Spotting AI Deepfake Investment Scams on Social Media

Tight budgets, inflation, and pension worries are pushing many people to chase better returns. Scammers are exploiting this moment with AI-enhanced financial fraud, including deepfake videos that make bogus offers feel real. Here’s how these scams work and how to protect your money.

The scale of the problem
Investment scams are the top earner for cybercriminals, according to the FBI, raking in nearly $6.6 billion—far surpassing the $2.8 billion from business email compromise. Much of the activity starts with misleading ads on social platforms designed to steal personal data or drive victims straight into investment fraud.

How these scams operate
A wave of deceptive social ads impersonates legitimate banks and financial experts. In June 2025, Instagram ads mimicked well-known banks with promises of unusually high interest rates, prompting users to enter banking logins. Others used deepfake Stories featuring supposed investment strategists to harvest personal details or funnel victims into investment-themed WhatsApp groups.

Another notable operation is the Nomani Trojan campaign, documented by ESET in 2024. Its ads and phishing sites impersonate local news outlets or use generic finance visuals with rotating names like “Quantum Bumex,” “Immediate Mator,” or “Bitcoin Trader.” Key characteristics include:

• Highly localized pitches (e.g., Elon Musk in North America; Lufthansa or the CDU in Germany)
• Distribution via Facebook, Instagram, X, YouTube, Messenger, and Threads
• Low-quality deepfake video testimonials, often with odd repetition and mismatched audio
• Use of fake or hijacked accounts to run ads (including one with 300,000 followers)
• Shared templates and callbacks tied to the same hosting infrastructure

The playbook is simple: capture personal information, initiate a convincing phone call, then pressure victims to invest, take out loans, or install remote access tools. ESET observed a 335% surge in Nomani threats from H1 to H2 2024 and blocked more than 8,500 related domains.

Why we keep falling for it

• Financial stress makes quick-win promises feel irresistible
• Short attention spans on mobile mean red flags get missed
• Deepfake tactics look convincing to the untrained eye
• Localized content and hijacked legitimate accounts build trust
• Bank anti-fraud controls often can’t prevent phone-based social engineering

Red flags to spot immediately

• Flashy ads using respected brands, promising guaranteed or unusually high returns
• Celebrity endorsements without verifiable, official confirmation
• Videos with glitches, poor lip-sync, low resolution, or robotic/over-polished voices
• Urgent pressure to act now to “lock in” an offer
• Any promise of guaranteed ROI

How to protect yourself

• Treat all investment ads with skepticism—don’t click through
• Research independently: look up reviews and warnings before engaging
• Only invest when you understand the product and how to withdraw funds
• Ignore unsolicited outreach from third parties
• Never share personal or financial data after clicking an ad; contact institutions via official channels
• Use reputable security software on all devices (e.g., a trusted provider like ESET) to block malware and known scam sites

If you think you’ve been scammed

• Contact your bank immediately and freeze affected cards or accounts
• Monitor accounts for unusual activity
• Report the incident to the police and relevant authorities

Stay vigilant: if a financial opportunity looks too good to be true—or arrives via an ad or unsolicited message—assume it’s a scam until proven otherwise.

Source: WeLiveSecurity