The National Cyber Security Centre took down over 300,000 URLs that were being used to promote fake “get rich quick” investment schemes using fake endorsements from celebrities like Sir Richard Branson, Ed Sheeran, and Martin Lewis.
The fake websites linking to investment schemes with fake celebrity endorsements were identified and taken down by the NCSC in the past four months. Many of such URLs were identified thanks to the Suspicious Email Reporting Service that enables citizens to report fake and malicious URLs to the cyber security watchdog.
NCSC said that cyber criminals and online fraudsters are using emails and paid-for digital advertisements to entice people into visiting fake websites purporting to sell investment schemes that come with unbelievable returns on investment.
While the NCSC did not reveal how much money fraudsters have been able to steal using fake investment schemes and associated marketing tactics, it said that public reporting via the Suspicious Email Reporting Service helped it track down and block more than 16,800 malicious URLs, more than half of which related to cryptocurrency investment scams.
“These investment scams are a striking example of the kind of methods cyber criminals are now deploying to try to con people. We are exposing them today not only to raise public awareness but to show the criminals behind them that we know what they’re up to and are taking action to stop it.
“I would urge the public to continue doing what they have been so brilliantly and forward anything they think doesn’t look right to our Suspicious Email Reporting Service,” said Ciaran Martin, the chief executive of NCSC.
“These figures provide a stark warning that people need to be wary of fake investments on online platforms. Celebrity endorsements are just one of the ways criminals can promote bogus schemes online. People should not be fooled by images of luxury items such as expensive watches and cars, and posts on social media showing extravagant lifestyles, which are often used to persuade you to invest,” said Commander Clinton Blackburn of the City of London Police.
“To those of you who might be tempted, remember not every investment opportunity is genuine. Criminals will do all they can to make their scams appear legitimate. It is vital you do your research and carry out the necessary checks to ensure that an investment you are considering is legitimate,” he added.
Commenting on NCSC taking down malicious URLs related to fake investment schemes, Jeremy Hendy, CEO at Skurio, said that businesses have a duty to check if their domains are being typo squatted and used to dupe their customers via impersonation.
"Companies should also monitor for sale of fake or stolen goods on legitimate commerce sites and provide educational information on ‘how to spot’ a fake item or reseller. A third step is for businesses to register similar domains to their own making them unavailable to fraudsters. Cyber security experts can help by offering monitoring services for counterfeit goods, typosquatting and takedown services so getting an expert to help can speed up the process dramatically.
"Consumers should also be on guard. With scams such as this on the increase, users also need to stay ultra-vigilant to avoid giving criminals a free pass to their most valuable data. A well-crafted email can look utterly convincing: educate users in what to look out for, that they need to be suspicious of every email, and must alert security teams for anything that looks unusual. Have processes for reviewing any suspicious emails or requests to install or make changes to apps," he added.