Scammers are using Google Ads to pose as Tesla in an elaborate cybercrime campaign that aims to obtain illicit preorders for the company’s unreleased Optimus humanoid robot and other items.
These deceptive sponsored listings appear prominently in search results for terms like “Optimus Tesla preorder,” directing users to counterfeit websites that mimic Tesla’s official domain.
Unlike traditional phishing attacks aimed at credential theft, this operation focuses on extracting non-refundable deposits and potentially harvesting payment card details for resale or fraudulent use, exploiting the hype surrounding Tesla’s AI-driven robotics advancements.
Emerging Scam Targets Tesla Enthusiasts
The scam capitalizes on Tesla’s history of accepting preorders with refundable deposits for products like the Cybertruck, creating a veneer of legitimacy.
However, Tesla has not officially announced preorders for Optimus, despite demonstrations showcasing its evolving capabilities in tasks such as dishwasher loading, laundry folding, and lawn mowing.
Fraudulent sites demand a $250 non-refundable deposit, aligning closely with Tesla’s past pricing strategies to enhance credibility.
Investigations reveal that these platforms do not process actual charges immediately; instead, they collect credit card information, which could be exploited later on underground markets or “carder” forums online black markets for stolen payment data that remain active despite law enforcement crackdowns.
Forensic examination of the implicated domains, including offers-tesla.com (currently operational), exclusive-tesla.com, and prelaunch-tesla.com (both recently taken offline), shows they deploy near-identical replicas of an outdated Tesla.com layout from around March to May 2025, based on file timestamps in exposed directories like /api and /js.
These sites lack functional login pages, a deliberate omission that prevents users from monitoring order status and delays scam detection.
Technical Analysis Reveals Copied Designs
When attempting a test transaction, the system accepts invalid card details without immediate validation, redirecting to a bogus authentication subdomain like auth.cp-tesla.com a subtle deviation from Tesla’s legitimate auth.tesla.com endpoint.
No confirmation emails are dispatched, suggesting automated failures or spam filtering as part of the ruse to avoid scrutiny.
Additional suspect domains such as private-tesla.com, corp-tesla.com (which redirects to the real Tesla site), www-tesla.com, and hyper-tesla.com exhibit varying states of accessibility, indicating a rotating infrastructure to evade takedowns.
Hosted behind Cloudflare’s content delivery network, these sites obscure their origins and enhance resilience against detection.
Data submission routes to disparate endpoints, including https://caribview.info/tesla/, hinting at a distributed command-and-control setup that fragments evidence trails.
This modular architecture not only facilitates rapid deployment of new fake sites but also complicates attribution, as threat actors can pivot domains swiftly upon discovery.
The absence of immediate financial processing raises suspicions of data harvesting for card-not-present (CNP) fraud, where stolen details are used for online purchases elsewhere.
While Tesla likely monitors and issues takedown requests evidenced by the short lifespan of these sites, often just days the campaign persists through Google Ads’ sponsored ecosystem, underscoring vulnerabilities in ad verification processes.
Victims may remain unaware until anticipated delivery dates pass, potentially months or years later, amplifying the scam’s stealth.
Cybersecurity experts recommend verifying URLs directly on tesla.com, avoiding unsolicited ads, and reporting suspicious listings to Google and authorities to mitigate such threats.
This incident highlights broader risks in AI product hype, where enthusiasm for innovations like Optimus blinds users to social engineering tactics.
As Tesla advances its robotics without firm release timelines, consumers should exercise caution, prioritizing official channels to prevent falling prey to these evolving financial exploitation schemes.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
Source link
