The Silicon Valley company took a while to uncover the entire network because the alleged criminals managed to make any connection that could link them to other fraudulent apps that were being detected disappear.
Two Chinese app developers have been sued by Google , accused of having defrauded up to 100,000 users globally through a conglomerate of up to 87 different apps. The apps were aimed at trading cryptocurrencies and other investments, and encouraged users to download them with promises of immediate profits and a legitimate appearance.
This is a scam of the type known as “pig slaughter” , in which cybercriminals emotionally manipulated victims by showing false data of high investment returns . When those affected tried to recover the money supposedly earned, they discovered that they could not. Not only did the money they contributed as an investment disappear, but they also lost money in commissions and other types of payments that the application requested in exchange for recovering the main investment and false benefits.
The affected users, specifically, would be around 100,000. Of these, 8,700 US residents, and at least 6,000 users in Ghana.
The scammers used various Google tools to commit the crime. Specifically, developers Yunfeng Sun and Hongnam Cheung managed to use the Google Voice, Workspace and YouTube services for their criminal activities , in addition to Google’s own app store, Google Play. Thus, and despite violating the terms of service of all these apps, the developers managed to perpetrate hundreds of frauds that defrauded the victims, in the worst cases, of up to $75,000.
The blatant criminal behavior carried out through official Google channels has caused the technology company to sue both software developers individually, something that the technology company does not usually do. The company regrets the damage not only to the affected users but also to the reputation of the company itself and the affected applications. For this reason, it has urged the Federal Court for the district of New York to issue a permanent ban on those accused of using any of Google’s apps or services.
Various methods of contact to deceive victims
The defendants primarily used three methods to approach and convince users to use their fraudulent investment platforms.
On the one hand, they contacted victims with text messages they sent via Google Voice. They sent a message that appeared to be a message sent to the wrong number, with lines like “I’m Sophia, do you remember me?” or “I miss you all the time, how are your parents Mike?” After establishing contact through what seemed to be a chance mistake, the scammers began to forge supposed bonds of friendship. When they gained enough confidence, they let it slip that some investment apps were giving very good results.
The alleged scammers also circumvented YouTube filters by posting videos on the platform. They boasted supposed returns on investment of up to 2% a day.
Likewise, they promoted affiliate marketing campaigns in which they encouraged users to invite acquaintances or family members to join the investment platform, in exchange for rewards in the form of commissions.
They demanded more money in exchange for withdrawing the investment
Once the user was inside one of the platforms, their “user interfaces sought to convince the victims that they maintained balances in the application and that they were obtaining ‘return’ on their investments,” as Google has stated. To convey a feeling of security, the apps occasionally allowed small amounts to be withdrawn from the invested amount.
When trying to recover the entire amount invested, the alleged scammers took advantage of the anxiety of the moment to demand the payment of another commission or fee in exchange for the return of funds that they would never recover. These commissions for withdrawing money could be between 10 or 30%.
In total, there are about 87 applications that have been progressively eliminated by Google as the company detected them. The criminals managed to publish so many applications in the Play Store because, according to Google, they managed to erase any trace of connection with other previously banned applications. However, it was the use of several company services that allowed Google to locate the entire network of applications. Some of them were called TionRT, SkypeWallet, or Starlight app.
