How ERMProtect Traced $1.2 Million in Alleged Crypto Scam

By Collin Connors, ERMProtect IT Security Consultant

Some have equated cryptocurrency to the Wild West - a lawless unregulated land where anything can go. However, this analogy frequently breaks down as soon as someone tries to commit a crime using cryptocurrency. For example, many scammers have turned toward cryptocurrencies since there is no centralized party to stop fraudulent transactions. That is, once a victim sends funds there is no possible way to undo that transaction.

However, these criminals forget that a key idea of cryptocurrencies is that the transactions are public. That is, anyone can see how much was sent to them and where they then moved that money.

How ERMProtect Traces Crypto

ERMProtect recently relied on the public nature of the blockchain to help NBC6 investigators better understand an investment scheme that victimized several South Floridians. For the investigation, our certified crypto investigators used Chainalysis, a powerful crypto tracing tool licensed to ERMProtect.

In this case, the alleged scammer had victims send money to him via the Ethereum blockchain, claiming he was launching a new coin and AI-powered digital platform to do crypto trading. ERMProtect was able to trace roughly $1.2 million in various cryptocurrencies that were sent to him. ERMProtect was then able to identify what the alleged scammer did with the funds after receiving them. It was clear that he was simply taking funds from the victims and quickly cashing the funds out at a foreign exchange.

Victims Never Got Their Money

During the course of the scheme, the alleged scammer would repeatedly tell victims that he was sending them funds via cryptocurrency, however, the victims never received the funds. In this case, the victims could have exploited the public nature of the blockchain. If they had checked the Bitcoin mempool, a public list of transactions that have been proposed to the blockchain, they would have seen that the alleged scammer never even created the transactions.

While cheating people using crypto might at first seem easier for the scammer, it often results in an easier investigation for law enforcement. In crypto, scammers like that there is no central bank to stop fraudulent transactions. However, after the victims report the scheme to law enforcement, it is easy to trace all of the scammer's activity and work to recover the funds.

Unfortunately, recovery of funds can be dependent on where the scammer cashed out his crypto for fiat. Law enforcement can subpoena legitimate exchanges to block transactions and even identify scammers. But if the scammer cashes out at a foreign, offshore, unregulated exchange, recovering victims’ money can be difficult.

Click here to watch the NBC6 / ERMProtect investigation.





Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

digital forensics services

Digital Forensics Services: The Key Things to Understand

What is digital forensics, and how can it help your business? Here are the key things you need to understand about this essential service …
Purchasing Annual Security Awareness Training

4 Tips for Purchasing Annual Security Awareness Training

Here are helpful tips designed to help guide you in selecting a valuable security awareness training program and to evaluate the effectiveness of each tool considered …
Forensics Investigations

5 Notable Digital and Crypto Forensics Investigations of 2022

Digital forensics delivers actionable intelligence in all types of cases. Here are some of the notable examples, so far, this year …