How ERMProtect Traced $1.2 Million in Alleged Crypto Scam
By Collin Connors, ERMProtect IT Security Consultant
Some have equated cryptocurrency to the Wild West - a lawless unregulated land where anything can go. However, this analogy frequently breaks down as soon as someone tries to commit a crime using cryptocurrency. For example, many scammers have turned toward cryptocurrencies since there is no centralized party to stop fraudulent transactions. That is, once a victim sends funds there is no possible way to undo that transaction.
However, these criminals forget that a key idea of cryptocurrencies is that the transactions are public. That is, anyone can see how much was sent to them and where they then moved that money.
How ERMProtect Traces Crypto
ERMProtect recently relied on the public nature of the blockchain to help NBC6 investigators better understand an investment scheme that victimized several South Floridians. For the investigation, our certified crypto investigators used Chainalysis, a powerful crypto tracing tool licensed to ERMProtect.
In this case, the alleged scammer had victims send money to him via the Ethereum blockchain, claiming he was launching a new coin and AI-powered digital platform to do crypto trading. ERMProtect was able to trace roughly $1.2 million in various cryptocurrencies that were sent to him. ERMProtect was then able to identify what the alleged scammer did with the funds after receiving them. It was clear that he was simply taking funds from the victims and quickly cashing the funds out at a foreign exchange.
Victims Never Got Their Money
During the course of the scheme, the alleged scammer would repeatedly tell victims that he was sending them funds via cryptocurrency, however, the victims never received the funds. In this case, the victims could have exploited the public nature of the blockchain. If they had checked the Bitcoin mempool, a public list of transactions that have been proposed to the blockchain, they would have seen that the alleged scammer never even created the transactions.
While cheating people using crypto might at first seem easier for the scammer, it often results in an easier investigation for law enforcement. In crypto, scammers like that there is no central bank to stop fraudulent transactions. However, after the victims report the scheme to law enforcement, it is easy to trace all of the scammer's activity and work to recover the funds.
Unfortunately, recovery of funds can be dependent on where the scammer cashed out his crypto for fiat. Law enforcement can subpoena legitimate exchanges to block transactions and even identify scammers. But if the scammer cashes out at a foreign, offshore, unregulated exchange, recovering victims’ money can be difficult.
Click here to watch the NBC6 / ERMProtect investigation.
Collin Connors is an Information Security Consultant at ERMProtect Cybersecurity Solutions. He is a Ph.D. candidate in Computer Science at the University of Miami. His research is focused on the security of emerging technologies, including blockchain, and applications of artificial intelligence in cybersecurity. He is certified in the use of Chainalysis (CRC), the world's most comprehensive platform for analyzing crypto transactions.
Get a curated briefing of the week's biggest cyber news every Friday.
Turn your employees into a human firewall with our innovative Security Awareness Training.
Our e-learning modules take the boring out of security training.
Intelligence and Insights