According to recent findings from Infoblox Threat Intel, US consumers faced a staggering $5.7 billion loss to investment scams in 2024. The rise of fraudulent activity is significantly driven by two notorious groups, Reckless Rabbit and Ruthless Rabbit, which exploit social media ads and fake websites to deceive potential victims.
The tactics of Reckless Rabbit and Ruthless Rabbit
Reckless Rabbit: This group primarily uses Facebook ads featuring false celebrity endorsements to lure victims. Their strategy includes creating domains that generate noise in the DNS system, making it difficult to identify which subdomains are actually involved in scams.
Ruthless Rabbit: Unlike Reckless Rabbit, this group employs a cloaking service to screen users and often impersonates legitimate brands. They use dynamic URLs to ensure if one page is blocked, another can take its place, complicating detection efforts for security researchers.
Chaos, trust, and opportunity for cybercriminals
Infoblox researchers highlight that scammers thrive on both chaos and trust. Economic uncertainty tends to push people toward risky investment opportunities, which fraudsters exploit by creating a sense of urgency, making it feel like a can’t-miss chance.
Practical steps for users and organisations
Users are advised to be cautious of investment opportunities from unknown sites, especially those featuring celebrity endorsements. Verifying claims through independent sources can be vital in avoiding scams. For organisations, deploying Protective DNS services can help block access to malicious domains, safeguarding users from inadvertently visiting these fraudulent sites.
Key Insights
- US consumers lost $5.7 billion to investment scams in 2024.
- Scammers utilise Facebook ads with fake celebrity endorsements to allure victims.
- Groups like Reckless Rabbit and Ruthless Rabbit employ advanced tactics to evade detection.
- These scams thrive on economic uncertainty and manipulate public trust with familiar branding.
- Protective DNS services are highly recommended for organisations to prevent user access to scam sites.
Why should I read this?
If you’ve ever scrolled through Facebook and thought about investing based on a flashy ad, you definitely want to read this. The article digs into the nuts and bolts of how these scammers operate, giving you the know-how to keep your finances safe. Knowledge is power, and staying alert can help you avoid becoming the next victim!