Cybersecurity researchers have uncovered a massive scam campaign in which fake websites impersonate reputable media outlets—such as CNN, BBC, CNBC, News24, and ABC News—to lure unsuspecting users into fraudulent investment schemes.

A Familiar Trick with a Dangerous Twist

These scams follow a well-known pattern: leveraging the brand recognition of trusted news platforms to add credibility to their fraudulent content. By doing so, attackers increase the chances of people clicking and engaging with what appears to be legitimate news.

Here’s how the scam typically unfolds:

• Deceptive Ads: Fraudsters purchase sponsored ads on platforms like Google and Facebook, usually with sensational headlines such as: “Shocking: [Famous Local Celebrity] Backs Revolutionary Income Stream for Everyday People!”
• Fake News Sites: Clicking the ad leads users to a website that mimics the layout and branding of major news outlets. These pages detail a supposedly breakthrough investment opportunity.
• Phishing for Info: Victims are encouraged to sign up for this program by submitting personal information like their name, email, and phone number.
• The “Advisor” Call: A scammer—posing as a friendly financial advisor—contacts the victim to explain how the system works. They reference the article and provide reassurances about the process.
• Initial Deposit: Victims are asked to invest a small amount (usually around $240) on a fake trading platform that shows simulated growth.
• The Trap Deepens: As returns appear to increase, the scammer pushes for more investment. When the victim tries to withdraw funds, they encounter sudden fees, ID verification issues, and delays.
• The Fallout: Eventually, victims realize they’ve been scammed. Not only is their money gone, but their personal data may have been sold to other fraudsters for further exploitation.

A Global Network of Deception

According to researchers, this campaign operates across 17,000 fake news sites in over 50 countries, with the United States being the most targeted. Fraudulent platforms such as Eclipse Earn, Solara Vynex, and Trap10 are among those commonly used in these scams.

These scams are promoted using a wide network of fake social media profiles and sponsored content.

How to Recognize These Scams

Here are some key red flags:

• Ads posted by profiles with no history or followers.
• Content that uses local celebrity photos and appears to be from real news sources.
• Promises of extraordinary returns in just days.
• Calls or emails requesting personal details under the guise of KYC compliance.
• Suspicious URLs ending in cheap or generic domain extensions like .xyz, .click, or .shop.
• Web addresses that mimic or misspell real brands (a tactic known as typosquatting).

How to Stay Safe

Protecting yourself and your data requires vigilance. Here are some best practices:

• Use a reputable security solution that blocks phishing and malicious websites.
• Avoid clicking on links in unsolicited emails or suspicious social media posts.
• Verify before you trust—check if celebrities are actually endorsing a product or if it’s clickbait.
• Never send money or share sensitive information with unverified contacts.
• Confirm the legitimacy of investment platforms through official regulators like the SEC (U.S.) or FCA (U.K.).

Already Shared Your Info?

If you suspect you’ve fallen victim:

1. Cut all communication with the scammer immediately.
2. Change your passwords and enable two-factor authentication (2FA).
3. Contact your bank to freeze any affected accounts and monitor transactions.
4. Check your credit report for signs of identity theft.
5. Report the scam to local authorities or cybercrime units.

At Nubetia, we help individuals and organizations stay ahead of emerging cyber threats. If your business needs support to protect against phishing, fraud, and identity theft, our cybersecurity and observability solutions can provide the visibility and protection you need.

Source: https://www.malwarebytes.com/blog/news/2025/07/cnn-bbc-and-cnbc-websites-impersonated-to-scam-people