Sophos, a global cybersecurity service provider, has revealed new findings regarding CryptoRom scams, a type of fraudulent scheme aimed at deceiving users of dating apps into making fake cryptocurrency investments. In its recent report titled “Sha Zhu Pan Scam Uses AI Chat Tool to Target iPhone and Android Users,” Sophos highlights the evolving tactics of CryptoRom scammers.
Since May, the Sophos X-Ops team has observed CryptoRom fraudsters enhancing their methods, incorporating an AI chat tool similar to ChatGPT into their toolkit. These scammers have also expanded their tactics by falsely claiming that victims’ crypto accounts have been hacked, demanding additional upfront payments.
Moreover, Sophos X-Ops has uncovered that scammers managed to introduce seven new fake cryptocurrency investment apps into official platforms like the Apple App Store and Google Play Store. This development increases the potential risk to potential victims.
In 2022, investment fraud accounted for the highest losses among reported scams to the US FBI’s Internet Crimes Complaint Center (IC3), totaling $3.31 billion in the United States alone. Scams related to cryptocurrencies, including CryptoRom schemes, were a major contributor to these losses, increasing by 183% from 2021 to reach $2.57 billion in reported losses last year.
The use of an AI chat tool, likely ChatGPT, was first discovered by Sophos X-Ops when a victim of the CryptoRom scam contacted their team. The victim had engaged with a scammer on the Tandem language-sharing app, which is sometimes used as a dating platform. The scammer persuaded the victim to switch their conversation to WhatsApp, where the victim grew suspicious after receiving a message that seemed partially generated by an AI chat tool using a large language model.
Sean Gallagher, Principal Threat Researcher at Sophos, noted that the adoption of AI chat tools by scammers, such as ChatGPT, has become a more efficient way for them to maintain convincing and sustained romantic conversations with targets, reducing the need for human “keyboarders” who often face language barriers.
Additionally, Sophos X-Ops uncovered a new tactic employed by scammers: after victims attempt to cash in their supposed profits, fraudsters demand a 20% tax before allowing withdrawals.
If victims comply and pay the tax, scammers subsequently claim that the funds have been hacked and ask for another 20% deposit before releasing the funds.
The investigation also revealed that scammers managed to place seven fake cryptocurrency investment apps on official app stores. These apps have innocuous descriptions but present a fake crypto-trading interface once opened. The scammers manipulate the review process by initially submitting the app with legitimate content and then modifying it with fraudulent elements after approval.
Gallagher emphasized that user awareness is crucial in defending against CryptoRom scams and encouraged those who suspect they may be victims to reach out to Sophos. More information on these developments can be found in Sophos’ report “Sha Zhu Pan Scam Uses AI Chat Tool to Target iPhone and Android Users” on Sophos.com.