Listen to this Post

The online investment scam known as Nomani is rapidly evolving, exploiting social media platforms with ever more sophisticated tactics. Recent findings from Slovak cybersecurity firm ESET reveal a 62% increase in the reach of Nomani campaigns, which have now spread from Facebook to platforms like YouTube. Using AI-generated videos, fake testimonials, and cleverly disguised advertising, scammers are deceiving users into investing in nonexistent schemes promising high returns, only to steal their money.
Rising Threat Across Social Media
First documented in December 2024, Nomani has grown into a widespread digital fraud operation. ESET blocked over 64,000 URLs linked to the scam in 2025, with most detections reported in Czechia, Japan, Slovakia, Spain, and Poland. The scam targets unsuspecting users by using company-branded posts and AI-enhanced video content that appear realistic, making it difficult for people to distinguish truth from deception.
Deceptive Tactics to Extract Money
Victims are often lured by the promise of high returns. When attempting to withdraw funds, they are asked for additional fees or sensitive personal information, including IDs and credit card details. In a cruel twist, the scammers sometimes approach victims again, posing as Europol or INTERPOL representatives offering assistance to recover lost funds, tricking them into further financial losses.
AI-Enhanced Deepfakes and Phishing
ESET notes that Nomani’s fraudsters have upgraded their tactics significantly. Deepfakes now feature higher resolution, more natural movements, and improved audio-visual synchronization, making the fake endorsements appear increasingly authentic. The scammers exploit trending events and public figures to give their campaigns an air of credibility. For example, in Czechia, fake news claimed the government was investing in a scam cryptocurrency platform, fabricating massive returns.
Short-Lived Ads and Cloaking Techniques
To avoid detection by social media platforms, Nomani campaigns often run for just a few hours. Users who do not meet targeting criteria are redirected to benign pages, minimizing the footprint of the scam. Additionally, scammers increasingly abuse legitimate tools like surveys and forms within social media frameworks to harvest personal data without triggering platform defenses.
AI-Assisted Phishing Page Development
The phishing pages themselves are also showing signs of AI assistance. ESET observed that templates used to create fraudulent sites incorporate AI-generated HTML code, often hosted on GitHub by Russian or Ukrainian users. Despite these advances, detection numbers indicate that law enforcement actions may be forcing scammers to rethink their strategies, with a 37% drop in detections in the second half of 2025 compared to the first half.
Corporate Responsibility and the Meta Connection
The rise of Nomani coincides with reports revealing that nearly a fifth of Meta’s $18 billion ad revenue in China came from illegal content, including scams and gambling. Some ad agencies reportedly allow prohibited advertisements to run unchecked. Meta has since placed its ad program under review. Reuters also reported that approximately $16 billion of Meta’s 2024 revenue—roughly 10% of its global revenue—may have originated from ads linked to scams like Nomani, underscoring the massive scale of the problem.
What Undercode Say:
Nomani represents a clear example of how modern scammers are exploiting technological advances to deceive users at scale. By integrating AI-generated videos and deepfakes, the fraudsters have raised the bar for social engineering attacks. Unlike traditional scams, Nomani leverages realism and topical relevance to foster trust and reduce skepticism among potential victims.
The strategy of targeting multiple social media platforms simultaneously highlights an adaptive approach, maximizing reach and minimizing the risk of detection. Short-lived campaigns and cloaked redirect pages are sophisticated evasive maneuvers, showing that cybercriminals are aware of detection algorithms and platform security mechanisms.
ESET’s data suggests that although the overall threat is growing, law enforcement interventions and platform moderation have begun to disrupt operations, evidenced by the decline in detections during the latter half of 2025. However, the fact that AI tools are used for both content creation and phishing page generation indicates that the threat will continue to evolve unless countermeasures become equally adaptive.
Furthermore, the Meta revenue reports illustrate a broader systemic problem: large social media companies, intentionally or not, may indirectly support scam proliferation through insufficient ad monitoring and reliance on third-party agencies. This dynamic demonstrates the intersection of technology, corporate oversight, and cybercrime, pointing to the urgent need for stricter regulations and enforcement mechanisms.
The exploitation of trending events and public figures underscores the psychological dimension of Nomani. By linking scams to credible narratives, perpetrators reduce cognitive resistance, making it more likely that victims will comply with fraudulent requests. This approach signals a shift from brute-force phishing toward highly targeted, psychologically informed attacks.
AI advancements in deepfake production have lowered detection thresholds, making it more challenging for average users to differentiate genuine content from fraudulent material. This calls for increased digital literacy campaigns and the integration of AI detection tools into everyday cybersecurity solutions.
Nomani also demonstrates the scalability of cybercrime in the modern era. From localized campaigns in Czechia to broader international operations, the infrastructure supporting these scams—AI content generators, phishing templates, and social media ad platforms—enables widespread victimization with minimal operational risk for the attackers.
Looking ahead, cybercriminals are likely to further exploit emerging technologies, including generative AI and virtual reality spaces, to craft even more convincing scams. Nomani may serve as a prototype for the next generation of cyber fraud, merging technical sophistication with behavioral manipulation.
Fact Checker Results:
✅ ESET blocked over 64,000 URLs linked to Nomani in 2025.
✅ AI-generated deepfake videos are confirmed to be used for scam campaigns.
❌ Despite improvements, the scam continues to generate financial losses globally.
Prediction:
The evolution of Nomani suggests that AI-powered scams will become more immersive and harder to detect. Platforms like YouTube and emerging social media will be key battlegrounds. 🚨 Users should anticipate increased sophistication, including realistic deepfakes of well-known personalities, to manipulate trust. Companies and regulators must act proactively, or fraud losses could escalate dramatically in 2026.
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: thehackernews.com
Extra Source Hub (Possible Sources for article):
https://www.pinterest.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon




