Cybersecurity researchers have exposed two coordinated investment scam operations—Reckless Rabbit and Ruthless Rabbit—that use fake celebrity endorsements, Facebook ads, and web forms to steal personal info and funnel victims into phony crypto platforms.
There’s more going on behind that viral post than you think—what looks like an Amazon link might just be your front-row ticket to a scam built on smoke, mirrors, and password-generating bait.
Find out how to protect yourself farther below.
Two threat actors—Reckless Rabbit and Ruthless Rabbit—are behind a string of crypto scams masked as celebrity-backed investment platforms.
Using a VPN like Nord VPN is one way to protect yourself from scams.
They run fake Facebook ads that lead to spoofed news stories, pushing users to hand over personal info through sleek embedded forms.
Behind the scenes, they use traffic distribution systems (TDS) and IP validation tools to screen victims and dodge detection. If a target passes those checks, they’re funneled to a scam site or told to wait for a “rep” to call.
Reckless Rabbit leans on registered domain generation algorithms (RDGAs) to build sketchy domains that hide in plain sight, often redirecting from lookalikes like amazon[.]pl. Ruthless Rabbit, meanwhile, adds its own cloaking service to the mix, fine-tuning scams that have been targeting Eastern Europe since 2022. The playbook is evolving—and fast.
Avoid clicking on flashy ads that promise big returns, especially on social media. If it sounds too good to be true, it probably is.
Check URLs carefully—scammers often use slight misspellings or lookalike domains. Search for the official website on your own instead of using ad links.
Legit platforms don’t ask for sensitive info upfront. Skip any form asking for your full name, phone, email, or password unless you’ve confirmed the site’s authenticity.
A password manager helps avoid reusing passwords across sites. It also alerts you to suspicious or fake websites.
Turn on 2FA wherever possible, especially for email and banking apps. Even if someone gets your login, they’ll still need that second code.
Scammers rely on outdated browsers or plugins. Regular updates help patch security flaws they often exploit.
Public Wi-Fi is a favorite hunting ground for attackers. Using a VPN like NordVPN encrypts your data and hides your real IP address.
Look up the platform and see if others have flagged it as a scam. Trust independent reviews—not just social media buzz.
If you spot a scam, report it to the platform. It helps stop the spread and protects others too.
|