Exposing the Deception – 17,000+ Fraudulent News Sites Revealed for Investment Scams

A comprehensive investigation by cybersecurity firm CTM360 has uncovered a massive network of over 17,000 fraudulent news sites operating across 50 countries, designed to lure victims into investment scams through sophisticated deception tactics.

These “Baiting News Sites” (BNS) masquerade as legitimate media outlets, mimicking trusted brands like CNN, BBC, CNBC, and regional news organizations to build credibility before redirecting users to fraudulent investment platforms.

The elaborate scheme involves fabricated stories that falsely associate well-known public figures, including central bank governors, national leaders, and celebrities, with fake investment opportunities.

These fictitious articles claim these figures have “accidentally revealed” secret methods for generating wealth through cryptocurrency platforms such as “Eclipse Earn” and “Trap10,” which are entirely fraudulent operations.

Technical Infrastructure and Distribution Methods

The scammers employ a multi-layered technical approach to maximize their reach and evade detection. CTM360’s analysis reveals that most fraudulent sites utilize low-cost top-level domains, including .xyz, .shop, and .click extensions.

In contrast, others compromise legitimate domains to host fake news pages, making identification and takedown efforts significantly more challenging.

The distribution mechanism relies heavily on sponsored advertisements through Google ads and Meta’s advertising platforms.

These ads feature official photos of public figures and national symbols, using compelling headlines such as “You won’t believe what the [central bank governor] just revealed about making money from home.”

The scammers create bogus social media profiles with zero followers and minimal details, exclusively designed to host these sponsored advertisements.

Once victims click on these ads, they encounter professionally designed fake news articles that redirect them to fraudulent trading platforms.

The platforms, branded with names like “Solara Vynex,” simulate legitimate crypto investment portals, complete with fake profit dashboards and fabricated returns to convince users to invest more money.

Global Scale and Victim Targeting

The operation demonstrates remarkable sophistication in regional targeting, with sites tailored to local audiences using native languages, familiar media brands, and regional public figures.

The highest concentrations of these fraudulent sites target the Middle East, Asia-Pacific, Europe, and the Americas, with countries including the US, China, India, Japan, Germany, and the UK among the most affected.

CTM360’s Scam Navigator framework identifies six key stages in these operations: resource development, trigger, distribution, target interaction, motive, and monetization.

Victims typically begin with small deposits around $240 to “activate” trading accounts, but withdrawal attempts are systematically blocked through various pretexts, including system errors, pending verification requirements, and additional fee demands.

The investigation continues as CTM360 monitors emerging patterns and works to reduce the proliferation of these deceptive platforms across global digital ecosystems.