CryptoRom Scam Utilizes Generative AI Chat Tools to Lure Victims
CryptoRom, a fraudulent scheme that combines cryptocurrency trading and romance scams, has taken a new turn by incorporating generative artificial intelligence (AI) chat tools to entice and engage with potential victims.
In a report published today by Sophos security researchers Jagadeesh Chandraiah and Sean Gallagher, they shed light on the emerging trend of “shā zhū pán” scams, which have been preying on mobile device users for the past couple of years.
The modus operandi of CryptoRom scams typically involves reaching out to individuals through dating apps or social media platforms. Once the conversation transitions to private messaging apps such as WhatsApp or Telegram, the scammers introduce the concept of trading cryptocurrencies and offer to assist the targets in downloading and funding a sham crypto-trading application.
What sets this latest development apart is the utilization of generative AI tools like ChatGPT or Google Bard to aid scammers in crafting more authentic conversations with their targets. This not only enhances the persuasiveness of the interactions but also lightens the workload for the scammers when dealing with multiple victims.
Furthermore, recent incidents have shown that scammers are not content with just the initial “tax” payment and are devising additional pretexts to extort more money from their victims.
In a cunning move, the scammers have managed to evade scrutiny from both Apple’s and Google’s app store reviews by tweaking the app’s content post-approval. By tweaking a pointer in remote code, the innocuous app can be swiftly transformed into a fraudulent one without raising any red flags.
“Previously, CryptoRom fraudsters had to resort to a cumbersome technical workaround to target iOS users before being able to infiltrate the Apple Store, which could potentially tip off their victims of foul play,” Gallagher elaborated. “Now, targeting iPhone users has become a breeze for them, broadening their pool of potential victims.”
The researchers caution individuals who suspect they may have been ensnared in these scams to promptly report the incident to local authorities well-versed in handling fraud cases. Victims are also encouraged to reach out to their financial institutions to explore the possibility of reversing any transactions and to report the wallet addresses associated with the fraud to the relevant cryptocurrency exchange.
By staying vigilant and informed, individuals can safeguard themselves against falling prey to the deceptive tactics employed by CryptoRom scammers.