Crypto fraud schemes and consequences of interacting with "dirty" crypto
Today’s presentation consists of two parts.
In the first part, I will tell you how scammers in the cryptosphere can deceive you.
And in the second — how attackers can use you to launder dirty crypto-assets.
In the first part, I will tell you how scammers in the cryptosphere can deceive you.
And in the second — how attackers can use you to launder dirty crypto-assets.
→ Issues
→ First scheme: "FINANCIAL MENTOR"
→ Second scheme: "A PHISHING SITE"
→ Third scheme: "A FAMOUS PERSON"
→ Fourth scheme: "P2P-EXCHANGE OF CRYPTO WITH A GUARANTOR"
→ Fifth scheme: "THE P2P TRIANGLE"
→ Sixth scheme: "NULL TRANSACTION"
→ Seventh scheme: "CLIPPERS"
→ Eighth circuit: "ADDRESS WITH MULTISIG"
→ What to do if you become a victim of scammers?!
→ I’m NOT a victim!
→ First scheme: "FINANCIAL MENTOR"
→ Second scheme: "A PHISHING SITE"
→ Third scheme: "A FAMOUS PERSON"
→ Fourth scheme: "P2P-EXCHANGE OF CRYPTO WITH A GUARANTOR"
→ Fifth scheme: "THE P2P TRIANGLE"
→ Sixth scheme: "NULL TRANSACTION"
→ Seventh scheme: "CLIPPERS"
→ Eighth circuit: "ADDRESS WITH MULTISIG"
→ What to do if you become a victim of scammers?!
→ I’m NOT a victim!
Issues
Our company is engaged in the development of blockchain analytics tools, conducting investigations of crypto incidents, as well as countering the laundering of dirty crypto assets.
The market capitalization of the main crypto assets is 1.1 trillion dollars. There are about 425 million owners of cryptocurrencies in the world.
But this market attracts not only respectable users, as you may be. Over the past 6 years, 60 billion dollars have passed through the identified addresses of the attackers.
The schemes of the scammers were all sophisticated…
Now I will try to tell you about some of them. Going one step ahead we need all this energy of attackers, but in a peaceful direction.
Now I will try to tell you about some of them. Going one step ahead we need all this energy of attackers, but in a peaceful direction.
FIRST SCHEME: "FINANCIAL MENTOR"
On the Internet, you are faced with investment advertising. Successful mentor tells you that you will be rich if you follow his advices.
You deposit your first money, then again and again. But, after that, unfortunately you can’t withdraw anything.
When you try to withdraw, you must … pay insurance, taxes. Or you just indicated the wrong amount, you need to put the same amount in order to pull everything out. Under any pretext, you will be convinced that you need to invest more.
SECOND SCHEME: "A PHISHING SITE"
You need to install Metamask wallet to your laptop.
You googled Metamask and opened any website. The website wants you to create an address or connect an old one. Entering a SEED phrase followed by some error. You tried again and it worked.
What happened?! You have landed on a phishing site.
This is a site created by scammers. It is like two drops of water similar to the real one. When you enter a seed phrase, it goes to scammers. But scammers don’t want you to suspect something. Therefore, after filling out, they transfer you to the original site. The next question is when your funds will be stolen from you.
This is a site created by scammers. It is like two drops of water similar to the real one. When you enter a seed phrase, it goes to scammers. But scammers don’t want you to suspect something. Therefore, after filling out, they transfer you to the original site. The next question is when your funds will be stolen from you.
Third scheme: "a famous person"
A well-known personality from Twitter, Discord, YouTube offers you a super advantageous offer. You are following this person. You have confidence in him.
Suddenly, on behalf of this person, a super offer is published. Almost a win-win lottery. Your brain explains this with the phrase “The rich have their own quirks, since they are ready to simply multiply the amount of investments,” or some other reason you find why this could be true.
Not everyone assumes that a famous person could be hacked. On his behalf, a super advantageous offer is published. Further, users do everything themselves. Sending funds to … a scammer, not Elon Musk, Bill Gates or whatever.
Fourth scheme: "P2P-exchange of crypto with a guarantor"
P2P is an exchange between two users. It’s hard to trust a stranger. Therefore, a third party appears in the transaction, with a high reputation in the eyes of other participants.
So you want to exchange your bitcoin, you found some TG group or Service where user offers a very good course. The user offers you a guarantor.
You are looking at the guarantor. Lots of positive feedback. You send funds to the guarantor, wait for the funds to be credited to your bank card or crypto wallet.
Only nothing happens. You have been deceived. Attackers start deleting messages, profiles turn out to be fake.
You are looking at the guarantor. Lots of positive feedback. You send funds to the guarantor, wait for the funds to be credited to your bank card or crypto wallet.
Only nothing happens. You have been deceived. Attackers start deleting messages, profiles turn out to be fake.
Fifth scheme: "the P2P triangle"
All the same P2P exchange. You use reliable services that act as a guarantor, such as Binance, Garantex, Gate.
You are sure that you won’t be deceived. You exchanged your crypto for dollars with a withdrawal to a bank card. Only after a while you receive an unpleasant message that a criminal case has been initiated. How did it happen?!
The scammer creates an ad for the sale of a car, phone or any other item, with a price 40–50% below the market, this ad is placed on Ebay or any similar one.
To any person who expresses a desire to buy this product, the scammer offers to send an advance to the card. If the potential buyer of this product agrees, the scammer goes to the P2P platform.
