If a billionaire recommends an investment in a Facebook ad, it’s probably not a shortcut to success—it’s your shortcut to getting scammed.
In this publication, we're uncovering a massive, fast-evolving investment scam powered by AI, fake celebrity endorsements, and high-tech deception—and it could be targeting your feed next.
Cybercriminals known as Reckless Rabbit and Ruthless Rabbit are running sophisticated online investment scams using spoofed celebrity ads, fake crypto platforms, and web tricks that make their activity nearly invisible to authorities—stealing money and personal data from unsuspecting victims across Eastern Europe and beyond.
How It Works:
- It starts with an ad—a slick, Facebook-sponsored post featuring a famous person “endorsing” a lucrative investment opportunity.
- You click through to a fake news article or promo page and are asked to "register" by entering your personal details.
- Behind the scenes, the scammers validate your email, phone, and location using tools like ipinfo.io.
- If you pass the test, you’re routed via a Traffic Distribution System (TDS) to either a fake crypto platform or a page that sets up a follow-up call.
- A real person might call you, guiding you through how to “invest” your money—directly into the scammers’ pockets.
The attackers also disguise their domains using Registered Domain Generation Algorithms (RDGAs), and cloak the real scam pages behind fake marketplaces (like an ad showing "amazon[.]pl" but redirecting to "tyxarai[.]org").
Who’s Targeted:
These scams focus on users in Eastern Europe—specifically Russia, Romania, and Poland—but anyone globally could stumble into them. They go after:
- Curious crypto investors
- Social media users
- Victims of algorithm-targeted ads
Real-Life Insight:
Researchers at Infoblox, who uncovered the campaigns, say Reckless Rabbit has been active since April 2024. “These types of scams have proven to be highly profitable... so they will continue to grow rapidly—both in number and sophistication.”
Why You Should Care:
These aren’t the spammy scams of the past. They’re polished, AI-driven, and dangerously convincing.
- Victims are manipulated into handing over money, passwords, and personal info.
- Some are repeatedly targeted after their data is verified.
- And with call centers, AI-deepfakes, and regional targeting, the deception feels eerily real.
Even more disturbing: this isn't just one scheme. A wider network of scams—from fake "mystery box" offers to deepfake celebrity investment pitches—are feeding off the same infrastructure.
Actionable Steps:
• Don’t trust celebrity investment endorsements—especially from social media.
• Avoid clicking ads from unknown sources, no matter how professional they look.
• Don’t give out personal data in web forms promising quick money or investment deals.
• Use a VPN to mask your IP and location—this can foil some verification checks used by scammers.
• Look up the domain or platform before engaging. If it’s unfamiliar or redirects oddly—back out.
Quick Tips & Updates:
• Did you know? Traffic Distribution Systems (TDSes) help scammers hide malicious websites from law enforcement and security researchers by only showing scam content to validated targets.
• Pro Tip: Always verify an investment opportunity on a reputable financial site or with a licensed advisor. If it seems too good to be true—it is.
Stay safe, stay informed.
Key Definitions:
- TDS (Traffic Distribution System): A tool that filters and directs online traffic, helping scammers hide their activities from detection.
- RDGA (Registered Domain Generation Algorithm): A system that registers domains using a secret algorithm, making scam sites harder to track.
- Cloaking: A deceptive tactic where the real content of a website is hidden unless certain conditions are met.
- Smishing: Scam via text messages. Similar to phishing, but through SMS.
- Deepfake: AI-generated video or audio content designed to impersonate real people, often used in scams.
To read more, kindly find source article here