Cybersecurity
An international network of scam operations has been identified, utilizing impersonation tactics and fraudulent financial aid offers to target vulnerable populations.
Target Demographics
The campaign, referred to as “Vulnerability Vultures,” primarily targets older adults, who represent high-value targets for these threat actors. According to the FBI’s Internet Crime Complaint Center, individuals aged 60 and older filed the most complaints in 2024, with total losses reaching $4.8 billion, nearly double the next highest category. Data from the Federal Trade Commission indicates that adults aged 70 and above suffer significantly higher median dollar losses compared to younger age groups.
Scam Methodology
Scammers utilize major social media platforms to initiate contact, subsequently directing victims to fraudulent websites or private messaging channels. Here, they gather financial details and sensitive personal information. These operations exhibit geographic diversity, with operators reportedly based in Nigeria, South Asia, and the United States.
Operational Tactics
Individuals susceptible to offers of physical or financial benefits, including older adults and previous scam victims seeking restitution, are deliberately targeted. Analysis by Graphika indicates that the cross-platform structure of these scam operations allows for scalability, anonymity, and effective evasion of platform moderation. Threat actors use inauthentic personas and manipulated media to impersonate trusted figures and institutions, including the FBI and established news organizations.
By employing AI-generated audio, cloned websites, and repurposed authentic content, scammers create convincing simulations of legitimacy and authority, deceiving even cautious individuals.
Attack Methodology and Social Engineering Tactics
The operations follow a consistent three-stage attack pattern: establishing trust through authoritative impersonation, redirecting victims to off-platform communication channels, and extracting personal or financial data via registration forms for fictitious relief programs. These schemes operate at high volume, utilizing identical short-lived advertisements, AI automation, paid promotions, and disposable accounts to maintain operational persistence despite enforcement efforts by platform providers and law enforcement agencies.
