How ERMProtect Traced $1.2 Million in Alleged Crypto Scam

By Collin Connors, ERMProtect IT Security Consultant

Some have equated cryptocurrency to the Wild West - a lawless unregulated land where anything can go. However, this analogy frequently breaks down as soon as someone tries to commit a crime using cryptocurrency. For example, many scammers have turned toward cryptocurrencies since there is no centralized party to stop fraudulent transactions. That is, once a victim sends funds there is no possible way to undo that transaction.

However, these criminals forget that a key idea of cryptocurrencies is that the transactions are public. That is, anyone can see how much was sent to them and where they then moved that money.

How ERMProtect Traces Crypto

ERMProtect recently relied on the public nature of the blockchain to help NBC6 investigators better understand an investment scheme that victimized several South Floridians. For the investigation, our certified crypto investigators used Chainalysis, a powerful crypto tracing tool licensed to ERMProtect.

In this case, the alleged scammer had victims send money to him via the Ethereum blockchain, claiming he was launching a new coin and AI-powered digital platform to do crypto trading. ERMProtect was able to trace roughly $1.2 million in various cryptocurrencies that were sent to him. ERMProtect was then able to identify what the alleged scammer did with the funds after receiving them. It was clear that he was simply taking funds from the victims and quickly cashing the funds out at a foreign exchange.

Victims Never Got Their Money

During the course of the scheme, the alleged scammer would repeatedly tell victims that he was sending them funds via cryptocurrency, however, the victims never received the funds. In this case, the victims could have exploited the public nature of the blockchain. If they had checked the Bitcoin mempool, a public list of transactions that have been proposed to the blockchain, they would have seen that the alleged scammer never even created the transactions.

While cheating people using crypto might at first seem easier for the scammer, it often results in an easier investigation for law enforcement. In crypto, scammers like that there is no central bank to stop fraudulent transactions. However, after the victims report the scheme to law enforcement, it is easy to trace all of the scammer's activity and work to recover the funds.

Unfortunately, recovery of funds can be dependent on where the scammer cashed out his crypto for fiat. Law enforcement can subpoena legitimate exchanges to block transactions and even identify scammers. But if the scammer cashes out at a foreign, offshore, unregulated exchange, recovering victims’ money can be difficult.

Click here to watch the NBC6 / ERMProtect investigation.

 

 

 

 

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

FFIEC CAT to the CRI Cyber Profile 2.0

Why Some Financial Institutions Are Transitioning from FFIEC CAT to the CRI Cyber Profile 2.0

While the FFIEC does not endorse any specific tool, many financial institutions have started adopting the Cyber Risk Institute’s (CRI) Cyber Profile 2.0 …
GLBA Risk Assessments

GLBA Risk Assessments: A Key 1st Step in GLBA Compliance

The GLBA risk assessment is an organization’s starting point for GLBA compliance. We break it all down in this GLBA risk assessment overview …
Web Application Penetration Testing Services

Common Issues in Web Application Penetration Testing Services

Web applications are now ripe targets for hackers. Here we take a look at a few hacker attacks on web applications & how penetration testing services are critical …