The recent compromise of one of the South African Parliament’s Youtube accounts, to promote a fraudulent “$Ramaphosa” cryptocurrency token, underscores the insidious nature of scammers impersonating trusted figures or institutions and abusing their public currency: trust.
By Anna Collard, senior vice-president: content strategy and evangelist at KnowBe4
The speed with which the “$Ramaphosa” token was created and promoted via the hacked accounts suggests a well-orchestrated and financially motivated operation. One breach can quickly become a trust multiplier, where criminals hijack an authoritative source to spread fraudulent schemes to a vast audience.
Exploiting trust
This incident is not an isolated event. Cybercriminals have increasingly exploited the credibility of public figures and institutions to deceive the public. By impersonating celebrities and reputable organizations, they manipulate trust to fuel financial scams.
And with deepfake technology these tactics are becoming more deceptive than ever. Fraudsters have used AI-generated deepfakes of Elon Musk, Jeff Bezos, and even Warren Buffett to promote bogus crypto investments.
The Guardian recently reported how cybercriminals have been using impersonated versions of influencers and celebrities including the money expert Martin Lewis and radio DJ Zoe Ball to dupe thousands of victims worldwide.
How to protect yourself and your online presence
Whether you’re a consumer or a content creator, staying vigilant against these scams is crucial.
For consumers:
• Verify Sources: If a financial opportunity sounds too good to be true, assume it’s a scam until proven otherwise. Cross-check announcements from official websites and verified social media accounts.
• Be Sceptical of Celebrity Endorsements: Even if a video appears to show a well-known figure promoting an investment, deepfakes can be convincing – don’t trust without verifying.
• Educate Yourself on Social Engineering Tactics: Scammers prey on emotions – fear, urgency, or excitement – to bypass critical thinking. Take a moment to pause and assess before clicking.
For YouTube channel owners and organisations:
• Strengthen Security: Combine strong passwords with multi-factor authentication (MFA) on all accounts to reduce the risk of unauthorized access.
• Monitor Activity Constantly: Set up alerts for unusual logins or changes to your channel. If anything suspicious appears, act immediately.
• Warn Your Audience: If a breach happens, transparency is key – immediately inform your subscribers to prevent them from falling for scams in your name.
Cultivate a zero trust mindset
With the increasing use of AI-powered deception, both individuals and institutions must adopt a Zero Trust Mindset – assuming that no digital interaction is inherently trustworthy until verified.
Cybercriminals prey on trust – whether by hijacking government social media accounts, impersonating public figures, or deploying deepfake scams. The Parliament hack is a case study in how bad actors weaponize credibility to spread financial fraud.
A Zero Trust approach means:
* Verifying all sources before engaging, especially with financial transactions.
* Assuming that impersonation is likely, even from seemingly reputable accounts.
* Strengthening security measures—both personally and institutionally—through multi-factor authentication, account monitoring, and public awareness.
The digital landscape is shifting – fraudsters are evolving, but so can we.