Today we see a lot of crypto ads online and most of them are likely to be fake. Many fake banking, finance, and cryptocurrency apps have been released by criminals to steal your money. To protect the investing public and other financial consumers, the Securities and Exchange Commission (SEC) continues to engage with Google to ensure regulatory compliance from firms conducting business online.
Fake Crypto Ads & Apps
Numerous more fake versions of popular cryptocurrency trading, stock trading, and banking apps on iOS and Android are discovered. All designed to steal from anyone duped into using them.
These fake programs are designed to take advantage of the recent large spike in the value of cryptocurrencies, as well as interest in low-cost or free stock trading sparked by events like the recent social-media-fueled speculation in GameStop stock.
Access & Steal
After installing and starting the app, the user is prompted to make an account, and in some situations, an invitation code is requested, likely to limit app access to those who were specifically targeted.
Some of the phony trading apps we examined included a user interface with trade updates, wallets, fund and cryptocurrency deposit, and withdrawal functions that appeared to be identical to those seen in actual trading apps. The primary difference was that any money exchanged went straight into the pockets of the thieves.
We suspect the ID information was utilized by the crooks to authenticate financial transactions and receipts as confirmation of the victims’ deposits. We also discovered several attractive profile photographs that were presumably used to create bogus dating profiles, implying that dating was utilized as bait to seduce victims.
How they Lure the Victims
The methods to spread these apps used social engineering to attract victims via dating sites and websites that seemed like they belonged to reputable businesses. These websites redirected victims to third-party websites that delivered iOS mobile apps via configuration management methods, iOS mobile device management payloads delivering “Web Clips,” or Android apps, depending on the device.
SEC & Google Screening
Google will soon require advertisers offering cryptocurrency exchanges and wallets targeting the Philippine audience to present proof of their registration and/or license to operate in the country, after updating its screening process for online lending apps to help address the proliferation of predatory lending.
The new regulation, which takes effect on July 7, is in addition to Google’s existing policy, which compels all marketers to follow local regulations in every place where their ads are targeted. Any violation will be addressed by Google in a timely manner.
Organizations doing business in the Philippines must first register with the SEC, which is the national government regulatory organization entrusted with overseeing the corporate sector. Meanwhile, according to BSP Circular No. 944, dated February 6, 2017, operators of cryptocurrency exchanges must register with the BSP as remittance and transfer organizations.
The SEC uses online investor protection and financial literacy campaigns to educate the public about lawful investing opportunities. Throughout the pandemic, the Commission has noticed that numerous companies have taken advantage of the online arena to disseminate investment frauds purporting to be engaged in bitcoin trading but are not real or do not exist at all.
The Securities and Exchange Commission has repeatedly urged the public to be cautious and perform careful research before transacting or dealing with any firm, including those based abroad who do not have a license or registration to do business in the Philippines.
In May 2019, the SEC began discussions with Google to combat the rise in unregistered personal lending apps in the country. Google amended its policy for personal loan apps targeting Filipino customers on May 11, 2022, requiring developers to submit a Personal Loan App Declaration and other required papers before their apps could be published on Google Play. If such documentation is not provided, the personal loan app will be removed from Google Play.