A sophisticated investment scam, dubbed “Nomani,” has seen a dramatic 335% increase between H1 and H2 2024, with cybersecurity firm ESET detecting over 100 new malicious URLs daily. This complex fraud operation combines social media advertising, company branding, and AI-generated video testimonials featuring celebrities to deceive potential victims.
Key Features of the Nomani Scam:
– Fraudulent ads on social media platforms targeting previous scam victims
– Fake profiles impersonating businesses, government entities, and influencers
– Phishing websites mimicking news media and cryptocurrency platforms
– Direct phone calls from scammers pushing fake investment opportunities
– Use of AI-generated content to enhance credibility
The scam operates through multiple phases:
1. Initial contact through malicious advertisements
2. Collection of personal information via phishing forms
3. Direct manipulation through phone calls
4. Pressure to invest in non-existent financial products
5. Additional fees and information requests when victims attempt withdrawals
Technical Analysis:
– Evidence suggests Russian-speaking operators
– Cyrillic code comments found in source code
– Yandex tools used for visitor tracking
– Organized structure with specialized teams handling different aspects
In a related development, South Korean authorities recently dismantled a similar fraud network (Operation MIDAS) that stole $6.3 million through fake trading platforms, resulting in 32 arrests and the seizure of over 20 servers.