Criminals Clone CNN and BBC to Push Crypto Scams: Experts Warn of AI-Powered Investment Fraud

A sweeping global scam is duping thousands into fraudulent cryptocurrency investments by impersonating some of the world’s most trusted news brands — and the threat is growing more sophisticated, according to cybersecurity researchers and industry experts.

In a new report from Bahrain-based cybersecurity firm CTM360, researchers revealed a network of over 17,000 fake news sites designed to mimic the look and feel of reputable outlets like CNN, BBC, and CNBC. These counterfeit domains, often indistinguishable from the real thing, publish fictitious stories featuring public figures such as national leaders or central bank officials endorsing get-rich-quick crypto schemes.

The campaigns are hyper-targeted: scammers tailor the content to regional audiences across more than 50 countries, using native languages and local celebrities to build credibility. The operation typically begins with paid ads on Google or Meta platforms, funneling users to the sham articles — and then to fake investment platforms with names like Eclipse Earn, Solara, or Vynex.

“The danger of this scheme doesn’t come from its complexity, but rather from the reputation associated with the websites being replicated,” said Andrew Costis, Engineering Manager of the Adversary Research Team at AttackIQ. “CNN, BBC, and CNBC are all well-established news organizations, which eases victims’ doubts and makes them more susceptible to being taken advantage of.”

The scam infrastructure is professional-grade: slick dashboards, fake performance graphs, and testimonials lure victims into believing their investments are generating returns. But no actual trading takes place. Victims are prompted to upload personal identification documents and deposit an initial investment — typically around $240 — only to face withdrawal roadblocks, sudden “fees,” or additional “verification” steps when trying to retrieve their funds.

And the implications go far beyond financial loss. The stolen personal data is often resold on the dark web or weaponized in future phishing campaigns.

Steve Povolny, Senior Director of Security Research and Competitive Intelligence at Exabeam, described the scam as part of a broader trend driven by the rise of AI-generated content. “It’s genuinely alarming how anyone can now spin up a perfect clone of a legitimate news site using free AI tools, complete with identical layouts, logos, even phony URLs,” he said. “These aren’t low-level knockoffs; they’re fully operational fake websites designed to peddle investment scams (or worse) under the guise of trusted outlets.”

“To me, this signals a seismic shift: no longer are advanced coding skills required, just a savvy scammer and a few clicks, and your trusted news source is feeding you state-of-the-art scams,” Povolny added.

CTM360 said most of the activity has been concentrated in the Middle East, but victims have also been identified across Europe and the U.S. And while exact financial losses are unknown, the scale and automation of the scam suggest millions could be at stake.

Costis underscored the need for public vigilance. “Even the most trusted corporations can be a ploy for a scammer’s trap,” he said. “Individuals and organizations must take it upon themselves to learn about the risks associated with investment schemes and practice safe browsing habits.”

As AI lowers the barrier for cybercriminals to scale their deception, security experts say the burden of verification has shifted firmly onto the user. Always double-check the URL, verify claims through official sources, and think twice before clicking on an enticing ad — no matter how familiar the brand behind it may seem.