Cyber Analysis Group - CyberAGroup - OSINT Darkweb Investigations  - Insider Threat - Crypto - Online threat & exposure - SOCMINT - Canadian

‹ Back

While CyberAGroup enjoyed a successful year, I did not expect it to trigger such a high volume of unsolicited acquisition and investment inquiries. These scams are becoming increasingly persistent, with our firm receiving multiple "offers" each week from fictitious "family offices" and investment firms.

 

Most of these communications follow a recognizable pattern. They typically utilize absurdly long, obscure domains (such as ".shop"), originate from automated outbound scripts hosted on cheap AWS instances, and lack any specific knowledge of our operations. However, we have recently observed more sophisticated, targeted efforts directed at our clients. These included a manual spear-phishing attempt impersonating a legitimate entity and an AI-driven campaign that generated highly specific content to increase its credibility. Both were convincing enough that the recipients wisely requested professional due diligence.

 

The primary objective of these scams is to defraud targets via "advance fee" schemes, where the victim is pressured to pay for fraudulent company valuations or legal services. Furthermore, these actors often attempt to harvest sensitive financial documents for identity theft, corporate extortion or future exploitation.

 

These threat actors leverage "evil OSINT" and harvested Dark Web data to build their target lists. By combining automated scraping tools, professional prospecting platforms, and leaked breach data, they can create highly accurate profiles of their targets. In many cases, they simply use email permuters to guess addresses and verification tools to confirm delivery.

 

Because AI is now being used to refine previously obvious scams, integrating technical cyber analysis and OSINT into all business decision-making is no longer optional. Comprehensive due diligence is now a requirement for any business engagement, ranging from investment opportunities and conference invitations to strategic partnerships, regardless of whether the initial contact occurs via email, social media, or professional networking channels.