This post is also available in: עברית (Hebrew)
“CryptoRom” scams are when a malicious element fakes a romantic interest in a victim, sometimes even cultivating long-term relationships to eventually lure the victim into making cryptocurrency investments that end up in the crook’s pockets.
Recently, these scammers began relying on AI-based tools like ChatGPT to increase the ease and efficiency of their scams. One of the struggles malicious elements have with CryptoRom scams is the need to hold convincing, sustained romantic conversations with targets. Now, with tools like ChatGPT, scammers can keep “authentic” conversations going with less labor. It also enables them to engage with multiple victims at once.
Sean Gallagher, a principal threat researcher at Sophos explains: “Traditionally when victims of CryptoRom scams attempt to cash in on their “profits,” fraudsters will tell them they need to pay a 20% tax on their funds before completing any withdrawals. However, a recent victim revealed that after paying the “tax” to withdraw money, the fraudsters said the funds had been “hacked” and they would need another 20% deposit before receiving the funds.”
According to Cybernews, another way scammers increased their potential of finding victims is by managing to add seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores.
But how do they trick these official app stores? Gallagher claims they do so by submitting the app for approval using legitimate, regular web content, and once the app is approved, they modify the server hosting the app with code for the fraudulent interface.
Just this past year victims lost nearly $2.6 billion to frauds involving cryptocurrency.
Gallagher states that while they’ve alerted Google and Apple about the phony apps, he believes that even more will emerge eventually. “These fraudsters are ruthless. Today, they’re telling victims their accounts have been hacked to extort more money, but in the future, they’re likely to think of new methods of initial and double extortion,” he concludes.