Clone News Sites Are Funnelling Social Media Users Into Fake Investment Platforms
Fraudsters have built pixel-perfect copies of trusted news outlets, invented celebrity stories, and buried links to fraudulent trading sites inside them. Here is how the scam works and what to do if you see it.

Criminals are running a coordinated fraud campaign in which they replicate the visual identity of well-known news websites, publish fabricated celebrity stories, and use those fake articles to drive social media users toward scam investment platforms designed to steal money.
How the Scam Is Constructed
The mechanics are deceptively simple. Fraudsters clone a news outlet's site, copying its logo, fonts, article templates, author bylines, and even comment sections. Investigators who have examined the pages describe them as convincingly accurate replicas. Nothing in a quick visual scan raises an alarm.
Into that shell, the criminals insert a fictional news story built around a recognisable public figure. In one documented case, the fabricated article claimed that British billionaire Jim Ratcliffe had stormed out of a BBC interview after presenter Laura Kuenssberg confronted him about his finances, and that the clip had subsequently been pulled from iPlayer. None of that happened. The story is entirely invented.
Buried inside the fake article is a link to an investment platform, framed as a private wealth-building tool that Ratcliffe allegedly uses. Click the link, and you arrive at a fraudulent trading site. The site is real enough to accept deposits. The returns it displays are not.
The Psychological Engine Behind It
This is social engineering at scale. The criminals are not exploiting a software vulnerability or cracking a password. They are exploiting trust, specifically the trust readers place in familiar brand names, known journalists, and believable narratives.
The pattern is consistent. A victim deposits a modest amount, perhaps a few hundred pounds, and sees an impressive return appear on screen within days. Encouraged, they deposit significantly more. When they try to withdraw, the platform blocks them, invents a tax or fee that must be paid first, or simply goes dark. The on-screen profits were fabricated from the start.
Regulators across the UK and Europe have tracked a sharp rise in this model over roughly the past two years. The UK's Financial Conduct Authority [FCA] has repeatedly warned consumers that investment platforms must be registered on its public register at fca.org.uk, and that unregistered firms operating in the UK are doing so illegally.
Which Controls Failed Here
The most important control failure in this scam is the absence of any verification layer between social media platforms and the articles linked from them. There is currently no regulation requiring platforms to confirm that a shared article actually originates from the news outlet whose branding it carries. A post can display the Guardian's name, logo, and visual style while linking to a domain the Guardian has never heard of. That gap is the attack surface.
Identity verification for content is a well-understood problem in email security. Domain-based authentication standards like DMARC and DKIM exist precisely to prevent one sender from impersonating another. No equivalent framework applies to news content shared on social media. Until one does, cloned news sites will remain a low-cost, high-reward attack method.
A second failure is on the consumer awareness side. Phishing training inside organisations typically focuses on email, teaching employees to hover over links and scrutinise sender addresses. But these attacks arrive through personal social media feeds, outside any corporate security perimeter. Organisations that invest in security-awareness training covering social engineering tactics give their people the cognitive habits needed to pause and verify before clicking, whether the threat arrives at work or at home.
What Defenders and Consumers Should Do
Several practical steps reduce the risk substantially.
- Go direct. If a news story appears in your social media feed, type the news outlet's address directly into your browser. Search the story on that site. If it does not appear, the article does not exist.
- Check the FCA register. Every legitimate investment platform offering services to UK consumers must be registered. The FCA's public register at fca.org.uk takes seconds to search. If a platform is not listed, do not send money.
- Treat investment links in news articles as red flags. Genuine journalism does not end with a referral link to a trading platform. Any article that does should be treated as fraudulent by default.
- Report immediately. If you have already transferred money, contact your bank's fraud team right away. Report the site to Action Fraud at actionfraud.police.uk. Speed matters: banks can sometimes reverse payments if they are notified quickly.
On the policy side, the UK's Online Safety Act places obligations on platforms to address fraudulent content, and Ofcom is finalising enforcement guidance. The legal framework exists. What remains to be seen is whether enforcement will move fast enough to make a material difference.
The Regulatory Picture
The Online Safety Act and accompanying FCA powers represent meaningful tools. But regulation that lags behind fast-moving fraud campaigns creates a window that criminals will use. The FCA's 2023 Financial Lives Survey found that 29 percent of UK adults had been targeted by a financial scam in the previous twelve months, a figure that reflects how industrialised this kind of fraud has become.
The burden cannot fall entirely on regulators. Consumers, employers, and security teams all have a role. Employers in particular can extend the reach of professional security training into the personal habits of their workforce, because a staff member who loses money to an investment scam on their personal phone on a Saturday afternoon is still a human risk factor on Monday morning.
Anyone who wants to understand the broader controls landscape, from social engineering defences to identity verification standards, can explore Train2Secure's compliance standards library or review training options that fit different team sizes.
How your team can stop social engineering before it lands
- Train staff to apply the same link-verification habits in their personal lives that they use at work, because social media scams do not respect office hours.
- Run simulated social engineering scenarios that go beyond email phishing to include fake news articles and impersonation tactics.
- Establish a clear internal reporting path so employees who spot suspicious content, or who have already clicked, can report without fear of blame.
Train2Secure offers security-awareness programmes built around real attack patterns like this one, so your people recognise the trap before they fall into it.
Start free, no card requiredSources & further reading
Frequently asked questions
How can I tell if a news article in my social media feed is fake?
Type the news outlet's address directly into your browser and search for the article on their real site. If it does not appear there, the article is fabricated. Never rely on what a social media post displays as the source.
How do I check whether an investment platform is legitimate in the UK?
Search for the firm on the Financial Conduct Authority's public register at fca.org.uk. Any platform offering investment services to UK consumers must be registered. If it is not listed, treat it as fraudulent.
What should I do if I have already sent money to one of these platforms?
Contact your bank's fraud team immediately and ask them to attempt a payment recall. Then report the platform to Action Fraud at actionfraud.police.uk. Acting quickly gives you the best chance of recovering funds.
Why does this scam use celebrities and invented TV moments?
Familiar names and plausible events trigger trust before critical thinking kicks in. A story about a recognisable billionaire on a branded news page feels credible in the two seconds most people spend before clicking. That speed is what the scammers rely on.



