Incident 877: HTML/Nomani Deepfake Phishing Campaigns Allegedly Use AI-Generated Content to Defraud Social Media Users

Description: AI-generated deepfakes were reportedly used in the "HTML/Nomani" phishing campaign to mimic legitimate platforms like booking services and lured victims into investment scams. These scams allegedly leveraged realistic fake content to deceive users on social media for the purposes of financial fraud. This campaign was part of the rising misuse of AI in cybercrime during the second half of 2024.

Editor Notes: For more information, see the full ESET threat report, including how Lumma Stealer malware reportedly surged in targeting macOS and mobile users, and how RansomHub ransomware allegedly employed AI-driven techniques to enhance evasion and effectiveness, at the following URL: https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h22024.pdf. See also: Incident 870: Meeten Malware Campaign Reportedly Undermines Web3 Security Using AI-Legitimized Branding.

Tools

New Report New Response DiscoverView History

Entities

View all entities

Alleged: Unknown deepfake technology developers developed an AI system deployed by scammers , HTML/Nomani and Fraudsters, which harmed Phishing victims , Booking.com customers , Booking.com , Airbnb users and Airbnb.

Implicated AI systems: Deepfake generation tools , AI-powered cryptostealers and AI-enhanced ransomware systems

Incident Stats

Incident ID

877

Report Count

Incident Date

2024-12-16

Editors

Daniel Atherton

Incident Reports

Reports Timeline

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

thehackernews.com

thehackernews.com · 2024

Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous …

Variants

A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.