Tesla is ramping up the hype for its Optimus robot, but scammers are stealing the momentum and targeting early adopters’ money with a sophisticated scam campaign. Fraudsters are running ad campaigns and collecting credit card information on fraudulent preorder sites. Beware: Tesla hasn’t officially opened any preorders.
Search for “Optimus Tesla preorder” on Google, and you’ll find sponsored listings at the top of search results leading to malicious websites, warns Johannes B. Ullrich, Ph.D., dean of research at SANS.edu, who discovered the ongoing scam campaign.
Hackers have already launched multiple websites, including offers-tesla[.]com, exclusive-tesla[.]com, prelaunch-tesla[.]com, and others that display cloned older designs of the original Tesla.com website.
The sites ask potential victims for a $250 non-refundable deposit and advertise a $1,180 discount off the final price of the Optimus bot. This deposit is similar to the one Tesla asked for in prior preorder events. However, hackers also accept preorders for other Tesla products.
Ullrich notes that Tesla has demoed progressively more sophisticated versions of its bots in previous media events. However, aside from an April Fools joke announcing a presale, the tech billionaire Elon Musk’s company has not opened any official preorders.
To understand how the threat actors operate, the security researcher attempted to place a pre-order on one of the fraudulent websites with a test credit card number.
“It was accepted, showing that the credit card was not charged (yet?). Next, I was directed to auth.cp-tesla[.]com to set up an account. I never received the e-mail confirmation, so I am not sure if my spam filters dropped it or if it is supposed to fail,” Ullrich said in a post.
The legitimate Tesla site uses auth.tesla.com for authentication.
The researcher believes that it’s likely too complicated for scammers to set up a credit card processing system, so they collect payment card data instead. Credit card information may later be used for fraudulent orders or sold on illicit carding marketplaces.
The fake websites remain active for a few days before being shut down.
Multiple malvertising campaigns have been running on Google Search, disguised as official brand promotions but deceiving customers into visiting malicious websites.
Over the past year, Cybernews has reported on hackers impersonating Facebook, Amazon, Microsoft, and utility software such as Slack, Notion, Calendly, Odoo, Basecamp, the KeePass password manager, Bandicam Recorder, or even Google itself.
Threat actors have been using similar fraud schemes to steal Google Ads accounts to publish even more fake ads.
Your email address will not be published. Required fields are markedmarked