CloudSEK’s tool has played a crucial role in identifying how cybercriminals are using deepfake technology to exploit high-profile individuals and deceive users around the world.
Learn more
CloudSEK, a leading cybersecurity company, recently uncovered a sophisticated scam involving deepfake videos that leverage the likeness of famous personalities to promote fraudulent mobile gaming apps.
Using cutting-edge artificial intelligence (AI), the company has developed a new deepfake detection tool to identify and combat these scams, which target users in multiple countries.
Deepfake scam explodes
CloudSEK’s investigation revealed that scammers are creating fake videos featuring well-known celebrities endorsing a mobile gaming app called Aviator.
Personalities such as Indian business tycoon Mukesh Ambani, cricket star Virat Kohli, Olympic athlete Neeraj Chopra and international personalities like Cristiano Ronaldo, Ryan Reynolds (as Deadpool) and YouTube sensation Mr. Beast, are falsely represented promoting the app.
These videos claim that users can make substantial financial gains with minimal investment by playing the game, thus enticing users to download the app. For example, a deepfake video shows Mr. Beast in a fictitious advertisement aimed at the African market, encouraging users to invest small amounts, such as 1,000 Kenyan shillings, to potentially win large sums through gambling.
Virat Kohli has been one of the most frequent celebrities targeted by these deepfake campaigns in South Asia, with videos falsely promoting the app to unsuspecting audiences.
Using deepfake news anchors and journalists
The scammers also manipulated respected news anchors and channels in order to lend credibility to the fraudulent scheme. Fake news spread by trusted platforms like Aaj Tak, Republic TV, Zee News and ARY News creates the illusion of legitimacy, fooling viewers into believing that the mobile app is a genuine money-making opportunity.
What started as a scam targeting the European Union in early September 2024 has now spread to several regions, including India, Pakistan, Nigeria, Bangladesh, Saudi Arabia and parts of South Asia. Southeast.
Interestingly, no deepfake scams were detected in the EU during CloudSEK’s investigation, despite initial targeting.
Phishing tactics and fake Google Play Store links
One of the most deceptive aspects of the scam is the use of phishing links that imitate the Google Play Store. Users are tricked into believing they are downloading the app from a legitimate source, only to be redirected to fraudulent phishing pages. Domains like “avatarsky(.)one” are used to impersonate the Play Store, and fake apps install malware on victims’ devices, displaying real-time statistics and offering payment options via UPI and cryptocurrency to further lure users into the trap.
CloudSEK research found that more than 1,000 phishing domains are registered daily, primarily using the .top domain and originating from Belize. These domains are hosted by an ISP known as IQWeb FZ-LLC, and the scammers offer various payment methods, including bank transfers and cryptocurrency transactions in Bitcoin, Monero, Ethereum and others.
Deepfake detection tools to the rescue
At the heart of CloudSEK’s efforts to combat this scam is its new free deepfake detection tool. This tool has played a crucial role in identifying how cybercriminals are using deepfake technology to exploit high-profile individuals and deceive users around the world. CloudSEK’s AI-powered tool provides a robust defense against the rise of deepfake scams, allowing users to detect fraudulent content before they fall victim to it.
As cybercriminals continually evolve their methods, CloudSEK’s deepfake detection technology represents a significant step forward in combating the growing threat of deepfake scams and protecting users from these highly sophisticated traps.
