DeepSeek's Growing Influence Sparks a Surge in Frauds and Phishing Attacks
Summary:
DeepSeek, a Chinese AI company known for its open-source large language models (LLMs), launched its chatbot app in January 2025, quickly becoming the most downloaded free app on the U.S. iOS App Store, surpassing OpenAI’s ChatGPT. However, this rapid rise in popularity has made it a prime target for cybercriminals who are exploiting its name through phishing campaigns, fake investments, and malware distribution. Cybercriminals have created fraudulent websites impersonating DeepSeek, primarily targeting cryptocurrency users through phishing scams. These sites trick victims into scanning QR codes that compromise their crypto wallets, leading to financial losses.
In addition to crypto phishing, scammers have promoted a fake “DeepSeekAI Agent token,” encouraging users to invest in what is actually a honeypot scheme, preventing victims from withdrawing or trading their funds.
Security Officer Comments:
Another emerging threat involves fraudulent investment scams, which falsely claim to offer pre-IPO shares of DeepSeek. Given that DeepSeek has not announced any official IPO, these websites are designed to mislead users into providing sensitive personal information, which could later be exploited for phishing, identity theft, or financial fraud. Additionally, several fake DeepSeek download websites have been identified, offering versions of the app for Windows, iOS, and Android. Some of these are suspected of distributing malware, including AMOS Stealer, which could compromise users' devices and data.
Suggested Corrections:
IOCs:
https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/
https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/
DeepSeek, a Chinese AI company known for its open-source large language models (LLMs), launched its chatbot app in January 2025, quickly becoming the most downloaded free app on the U.S. iOS App Store, surpassing OpenAI’s ChatGPT. However, this rapid rise in popularity has made it a prime target for cybercriminals who are exploiting its name through phishing campaigns, fake investments, and malware distribution. Cybercriminals have created fraudulent websites impersonating DeepSeek, primarily targeting cryptocurrency users through phishing scams. These sites trick victims into scanning QR codes that compromise their crypto wallets, leading to financial losses.
In addition to crypto phishing, scammers have promoted a fake “DeepSeekAI Agent token,” encouraging users to invest in what is actually a honeypot scheme, preventing victims from withdrawing or trading their funds.
Security Officer Comments:
Another emerging threat involves fraudulent investment scams, which falsely claim to offer pre-IPO shares of DeepSeek. Given that DeepSeek has not announced any official IPO, these websites are designed to mislead users into providing sensitive personal information, which could later be exploited for phishing, identity theft, or financial fraud. Additionally, several fake DeepSeek download websites have been identified, offering versions of the app for Windows, iOS, and Android. Some of these are suspected of distributing malware, including AMOS Stealer, which could compromise users' devices and data.
Suggested Corrections:
IOCs:
https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/
- Always check the official DeepSeek website and social media channels for announcements.
- Avoid scanning QR codes from unverified sources or suspicious websites.
- Always confirm the legitimacy of a crypto project before sending any funds.
- Avoid downloading files from unknown websites.
- Use a reputed anti-virus and internet security software package on your connected devices, including PC, laptop, and mobile.
- Be wary of opening any links received via SMS or emails delivered to your phone.
- Educate employees on protecting themselves from threats like phishing/untrusted URLs.
- Keep your devices, operating systems, and applications updated.
https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/