Cybercriminals are using a fake cryptocurrency presale site for "Google Coin" to defraud victims. The site features a convincing AI chatbot impersonating Google's Gemini assistant to deliver a polished sales pitch and answer investment questions, funneling payments to scammers. This represents an evolution in scams, as AI chatbots can engage many victims simultaneously, removing the bottleneck of human operators. The fraudulent site is highly convincing, mimicking Google's branding and displaying logos of major, unrelated companies to appear legitimate.
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
A convincing presale site for phony "Google Coin" features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers.
Leave it to cybercriminals to come up with yet another way to abuse artificial intelligence (AI) platforms, by creating Google Gemini chatbots slick as used car salesmen who pressure people into buying fake cryptocurrency to defraud them of money.
Researchers from Malwarebytes Labs discovered a presale site for something called "Google Coin," a cryptocurrency that doesn't exist and is not being planned for release by the tech giant, it revealed in a blog post published Wednesday.
While that in and of itself is a red flag, the site also features a custom chatbot that claims to be Google's Gemini AI assistant to walk people through the process of buying the fake crypto, ultimately sending their payments for the phony product through to attackers.
Along the way, the fake Gemini chatbot provides an extremely professional sales pitch, never wavering from the objective of getting someone to buy Google Coin, much like a human salesperson would do in a live setting, Stefan Dasic, manager, research and response at Malwarebytes Labs, wrote in the post. "The bot … answered their questions about investment, projecting returns, and ultimately ended with victims sending an irreversible crypto payment to the scammers," he wrote.
The bot is paired with a highly convincing presale scam site that "mimics Google's visual identity with a clean, professional design, complete with the 'G' logo, navigation menus, and a presale dashboard," as well as numerous other features that make it look legit, Dasic wrote.
Chatbots Replace Human Scammers
The scam demonstrates an evolution in the use of AI by malicious actors that could ultimately change how these types of financially motiviated malicious campaigns, which in the past would have a human on the other end, are conducted. In fact, they can amplify them by an order of magnitude, Dasic said.
"Scammers have always relied on social engineering" to build trust, create urgency, and overcome the skepticism of potential victims, he wrote. But having humans take the time to do this has always limited how many victims could be engaged at once.
"AI chatbots remove that bottleneck entirely," Dasic wrote. That's because a single scam operation can now deploy a chatbot that engages hundreds of visitors simultaneously, 24 hours a day; delivers a consistent and polished messaging; and responds to individual questions with custom financial projections or other info that can help close the deal.
Chatbots also can impersonate a trusted brand’s AI assistant, i.e., Google Gemini, and if need be, escalate the conversation to human operators to finalize the transaction. Any crypto site projecting specific returns, no matter how attractive they may seem, also is likely fake, Dasic said, because "no legitimate investment product promises a specific future price," he wrote. And as always, any sites that press people to make decisions with a sense of urgency — a hallmark of most online scams — likely are just trying to defraud people of money, he added.
Highly Convincing Pair
The campaign in particular delivers a strong one-two punch that makes it easy to fool even the most suspectible user, Dasic said. First there is the site itself, which not only mimics Google's branding, but also displays logos of major companies — including OpenAI, Google, Binance, Squarespace, Coinbase, and SpaceX — under a "Trusted By Industry" banner. Though none of these companies are connected to the malicious project, obviously, the branding lends credibility to the site.
Moreover, if a victim gets as far as clicking to "buy" Google Coin, the wallet dashboard also looks like it might on a legit crypto platform, showing balances for Google Coin as well as Bitcoin, and Ethereum.
The site also uses upsell tactics to try to get people to spend more, promising that if people buy more, their bonuses also will grow. However, what they're paying for doesn't exist, and their payment — which is irreversible — goes into the hands of attackers.
Similarly attackers designed the accompanying chatbot to support people through the process of the sale with unwavering conviction, never breaking character no matter what questions the researchers posed, Dasic said.
"What stood out during our analysis was how tightly controlled the bot's persona was," he wrote. It never broke character and consistently looped back to various claims about how stable and valuable Google Coin is, refusing "to acknowledge any scenario in which the project could be a scam," he wrote.
AI-Powered Crypto Scams Becoming Norm, Not Exception
The bad news for defenders is that these types of online crypto-themed scams are only going to become more common. In fact, research by Chainanalysis cited by Malwarebytes found that roughly 60% of all funds flowing into crypto scam wallets were tied to scammers using AI tools.
This poses yet another risk to online safety, demanding that people hone skills to spot when scammers are behind an offer to buy crypto online. One way is to be suspicious of any AI chatbot on a third-party crypto site that impersonates a known AI brand, Dasic said.
"A chatbot calling itself 'Gemini,' 'ChatGPT,' or 'Copilot' on a third-party crypto site is almost certainly not what it claims to be," he wrote.
Another warning sign is if a chatbot refuses to answer any questions about the legal entity behind the plaform, or other specific, legitimate details about a crypto operation, as scam bots will try to avoid these questions.
Any crypto site projecting specific returns, no matter how attractive they may seem, also is likely fake, Dasic said, because "no legitimate investment product promises a specific future price," he wrote. And as always, he added, any sites that press people to make decisions with a sense of urgency — a hallmark of most online scams — likely are just trying to defraud people of money.
Meridiano
