Cybercriminals Impersonate Major News Sites Like CNN, BBC, and CNBC to Push Fraudulent Investment Schemes

A sophisticated global scam operation has been uncovered, tricking unsuspecting individuals into fraudulent investment schemes by impersonating leading news sources, including CNN, BBC, CNBC, News24, and ABC News.

Security researchers have discovered that criminals have deployed more than 17,000 fake news sites across 50 countries, with the United States being the most targeted nation.

How the Scam Operates

The campaign follows a calculated and technically savvy playbook.

Cybercriminals purchase advertising space on major platforms like Google and Facebook, using sensational headlines such as “Shocking: [Local Celebrity] Backs New Passive Income Stream for Citizens!” These sponsored ads, often hosted by accounts with no history or followers, use photos of well-known personalities and mimic established media branding, fostering a false sense of legitimacy.

Clicking these ads directs victims to a counterfeit news site, visually indistinguishable from genuine outlets.

The fake article touts a revolutionary investment strategy, encouraging readers to sign up for a “risk-free” program by submitting their name, email, and phone number.

After registering, victims receive a call from a so-called “friendly advisor,” who references the article and pitches the investment opportunity.

The initial deposit is usually modest, around $240, and a sophisticated, fake trading platform branded with names like Eclipse Earn, Solara Vynex, or Trap10 shows growing returns.

The advisor then persuades investors to deposit larger sums. However, when victims attempt to withdraw funds, they face endless delays, additional “verification” fees, and ultimately, total loss of their investment.

The campaign stands out for its international reach, use of cheap and suspicious top-level domains (TLDs) such as .xyz, .io, .shop, and .click, as well as typosquatting URLs resembling legitimate news organizations.

Researchers also note the aggressive use of fake social media accounts to amplify paid ads and lure more victims.

How to Identify and Protect Against Such Scams

Cybersecurity experts emphasize vigilance in spotting common red flags:

• Suspicious social media ads: Accounts hosting the ads have minimal or no activity, followers, or legitimate engagement.
• Fake celebrity endorsements: Promises of massive profits allegedly backed by local celebrities.
• Pressure tactics: Advisors ask for excessive personal data under the guise of regulatory compliance (KYC).
• Dubious web addresses: Use of misspelled or deceptive domains closely resembling major brands.

Protection tips include:

• Use reputable security solutions to block malicious sites.
• Verify information through official financial regulators (e.g., the SEC or FCA).
• Never share personal or financial details in response to unsolicited messages or websites.
• Double-check sensational claims, particularly involving investments or celebrity endorsements.

If personal details have been disclosed, victims should change passwords, enable two-factor authentication, alert their banks, monitor credit reports, and report the incident to authorities.

As scams grow more sophisticated, public awareness and robust cybersecurity measures remain critical defenses against financial fraud.