Fake Betting Apps Using AI-Generated Voices to Sensitive Data

SUMMARY

• Scammers Use Fake Ads: Cybercriminals are creating fake betting app ads to lure users and steal money and personal information.

• AI-Generated Voices: Scammers use AI-generated voices in multiple languages to make their schemes seem more credible.

• Massive Reach: Over 500 fake ads and 1,377 malicious sites have been identified, targeting users in regions like Egypt, the Middle East, Europe, and Asia.

• Serious Losses: Victims have reported losing significant amounts, with some losing over $10,000 to these scams.

• Stay Safe: Avoid downloading apps from unofficial sources, be wary of too-good-to-be-true offers, and always use strong security measures.

Cybersecurity firm Group-IB has observed a surge in fake betting game advertisements across various social media platforms. In its detailed investigation, shared with Hackread.com, Group-IB’s CERT team discovered deceptive ads designed to lure unsuspecting users by promising easy money, ultimately leading to financial loss and personal data compromise. The ads typically target users in regions like Egypt, the Middle East, Europe, and Asia.

One of the fake apps used in the scam (Source: Group-IB)

Researchers, reportedly, discovered over 500 deceptive ads and 1,377 malicious websites targeting users to download fraudulent applications. Further probing revealed that cybercriminals are employing advanced techniques to make these fraudulent ads appear legitimate.

This, according to Group-IB’s blog post, includes using AI-generated voices in multiple languages to create a sense of authenticity, even when the scam originates from a different country. Victims have suffered significant financial losses, with some reporting losses exceeding US$10,000.

As soon as a user clicks on a deceptive ad, they are directed to download a fraudulent app. These apps are typically distributed through third-party websites or APK files and are capable of bypassing security measures on official app stores. Upon installation, the app requests various personal and financial information, which is then harvested by the scammers.

“Group-IB CERT discovered these scams across multiple regions, with more than 200 ads targeting Egypt, 160 ads in the GCC, and another 140 in Europe and Asia. The momentum of such scams has rapidly increased, with scammers continually expanding into new markets.”

Group-IB

Fake reviews and testimonials are a key facilitating factor in these scams, as these enhance the legitimacy of the fake apps. These reviews feature detailed narratives, screenshots, and photos of “successful” players, creating the illusion of a highly profitable and trustworthy game, and generating attraction for the scam.

Fake reviews on one of the fraud apps (Source: Group-IB)

Fake betting apps can lead to severe consequences for users, such as financial loss through “bait and switch” tactics, identity theft due to the collection of personal information, and device compromise. Malicious apps can compromise device security, allowing attackers to access sensitive data and install additional malware, posing a significant risk to users’ personal information.

We have been witnessing a gradual rise in fake gaming apps compromising users’ devices. Recently, Hackread reported Fortinet’s FortiGuard Labs discovery of a new malicious campaign targeting Microsoft Windows users using game-related applications to deliver Winos4.0, an advanced malware framework similar to Cobalt Strike and Sliver. Earlier this week, Indian authorities busted an international gang of cybercriminals who used fake gaming apps to mint over 190cr from unsuspecting users.

Hence, it is essential to be cautious of quick money offers to avoid falling victim to such scams. Always download apps from official stores, avoid suspicious links, use strong security measures like passwords and two-factor authentication, and stay updated on the latest online scams and phishing techniques to stay safe.

1. Crooks Exploit Satellite Live Feed Delay for Betting Advantage
2. Fake GlobalProtect VPN Downloads Spread WikiLoader Malware
3. Chinese Scammers Exploit Cloned Sites in Vast Gambling Network
4. Facebook Malvertising Campaign Drops Malware via Fake Bitwarden
5. Dude Finds Flaw in World’s Biggest Gambling Site, Steals $1M in BTC