spread articles with fabricated testimonials of prominent local personalities about crytpocurrency investment platform that “made them rich.” All these articles contain links that lead to phony websites promising to “get rich with bitcoin revolution.” Group-IB Brand Protection team urges Singaporeans to avoid visiting these resources and sharing any personal data. The list of active websites discovered so far has been provided to SingCERT (Singapore Computer Emergency Response Team).

On Feb. 5, the CNA reported about a website using false comments attributed to Ho Ching, the CEO of Temasek Holdings. Back in 2019, the Monetary Authority of Singapore (MAS) also issued a warning on a fraudulent website soliciting bitcoin investments. Group-IB’s APAC Brand Protection team has detected a new wave of this fraudulent scheme and discovered at least 18 active fraudulent websites, which were almost identical and posed as The Straits Times. As part of the scheme, these fake websites spread strikingly similar articles featuring fabricated endorsements and quotes of local politicians, entrepreneurs and celebrities such as Prime Minister Lee Hsien Loong, Ho Ching, Adam Khoo, JJ Lin, Henry Golding, Kim Lim, Peter Lim, Zhang Yong, Eduardo Saverin, Goh Cheng Liang, Anthony Tan and others.

Fig. 1-6. Fake websites that use fabricated endorsements from local prominent personalities to promote this fraud

One of the examples of fake celebrity endorsement of a shady bitcoin investment scheme called “Bitcoin Revolution”:
“You may have heard about this new cryptocurrency investment platform called Profit Revolution that’s helping regular people in Singaporean, Asia and North America build fortunes overnight. You may be skeptical because it sounds too good to be true…I get that because I thought the same thing when a trusted friend told me about it. But after seeing with my own eyes how much money he was making, I had to try it for myself. I’m glad I tried it because it was some of the biggest and easiest money I’ve ever made. I’m talking tens of thousands of dollars a day on autopilot. it’s literally the fastest way to make a windfall of cash right now. And it’s not going to last for much longer when more and more people find out about it. Or when banks shut it down for good.”

The articles contain several links to a “Bitcoin revolution” website that promises to “change your life today” and asks for some personal data (Fig. 5):

Fig. 7 The Bitcoin Revolution website promoted via fake websites

The fraudsters behind this scheme have created dozens of fake websites using the same template without even bothering to slightly change the contents of the articles, except for the names being used for fake endorsements. To attract users to their shady websites, they use ad networks and exchanges. In many cases, users are being redirected to these resources, for example, after visiting a website with specific advertisement.

With the help of the Graph Network Analysis tool built into its Threat Intelligence system, Group-IB has so far identified 18 connected infringing domains targeting Singaporeans by analyzing its contents, domain names, visuals, registration dates and other parameters. All these domains were registered over the past two years. This information has been reported to SingCERT. The connections to other shady bitcoin resources targeting users outside of Singapore have been discovered as well and are now being analyzed by Group-IB’s Brand Protection team. The research continues.

This bitcoin scam targets regular users, celebrities and media outlets at the same time. While online users should always stay vigilant and follow basic cyber hygiene, brand owners should remember: unhappy customers and fans act fast. Even after one negative experience, many customers are likely to lose trust and abandon a brand. Brand owners, be it a media outlet or a celebrity, should constantly monitor any potential abuse online using the systems that allow to automatically detect and promptly eliminate any references to their brands in the domain names, website interface, phishing website databases, social media and elsewhere.

Ilya Rozhnov

Ilya Rozhnov

Head of Group-IB’s Brand Protection team in Singapore

To spot a scam, users should always check if a URL matches the name of a media outlet whose logo is being displayed and if it is spelled correctly. It goes without saying that web resources requesting personal or payment data should always raise concern.

Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection. Group-IB Threat Intelligence system was named one of the best in class by Gartner, Forrester, and IDC.

Group-IB’s technological leadership is built on the company’s 17 years of experience in cybercrime investigations worldwide and 60,000 hours of incident response accumulated in our leading forensic laboratory and 24/7 CERT-GIB.

Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Group-IB is a member of the World Economic Forum.

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
Report an incident