Fake News for Real Scams: Inside the Global Threat of Baiting News Sites and Crypto Investment Fraud

In July 2025, Bahrain-based cybersecurity firm CTM360 released a bombshell report exposing the alarming global rise of Baiting News Sites (BNS) fraudulent news platforms weaponized by cybercriminals to promote high-risk crypto investment scams. These deceptive sites imitate trusted media outlets, feature fabricated endorsements from public figures and central banks, and funnel victims into fake platforms like “Trap10” and “Eclipse Earn.” With over 17,000 fake sites detected across 50 countries, the scale and sophistication of this fraud trend highlight a global cybersecurity emergency.

Baiting News Sites are crafted to resemble respected media outlets such as CNN, BBC, CNBC, News24, and ABC News. They publish fake stories that falsely associate public figures, national banks, or financial regulators with high-yield investment opportunities.

These hoax stories serve as entry points into phishing funnels designed to harvest personal information, steal crypto deposits, and hijack digital identities. According to CTM360, this fraudulent ecosystem is powered by:

• Meta and Google Ads promoting fake news articles
• Bogus websites that mimic national news platforms
• Social media posts using photos of well-known celebrities and government officials
• Phony crypto trading platforms like “Solara Vynex” and “Trap10”

How the Scam Works: A Two-Phase MITRE-Style Breakdown

CTM360’s “Scam Navigator” Maps the BNS Fraud Lifecycle

CTM360’s Scam Navigator, modeled on the MITRE ATT&CK framework, breaks down the BNS fraud operation into two key phases:

Phase 1 – Distribution & Target Interaction:

1. Ads on Meta/Google: Scammers run paid ads featuring headlines like “You won’t believe what the central bank governor just revealed about crypto.”
2. Redirect to Fake News: Clicking these ads leads to cloned CNN/BBC-style pages with quotes from fabricated interviews.
3. Phishing Page: Users are redirected to fake investment platforms that collect personal data and encourage initial deposits (typically ~$240).

Phase 2 – Monetization & Withdrawal Trap:

1. Onboarding by Fake Agent: Victims receive a call from an “investment advisor” who extracts sensitive ID and financial information.
2. Fabricated Dashboard: The platform simulates trading profits using a fake UI.
3. Withdrawal Denied: When victims attempt to cash out, they face delays, “unlock fees,” or new minimum deposits.

Global Reach and MEA Impact

CTM360 has detected over 17,000 Baiting News Sites targeting audiences in 50 countries. The Middle East and Africa (MEA) region ranks high among targeted zones, with localized content using Arabic, Swahili, and French to impersonate national institutions like:

• Central Bank of the UAE
• South African Reserve Bank
• Bank Al-Maghrib (Morocco)

These scams often falsely associate financial regulators with platforms like Eclipse Earn, claiming official endorsement.

Quotes from Experts

“The scale of BNS attacks shows that cybercriminals have mastered the art of digital trust manipulation. This is not just phishing—it’s high-stakes social engineering at a global scale.”
— CTM360 Intelligence Team, July 2025 report.

“We’re seeing more attacks that blend cybersecurity, brand impersonation, and social media disinformation. Fake media is now a core weapon in cybercrime campaigns.”
— CyberCory.com Editorial Board, 08 July 2025.

10 Key Takeaways for Cyber Defenders

1. Block suspicious TLDs: Monitor domains ending in .xyz, .shop, .click, and other low-cost TLDs used in BNS campaigns.
2. Use threat intel feeds: Integrate platforms like CTM360, SaintyNet, or public takedown lists into your defense stack.
3. Implement DMARC & SPF: Prevent email spoofing of media domains used in scam follow-ups.
4. Deploy brand protection tools: Continuously scan the web for fake versions of your organization or leadership.
5. Train employees & users: Regular awareness training can reduce the risk of being duped by fake news links.
6. Flag & report social media abuse: Fake ads should be reported directly to Meta and Google for takedown.
7. Harden ad placement policies: Use ad verification tools to monitor where your brand appears.
8. Monitor investment-related keywords: Search engine abuse often targets trending crypto or fintech terms.
9. Collaborate across sectors: Share intelligence on cybercrime trends via ISACs or local CERTs.
10. Raise public awareness: Encourage national cybersecurity centers to issue alerts on active BNS campaigns.

Conclusion

The weaponization of fake news websites to orchestrate crypto scams has become a global cybersecurity threat. With scammers targeting trust by impersonating major institutions and public figures, the line between media manipulation and financial fraud is vanishing. The CTM360 report serves as a wake-up call for governments, media, security services, and the global financial industry to take coordinated action. In a digital world where perception equals reality, defending the authenticity of information is now a critical part of cybersecurity.

Sources

• CTM360 BaitTrap Report – July 2025
• CyberCory.com – Baiting News Threat Landscape
• MITRE ATT&CK Framework
• Meta Transparency Center
• Google Ads Support on Misrepresentation