There he finds a user who wants to sell crypto. A deal is concluded with him for the amount of the advance, which the user from Ebay is ready to pay. Further, the details of your card are transferred to the victim on Ebay. The user transfers you dollars. You confirm the receipt of dollars, the scammer receives your cryptocurrency. What happens next?!
The scammer leaves with the crypto and launders it. And the victim from Ebay turns to law enforcement agencies that he was deceived. A case is being opened where you are listed as the recipient of dollars. Next, you will have an exciting adventure with an explanation that you are not a scammer, no laptop was sold on Ebay with a 50% discount, and the money that you received from the victim is yours, since you gave your crypto to them.
To any person who expresses a desire to buy this product, the scammer offers to send an advance to the card. If the potential buyer of this product agrees, the scammer goes to the P2P platform.
There he finds a user who wants to sell crypto. A deal is concluded with him for the amount of the advance, which the user from Ebay is ready to pay. Further, the details of your card are transferred to the victim on Ebay. The user transfers you dollars. You confirm the receipt of dollars, the scammer receives your cryptocurrency. What happens next?!
The scammer leaves with the crypto and launders it. And the victim from Ebay turns to law enforcement agencies that he was deceived. A case is being opened where you are listed as the recipient of dollars. Next, you will have an exciting adventure with an explanation that you are not a scammer, no laptop was sold on Ebay with a 50% discount, and the money that you received from the victim is yours, since you gave your crypto to them.
Sixth scheme: "null transaction"
Let’s imagine that there is you, and you are actively using cryptocurrencies and regularly send USDT to your grandma. Well, or someone else you often send.
Grandma’s address starts with 7e5e... and ends with ...cc7. You remember those numbers very well. Next, you simply copy the address from the transaction history.
What does a scammer do. He creates a similar address from which a microtransaction is transferred to you, or a zero one. As a result, his address appears in your transaction history.
Here comes the day when you want to transfer a couple of thousand crypto dollars to your grandma. You are copying a familiar address, but you are mistaken. You have copied the attacker’s address.
What does a scammer do. He creates a similar address from which a microtransaction is transferred to you, or a zero one. As a result, his address appears in your transaction history.
Here comes the day when you want to transfer a couple of thousand crypto dollars to your grandma. You are copying a familiar address, but you are mistaken. You have copied the attacker’s address.
Seventh scheme: "clippers"
You asked a friend to remind you of his address, your friend sent it to you in a messenger or by mail.
You copy and paste the address into the recipient field, the funds flew away, but not to your friend. How can this be?!
Let’s first show negligence, you will bury your computer or phone with special software. Which doesn’t show itself. All it does is look at the clipboard. As soon as you copy the crypto address, it replaces it in the buffer with its own. And you yourself send the funds to the attacker.
Eighth circuit: "address with multisig"
This scheme is directed at your greed and willingness to commit an unethical act.
So, you are in a Telegram group. Some user says that he does not understand how to transfer funds from his wallet. Funds are usually from 1,000 dollars to 10,000. He picks up and points out his SEED phrase.
Indeed, these funds lie on the crypto address. Further, some have a crazy thought, or maybe teach a lesson to this fool and take these funds. Only there are not enough native tokens on the crypto address to pay the commission.
You send a couple of dollars from your crypto wallet to this crypto address to withdraw his thousand dollars. Only here is the problem…. you still can’t make a withdraw. This is a multisig address. That is, to carry out a transaction, several crypto signatures are needed. Naturally, only the organizer of this scheme has the second one. You lost a few dollars so do others.
You send a couple of dollars from your crypto wallet to this crypto address to withdraw his thousand dollars. Only here is the problem…. you still can’t make a withdraw. This is a multisig address. That is, to carry out a transaction, several crypto signatures are needed. Naturally, only the organizer of this scheme has the second one. You lost a few dollars so do others.
What to do if you become a victim of scammers?!
There will be no easy solution. But the worst has already happened. You have lost money. The chance of a return is very low.
1
First. Calm down as much as you can.
2
Second. Collect all the circumstances of the incident.
3
Third. Analyze where the funds went. There are professional teams like ours that can help sort things out.
4
Fourth. If you found that your funds gone to CEX, try to contact that CEX.
5
Fifth. Contact law enforcement. Yes, cryptocurrency is not fully regulated. But it is recognized as property.
Scan the QR code to see a sample of the report we make, with which you should ideally go to law enforcement with. The more detailed you describe everything, the more likely it is that they will be able to help you and return the funds.
I'M NOT A VICTIM!
We live in a very interesting time. The state can no longer ignore the cryptocurrency market.
Regulation begins. It is difficult for them to set and control each crypto user. Therefore, they start with large players — exchanges, exchangers, vasps. Crypto is not a panacea in terms of anonymity. I tell you this professionally.
There is a good example of “Theory of six handshakes”. It says that after 6 connections, you can reach any person.
People involved in illegal activities including, less than 6 cconnections between address classes, separates you from dirty crypto. Your friend received funds as a result of p2p from a user, sent them to you. You could mess up the risk score of your address without even knowing it. Next, you need to prove that you received the funds legally.
We recommend checking your crypto addresses. We will provide 10 free crypto-address checks for each reader of this article. Write to us in the TG bot or just sign up for our blockchain address risk-scoring service.
Be careful!
Don't let scammers fool you - always study and double-check the information available to you.
If you have been a victim of fraud or if you know of any such cases, tell us!
We also recommend