Case #3
The victim personally sends funds to the attacker. Deceit in P2P.

There are many ways to buy cryptocurrency, one of the most popular is P2P. (exchange directly between users using a third-party service).
Description of the situation

In this situation, a third-party service is a popular Telegram P2P trading bot. The user of this bot decided to purchase cryptocurrency for fiat money, found the necessary contractor with the required cryptocurrency, and closed the deal.

According to the requirements of the service, both parties agreed on the terms, the user, at his side, transferred fiat funds and waited for the cryptocurrency to be transferred to his blockchain address. The necessary tokens really almost instantly arrived at the specified address. The other side of the transaction immediately notified about this and asked to confirm the transaction faster, referring to large trading volumes and the inadmissibility of spending a lot of time on such small transactions.

User, being a beginner, believed in the “status” drawn by the second party, saw the receipt of tokens and quickly pressed the button for the final deal “funds received in full amount”. The fatal mistake was not to check the number of received tokens. As a result, one zero was missing in the transferred amount. You don't have to be a mathematician to understand that the victim of a scammer received only a 10th part of the funds invested in her.

The attacker din’t get in touch anymore and din’t respond to messages.


Our compliance officer collected all available information and structured the data received from the victim. Based on these data, a detailed appeal was drawn up and sent to all P2P bot contacts in Telegram where the transaction took place.

The collected data was enough for the acceptance of our appeal by the service management. In response, the attacker's blockchain address was revealed to us. The funds were transferred to the victim from a blockchain address belonging to the management of the bot. That is why it was important to get exactly the personal address of the fraudster, which he used when making transactions.

Blockchain investigation through several transit addresses led to the address marked up in our databases and the alleged name of the attacker was established. Additionally, bank details that the scammer left for the victim to transfer fiat funds were checked.

The data from the blockchain investigation completely matched the bank details. The fraudster has been identified.

With the participation of our specialists, the victim contacted the fraudster directly and, due to the threat of litigation, the negotiations were successful. The scammer returned the funds to the victim in full amount.

  • The identity of the intruder was revealed through 2 channels of investigation.
  • Direct contact with the scammer resulted in a refund without the intervention of law enforcement agencies.

Chance to recover stolen funds

Funds returned

Leave an application and we'll do a quick scoping of the situation and give you estimate cost.
Calculate the cost
We also recommend