The world’s fastest-growing online fraud runs on fake investment platforms that clone legitimate brands—and the romance is just the delivery mechanism.
The trading dashboard looked legitimate: real-time price charts, a growing account balance, the polished interface of a professional crypto exchange. Joe Novak logged in daily to watch his investment climb. The platform displayed verification badges, offered responsive customer support, and processed his initial withdrawal without issue. All the signals of a trustworthy financial services company.
None of it was real. The exchange was a pixel-perfect clone operated by a criminal syndicate in Southeast Asia. The “fashion designer” who introduced Novak to the investment opportunity over three months of daily conversations didn’t exist either. By the time he understood that both the relationship and the platform were fabrications, he’d transferred his entire $280,000 divorce settlement to accounts he would never recover.
Novak’s story has become distressingly common. Crypto wallets linked to romance-investment scams received $12.4 billion in 2024, a 40% increase over the prior year. The FBI’s Operation Level Up has contacted over 8,100 victims, finding that 77% were unaware they were being scammed until federal agents called them.
For security teams, the critical insight isn’t the romance—it’s the infrastructure. Every one of these operations requires fake platforms bearing the logos, interfaces, and trust signals of legitimate financial brands. The manufactured relationship simply delivers victims to the fraudulent doorstep.
Your brand is the infrastructure
These aren’t isolated confidence schemes. They’re industrialized brand impersonation operations.
Criminal syndicates operating from compounds across Southeast Asia have built assembly lines for fraud. They clone the interfaces of legitimate crypto exchanges, complete with trading dashboards showing fabricated gains. They pose as licensed financial advisors, sometimes using real names and credentials scraped from FINRA’s BrokerCheck. They deploy celebrity deepfakes (Elon Musk is the most commonly impersonated) to promote schemes through AI-generated video ads on legitimate social platforms.
Meta removed more than two million accounts linked to scam centers in 2024. FINRA noted a 300% increase in complaints about fraudulent “investment groups” featuring deepfake videos of real financial professionals. Yet the volume continues to grow, because the underlying economics favor attackers: the infrastructure is cheap, the templates are reusable, and the brands being impersonated bear no direct cost for the abuse.
That last point deserves emphasis. Victims frequently blame the legitimate companies whose names were misused. Customer support teams field calls from people demanding refunds from platforms they never operated. The trust erosion compounds across the entire customer relationship, even when the company did nothing wrong.
AI changed the economics
Romance fraud once required patience. Scammers spent months building individual relationships, limiting how many victims they could cultivate simultaneously.
Generative AI removed that constraint. As we documented in our analysis of AI-powered fraud, scammers now deploy chatbots to maintain conversations across dozens of simultaneous victims. For $200 in cryptocurrency, operators purchase “face-changing services” enabling real-time deepfake video during live calls. Victims who once might have demanded video verification as proof of identity now find themselves deceived by synthetic faces that smile, nod, and respond convincingly.
Traditional social engineering awareness training assumes employees can spot deception through observable cues: awkward phrasing, grammatical errors, reluctance to appear on camera. As we explored in our analysis of the training myth, AI-generated content contains none of these signals. The messages are flawless. The voices are cloned. The faces are indistinguishable from reality.
Why this matters for enterprise security
Pig butchering may appear distant from enterprise security concerns. That framing misses the operational reality.
Employees are targets. The bank CEO who embezzled $47 million from Heartland Tri-State Bank in Kansas—causing the institution’s failure—did so while trying to recover funds he’d lost to these scams. High earners with access to corporate funds make particularly attractive marks.
Your brand is attack surface. Every fraudulent investment platform using a legitimate company’s visual identity extends that company’s exposure into territory it cannot directly monitor. The detection gap that exists for traditional phishing applies equally here: organizations rarely discover these impersonations until victims report them, and by then substantial harm has occurred.
The response burden falls on you regardless of liability. When victims realize they’ve been defrauded, many contact the brands whose names appeared on fake platforms. Managing those interactions with appropriate care, while clarifying that you bear no legal responsibility, becomes an operational reality.
The Bottom Line
Romance scams have evolved into a $12 billion online fraud industry powered by AI, operated through human trafficking networks, and enabled by systematic brand impersonation. The question isn’t whether this threat is relevant to enterprise security: it’s how to extend visibility into the external attack surface where these operations leverage your brand’s identity without your knowledge.
The organizations adapting most effectively treat consumer-facing impersonation with the same urgency they apply to direct attacks on corporate infrastructure. The trust your brand represents doesn’t distinguish between the customers you serve and the victims scammers target in your name.
Key Takeaways
Romance-investment scams generated $12.4 billion globally in 2024, up 40% year-over-year. The FBI has identified over 8,100 active victims through Operation Level Up, with 77% unaware they were being scammed until contacted by federal agents.
Scammers clone legitimate financial platforms, pose as licensed advisors using real credentials, and deploy celebrity deepfakes to promote schemes. The brand infrastructure is what makes the fraud convincing. The romance just delivers victims to it.
Generative AI enables scammers to maintain dozens of simultaneous victim relationships through chatbots and create real-time deepfake video for “verification” calls. The traditional red flags no longer apply.
Fraudulent platforms using your brand identity extend your attack surface into unmonitored territory. Employees with access to corporate funds are high-value targets. And the response burden falls on legitimate companies regardless of legal liability.
