Since early January, The Straits Times has noticed an ad on a reputable regional news site with a photo of the award-winning actress with the caption “Rebecca Lim shared some very important news. “
The ad allegedly leads to a sponsored article on the entertainment portal 8days. sg. But when the audience clicks on the link, they are directed to a fake story about Lim, 37, that locates a “new loophole that he (sic) says can turn him into a millionaire in 3 or 4 months. “
The page, which mimics news website CNA, has links to a supposed crypto auto-trading programme called Bitcoin Future, which the scammers claim is the actress’ No. 1 money-maker.
In recent years, cryptocurrency trading scams have used unauthorized photographs and fabricated quotes from local figures such as Prime Minister Lee Hsien Loong, business tycoon Peter Lim, and pop star JJ Lin.
Cyber-security firm Group-IB published a study in 2020 on a series of similar scams “fronted” by well-known Singaporeans, and reported the pages to the Singapore Cyber Emergency Response Team.
In the case of the fraudulent page that recently gave Rebecca Lim the impression, an average user would find it more difficult to report it to the authorities.
Its displayed URL leads to a fake article containing an article about Lim’s pregnancy, while its genuine URL is hidden in the codebase.
Retrieving the genuine URL requires many lines of code, which takes time and expertise.
Vladimir Kalugin, director of virtual threat coverage operations at cybersecurity firm Group-IB, told The Straits Times that scammers “have made strides in their evasion to hide their campaigns from the government and traditional detection tools. “
Some of them use redirection or other strategies to replace a scam page’s URL without reloading its content.
Others use a camouflage technique, in which only specific users are presented with fraudulent and malicious content, while all other visitors to the same page are presented with innocent content, such as a 404 error page, Mr. Kalugin, in Singapore.
Scammers have also learned how to protect crawlers and other web bots from their advertising content, he added. This makes it more complicated for automated anti-scam teams to stumble upon the pages.
“To thwart those techniques, the government and cybersecurity experts will have to work together to adopt complex surveillance and takedown strategies, and raise awareness of potential online threats,” Mr. Kalugin said.
Get The New Paper on your phone with the free NPT app. Download now from the Apple App Store or Google Play Store