RateCaptain
  • Home
    • About Us
    • Contact Us
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
No Result
View All Result
Subscribe
  • Home
    • About Us
    • Contact Us
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
No Result
View All Result
RateCaptain
No Result
View All Result
Home Cryptocurrency

How I Accidentally Uncovered a Crypto Mining and Investment Fraud Network- Jeremiah Fowler

Rate Captain by Rate Captain
January 11, 2024
in Cryptocurrency
Reading Time: 9 mins read
A A
0
How I Accidentally Uncovered a Crypto Mining and Investment Fraud Network- Jeremiah Fowler
Share on FacebookShare on TwitterShare on WhatsappShare on Telegram

AlsoRead

Nigeria’s Crypto Regulations Reshape Market, Threaten Traditional Players

Bitcoin Hits Record $112,000 as Institutional Investors Fuel Crypto Rally

Iran’s Top Crypto Exchange Nobitex Loses $90 Million in Hack, Funds Destroyed

Recently, a friend of mine who is a novice crypto investor reached out to me asking if I could look into a company that promotes crypto mining and investment. The website promised returns that seemed too good to be true and had various other red flags. Unfortunately, by the time I got back to them with this information, my friend had already transferred several thousand dollars worth of Bitcoin. They were told they had earned a substantial return on their investment, but when they tried to withdraw their money, things took a dark turn. The fraudsters demanded additional fees to be paid before allowing the withdrawal; then, they threatened to close the account and call the police if my friend did not send more money. At this point, it was clear that the investment was fraudulent, there was no profit, and nothing would be returned.

According to a 2022 report by the FBI’s Internet Crimes Complaint Center (IC3), investment fraud caused the highest losses of any scam in the US, totaling as much as $3.31 billion. Cryptocurrency scams represented a majority of fraudulent activity, increasing 183% from 2021 to $2.57 billion in reported losses last year. There are likely many more victims who didn’t report their incidents or didn’t even realize that they had been scammed. What’s worse is that, even if they report it, there’s no way to identify the criminals hiding behind anonymous domains and encrypted chat applications.

By now, most people know what crypto currency is, and Bitcoin has become a household name, so I won’t go into detail about blockchain or complex algorithms. The purpose of this story is to recount my investigation, identify the real financial risks of crypto investment scams, and hopefully protect future victims. As a cyber security researcher, I am always looking for exposed data, open ports, and other security vulnerabilities. I am used to tracking down and finding the owners of databases – often with very little information or clues. Sometimes, this can take days or weeks; other times, I never figure out who owns the exposed datasets. As a data detective, I thought identifying the owner of a crypto mining and investment website would be an interesting challenge. Little did I know that I would discover much more and uncover an expansive fraud network targeting novice crypto investors worldwide.

How the scam works

The scam started through social engineering, which is an umbrella term for any attack performed by exploiting human psychology and manipulating an individual’s trust. Scammers use this method to deceive their victims and convince them to perform actions that benefit the perpetrator. In this case, someone contacted the victim on Instagram, pretending to be an acquaintance and telling the victim that if they ever want to invest in crypto with big returns, they should contact this mystery person that the scammer has successfully invested with. Next, the criminals send the victim a name, a WhatsApp or other messenger contact, and a website link. The scammers have multiple websites, but they all use the same modern-looking template that comes with graphs and fake images of deposits and withdrawals from other customers. The text is in broken English, but still realistic enough to give the impression that they are a legitimate investment company. All the domain names and text on the sites are structured toward building trust.

Many of the sites have trust logos of major credit cards and payment methods, but when a potential victim tries to make a deposit, it turns out they only accept Bitcoin (presumably because it is extremely difficult to recover once it is stolen). After the victim invests the minimum amount, the scammers will sometimes allow an initial withdrawal and even add a small amount of profit. The victim then feels confident that they are dealing with a real company and either leaves the money in their account or adds more funds in Bitcoin. Next, the scammers offer three membership levels with minimum investment amounts and guaranteed monthly returns as high as 20%. The scammers then encourage the victims to pull in friends or family members, knowing that people are more likely to invest when someone they know and trust vouches for the scheme. This continues until the victim realizes that they are unable to withdraw their investment and that all the alleged profits are fake numbers in their user dashboard.

Reviewing the website

The name of the website that scammed my friend was a well-known corporate brand name combined with the word “invest”. This would give the impression that the site was connected to or supported by this organization and create a false sense of trust with the would-be investor. However, there were various clues suggesting that something was off with the website. The first red flag was stock photos of the supposed company leaders, whose names appeared to be painfully fake. Then, when I tried the website’s chat feature, someone posing as the CEO replied immediately with a prewritten script about how trustworthy they are and how safe my investments would be. I also called the phone number on the website, but it was not functional and went straight to voicemail. Finally, the website had an image of a UK registration document in their name that didn’t match the records of Companies House, the agency of the British Government that maintains the registration of companies.

