How ERMProtect Traced $1.2 Million in Alleged Crypto Scam

By Collin Connors, ERMProtect IT Security Consultant

Some have equated cryptocurrency to the Wild West - a lawless unregulated land where anything can go. However, this analogy frequently breaks down as soon as someone tries to commit a crime using cryptocurrency. For example, many scammers have turned toward cryptocurrencies since there is no centralized party to stop fraudulent transactions. That is, once a victim sends funds there is no possible way to undo that transaction.

However, these criminals forget that a key idea of cryptocurrencies is that the transactions are public. That is, anyone can see how much was sent to them and where they then moved that money.

How ERMProtect Traces Crypto

ERMProtect recently relied on the public nature of the blockchain to help NBC6 investigators better understand an investment scheme that victimized several South Floridians. For the investigation, our certified crypto investigators used Chainalysis, a powerful crypto tracing tool licensed to ERMProtect.

In this case, the alleged scammer had victims send money to him via the Ethereum blockchain, claiming he was launching a new coin and AI-powered digital platform to do crypto trading. ERMProtect was able to trace roughly $1.2 million in various cryptocurrencies that were sent to him. ERMProtect was then able to identify what the alleged scammer did with the funds after receiving them. It was clear that he was simply taking funds from the victims and quickly cashing the funds out at a foreign exchange.

Victims Never Got Their Money

During the course of the scheme, the alleged scammer would repeatedly tell victims that he was sending them funds via cryptocurrency, however, the victims never received the funds. In this case, the victims could have exploited the public nature of the blockchain. If they had checked the Bitcoin mempool, a public list of transactions that have been proposed to the blockchain, they would have seen that the alleged scammer never even created the transactions.

While cheating people using crypto might at first seem easier for the scammer, it often results in an easier investigation for law enforcement. In crypto, scammers like that there is no central bank to stop fraudulent transactions. However, after the victims report the scheme to law enforcement, it is easy to trace all of the scammer's activity and work to recover the funds.

Unfortunately, recovery of funds can be dependent on where the scammer cashed out his crypto for fiat. Law enforcement can subpoena legitimate exchanges to block transactions and even identify scammers. But if the scammer cashes out at a foreign, offshore, unregulated exchange, recovering victims’ money can be difficult.

Click here to watch the NBC6 / ERMProtect investigation.

 

 

 

 

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

pci dss compliance

Why PCI Standards Are Just the Starting Point for Securing Payment Data

While PCI DSS compliance offers a solid baseline, it is not an all-encompassing solution to build a proactive and resilient data security framework …
pci dss in the cloud

How to Achieve PCI Compliance in the Cloud as Security Controls Evolve

The integration of cloud services with PCI DSS compliance is particularly crucial for enterprises that handle sensitive payment card information …
Digital Forensics Investigation

What Are the 5 Stages of a Digital Forensics Investigation?

In this article, we delve deeply into the five stages of a digital forensics investigation and provide tips on how to select the right digital forensics company …