Surge recorded in websites offering quick earnings on Tesla

Since the beginning of 2023, BI.ZONE has identified almost 3,000 fraudulent domains imitating the website of a Tesla X investment project

June 23, 2023

Adversaries collect personal data from users seeking to invest in Tesla, an American manufacturing company.

Under the pretext of profitable investments, fraudsters attract the residents of Belarus, Kazakhstan, Poland, Russia, Turkey, and EU countries to the Tesla X websites. In fact, the users must take a test by answering finance‑related questions and submit their contact information for registration. Our researchers caution that by filling out such a form, a person shares their personal data (full name, phone number, email address, etc.) with threat actors.

The number of fraudulent websites offering to invest in Tesla is growing every month. The BI.ZONE Brand Protection team detected 157 forged domains in January 2023, 386 in February, 610 in March, 860 in April, 780 in May, and 188 in June so far. There are mostly negative reviews of the Tesla X project on third‑party websites. The very few positive comments look templated and are more likely machine‑generated.

Evgeny Voloshin

Chief Strategy Officer, Head of Security Assessment and Antifraud, BI.ZONE

We also discovered similar schemes for harvesting user information on other websites disguised as investment courses, gas companies, banks, and large enterprises. Both Russian and foreign brands were abused by the adversaries. All of these pages are based on the same template, with only minor differing details.

To avoid such situations, BI.ZONE Brand Protection experts recommend that you vigilantly check the URL before opening a website, opt out of search engine advertising, and avoid clicking targeted advertising links. You should also check the date of domain registration to make sure the website is legitimate. A resource created a couple of days ago posing as a website of a high‑profile company is most likely fraudulent.