I immediately became suspicious that the site didn’t seem legitimate and decided to dig deeper. Looking at the source code of a website can provide a wealth of information, such as analytics accounts, templates or plugins that are used, and other unique footprints. When cross-referencing these identifiers, I discovered that these individuals had a large network of nearly 300 websites. Some of them were exact clones and others were slightly different, but all of them offered the same promises of safe investments with unrealistic returns as well as fake business registration documents from multiple countries. Most of the domains were registered with privacy protection, but several older domains were registered to an individual based in Nigeria. The.US domains are intended to be registered to citizens of the United States and cannot be registered privately. These domains were registered to an individual with a surname that does not exist, and it seems that no one by that name ever lived at the listed address.

There are countless complaints online of victims who have fallen for this type of investment scam. The chances of recovering stolen cryptocurrency are generally low if not impossible compared to traditional financial scams. The decentralized and pseudonymous nature of cryptocurrencies can make it challenging to identify and track down scammers. I highly recommend that anyone looking to invest in crypto currencies thoroughly researches the company or website to avoid falling victim to scams. No legitimate company would coerce customers into making additional deposits in order to withdraw the funds that they have already paid. In this case, the scammer would show large returns and then demand more money in the form of fees or fictitious taxes before allegedly releasing the profits to the investor.

A separate victim described the scam as follows: “I was directed to a “withdrawal funds” button which once I clicked and completed my request, I received the error message attached to this complaint. Basically stating my investment account required me to upgrade. I learned the “upgrade” required an additional payment. There were 3 levels of upgrading your level from basic to either an $850, $1300 or $2800 via the website. It is only then you’d be able to withdraw the funds smoothly. Is the term constantly used by the person on WhatsApp”. However, it’s highly unlikely that the funds will ever be available for withdrawal, as the money was probably stolen immediately after the initial deposit was made. Usually, the scammers would open a new wallet for each victim, withdraw the funds as soon as the victim transferred their crypto investments, and then close the wallet. This way, it’s nearly impossible to tie the scam’s transactions to a specific wallet.

Scammers use well-known brand names to make it much harder for potential victims to verify complaints or reviews from other victims, as the Google search results are skewed to favor top brands and authority websites. This makes fraudulent sites dangerously effective because any negative information will probably be buried too deep in the search results for the average user to properly verify if the business is legitimate or not. The unauthorized use of a company’s name is also illegal and is known as cybersquatting or domain name squatting. An example of this is when criminals register or use a domain name with the intent to profit from the reputation or goodwill of someone else’s trademark or brand.

I contacted the scammers directly, notified them of my investigation, and requested that they refund the money they had stolen from their victims. I also asked them for an interview, but they predictably ignored the message and will likely never return the cryptocurrency they have taken. I reported a list of domains, IP addresses, and other relevant information to multiple law enforcement agencies, but these criminals are often based in locations out of their reach. I also notified both the hosting providers and domain registrars of my investigation. This way, they can review the websites for terms-of-service violations, document any billing information, names, or other data pertaining to the scammers, and pass it on to law enforcement. Taking these sites offline and having their accounts suspended is important to prevent more victims and to disrupt the scam network. It should be noted that I was able to get around 60-70% of the domains I discovered suspended by the time of publication.

Hosting providers and domain registrars are failing to protect the public

The revenue is there, but the enforcement of safety measures is not. In 2022, the web hosting industry generated roughly $79 billion in revenue worldwide, and the global domain name registrar market is expected to reach more than one billion dollars per year by 2027. Unfortunately, until hosting providers and domain registrars get serious about cracking down on cyber criminals who abuse their services, these scams will continue to flourish. Something they could do to potentially prevent this type of scams is to reform how private or anonymous registrations are validated or vetted.

The industry focuses on sales and renewals while seemingly doing the bare minimum to protect victims. Most hosting providers and domain registrars don’t really provide users with a meaningful way to report sites with anonymous registrations, nor do they allocate the resources to investigate all complaints. These companies should have an obligation to ensure the protection of the general public who will visit websites engaged in criminal activities. One way to do this would be to change the laws to require domain registrars and hosting providers to implement a Know Your Customer (KYC) system similar to banks or credit institutions. This way, when a scammer uses their services, they can no longer use false names and fake addresses. Once a crime is reported in relation to that domain, law enforcement will know who is the individual behind the website.

How a crypto investment scam works

Crypto investment scams can come in all shapes and sizes. The end result is always the same, though – to deceive individuals into investing their money with the promise of unrealistically high returns. These are the basics of how a crypto investment scam usually works:

  • Initial contact: Scammers typically reach out to potential victims through unsolicited communication channels, such as cold calls, emails, social media messages, or online advertisements. They may pose as cryptocurrency brokers, investment advisors, or representatives of a fake investment firm.
  • False promises: Scammers entice victims with promises of high and quick returns on their investments. They may claim to have insider information, secret strategies, or advanced trading algorithms that can generate substantial profits.
  • Urgency and pressure: To push victims into making quick decisions without proper consideration, scammers often create a false sense of urgency. They might say that the investment opportunity is limited or that prices will rise rapidly, urging victims to act immediately.
  • Fake websites or platforms: Scammers may direct victims to fraudulent websites or investment platforms that mimic legitimate cryptocurrency exchanges or investment firms. These fake platforms are designed to appear professional and trustworthy, making it difficult for victims to distinguish them from genuine ones.
  • Initial investment: Victims are asked to invest their funds into the scheme. Scammers may request payment in crypto or traditional currencies, claiming that it’s necessary to unlock the investment opportunity.
  • Disappearing act: Once the victims have deposited their funds, scammers may vanish, cutting off all contact. They might even close the fake website or platform, making it nearly impossible for victims to retrieve their money or seek help.

To protect yourself from crypto investment scams, consider the following precautions:

  • Do your research and due diligence: Thoroughly investigate any investment opportunity, including the individuals or companies involved. Verify their credentials, check for licenses or regulatory approvals, and search for reviews or warnings from reputable sources.
  • Avoid unsolicited offers: Be cautious of unsolicited communication, especially if it promises guaranteed profits or high returns. Legitimate investment opportunities are rarely offered through cold calls, emails, or social media messages.
  • Use secure platforms and wallets: Use reputable and secure cryptocurrency exchanges, wallets, and investment platforms. Ensure they have robust security measures, such as two-factor authentication (2FA) and encryption.
  • Verify information independently: Don’t solely rely on information provided by the person or entity promoting the investment. Seek independent advice from trusted financial advisors or professionals.
  • Trust your instincts: If something seems too good to be true or you feel pressured to make quick decisions, trust your gut and take the time to carefully consider the investment.
Previous Post

Top Story: CBN Dismisses Boards of Union, Titan, Keystone, and Polaris Banks  

 Next Post

NGX Records N638 Billion Loss First Market Depreciation of the Year

Related News

Investors Experience $50 Billion Loss as Bitcoin (BTC) Slides to $41K

Nigeria’s Crypto Regulations Reshape Market, Threaten Traditional Players

by Bolarinwa Mathew
July 15, 2025
0

Nigeria’s Investment and Securities Act (ISA) of 2025 has officially recognized cryptocurrencies as an asset class, introducing a robust regulatory...

BTC’s Price Rises as Market Reacts to the Fed hawkish move.

Bitcoin Hits Record $112,000 as Institutional Investors Fuel Crypto Rally

by Bolarinwa Mathew
July 10, 2025
0

Bitcoin reached an unprecedented peak of $112,009 late Wednesday, propelled by a surge in institutional investment and a favorable policy...

Bitcoin plunge create a Tsunami of $129 billion loss

Iran’s Top Crypto Exchange Nobitex Loses $90 Million in Hack, Funds Destroyed

by Bolarinwa Mathew
June 24, 2025
0

Nobitex, Iran’s largest cryptocurrency exchange, suffered a devastating cyberattack that drained at least $90 million from its hot wallet, with...

Bitcoin’s Price Volatility Reaches Record Lows, Raising Expectations for a Dramatic Reversal.

Bitcoin Stalls Amid Israel-Iran Tensions and Hawkish U.S. Fed Policy

by Rate Captain
June 20, 2025
0

Bitcoin hovered around $105,200 on Thursday, reflecting a cautious crypto market rattled by escalating tensions between Israel and Iran and...

Next Post
Nigerian Equity Market Sees Impressive N1.08tn Wealth Gain Amidst Bullish Trading.

NGX Records N638 Billion Loss First Market Depreciation of the Year

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Nigerian Fintechs Shine in CNBC’s 2025 Top 300 Global Fintech List

July 17, 2025
Battered Commodity Currencies Gain Attention Amid Dollar’s Decline.

Naira Weakens to N1,560/$1 Ahead of CBN’s 301st MPC Meeting

July 17, 2025

Popular Story

  • Navigating Inflation Crossroads: Nigeria’s Economic Odyssey Amidst Global Trends

    Nigeria’s Inflation Dips to 22.22% in June 2025, But Monthly Pressures Persist

    0 shares
    Share 0 Tweet 0

  • Nigeria’s E-Payment Transactions Reach Record High of N1.07 Quadrillion in 2024

    0 shares
    Share 0 Tweet 0

  • CBN and DMO at Odds as 364-Day Treasury Bill Rate Drops to Six-Month Low of 17.82%

    0 shares
    Share 0 Tweet 0

  • FG Takes Governors to Supreme Court Over Local Government Allocations

    0 shares
    Share 0 Tweet 0

  • CBN Introduces N100,000 Daily Cash-Out Limit for POS Transactions

    0 shares
    Share 0 Tweet 0
RateCaptain

RateCaptain

We bring you the most accurate in new and market data. Check our landing page for details.

  • Home
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Disclaimer
  • Cookie Policy
  • Contact Us

Copyright © 2022 RateCaptain - All rights reserved by RateCaptain.

No Result
View All Result
  • Home
    • About Us
    • Contact Us
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates

Copyright © 2022 RateCaptain - All rights reserved by RateCaptain.

RateCaptain
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
?>