Crypto Investment Scams
Cryptocurrency Investment Scams
Step aside e-mail compromises and romance scams. Make way for the crypto investment scam, the newest in an ever-changing sea of schemes and scams available on the World Wide Web to minimize your life savings in as little as a few weeks. This article is a refresher for traditional indicators beyond the “too good to be true” mantra and will detail the slight modifications occurring within this new iteration of attempts to separate folks and their money. There are 12 common investment fraud scheme indicators to recall. These may occur prior to a potential victim engaging in an investment or after a victim has already sent money. For simplification and brevity, this article will refer to the potential perpetrator of a scam as Ms. Defrauder.
Step aside e-mail compromises and romance scams. Make way for the crypto investment scam, the newest in an ever-changing sea of schemes and scams available on the World Wide Web to minimize your life savings in as little as a few weeks. Traditional investment scams generally contain indicators that reveal their nefarious natures to the potential victim; however, these indicators tend to be ignored when cryptocurrency is involved. This article is a refresher for traditional indicators beyond the “too good to be true” mantra and will detail the slight modifications occurring within this new iteration of attempts to separate folks and their money.
There are 12 common investment fraud scheme indicators to recall. These may occur prior to a potential victim engaging in an investment or after a victim has already sent money. For simplification and brevity, this article will refer to the potential perpetrator of a scam as Ms. Defrauder.
An investment is being sold by Ms. Defrauder, who is not a licensed broker.
Defrauder promises high returns or promises guaranteed returns.
Defrauder is soliciting funds for unregistered securities or provides an explanation for why registration is not required for the particular investment.
In a cryptocurrency investment scam, potential victims are told or tend to think that because this is cryptocurrency, the lack of a license, the lack of registration, and the promise of high and guaranteed returns is normal. None of these is normal. Other arguments are that because this is a defi (decentralized finance) or web3 loan, it is much more secure and interest is guaranteed by the blockchain. None of that is true. The Financial Industry Regulatory Authority (FINRA) offers BrokerCheck for potential victims to verify a soliciting individual such as Ms. Defrauder before they engage in any transaction (https://brokercheck.finra.org/). This check is not the only test an investor should perform; the rest of the indicators should still be considered. The FINRA report for Mr. Bernard Madoff, which is available to the public, contains exactly one criminal action, one civil action, and four regulatory actions that all occurred in 2008 and 2009, over 10 years after he passed his Securities exam (Series 63) and over 47 years after he passed his first exam (Series 1 in 1960). Mr. Madoff pled guilty to Securities Fraud, Investment Adviser Fraud, Wire Fraud, Theft from an Employee Benefit Plan, Money Laundering (regular and international), Making False Statements, and False Filing with the SEC. These actions, among others, contributed to Mr. Madoff’s very large scheme that ultimately defrauded investors of over $64 billion.
Defrauder shows the potential victim proof of his/her own investment and/or returns to encourage the potential victim to send money.
Customer statements do not reflect market prices or cannot be verified with public information.
In cryptocurrency scams, the victim is most often approached online through social media such as LinkedIn or through messaging services within other apps such as Facebook Messenger, WeChat, SnapChat, and others. Sometimes, the crypto scam is part of a larger romance scam; in that case, an additional indication is that Ms. Defrauder asks to move the conversation off the relationship platform and onto a “more private” or “more personal” chat platform. This request is for two purposes: one is to prevent her profile from being removed on the relationship platform because no evidence of a scam exists on that particular platform; and the other is because messages can be deleted by the sender in the “more private” messaging platforms, preventing the victim from retaining evidence related to the scam. An actual broker does not contact you on social media to solicit your business and will not show you his/her personal investments.
While Mr. Madoff’s scheme was relatively easy to discern by comparing the performance indicated on the statement to the actual performance of that security in the market, cryptocurrency scams are a little more complex for the average person. A potential victim is provided with a link or they are shown screenshots of a website to which they cannot navigate on their own; both of these are indicators that the offering is fake. With cryptocurrency, market prices and transaction volumes are available to the public, but they are not as readily understood as stock market prices. If Ms. Defrauder cannot provide the exchange and their historical pricing that supports her trading plan profitability or if the potential victim does not know where to verify that information, engagement should be avoided. One of the tactics favored by Ms. Defrauder is to provide potential victims with the name of a token such as USDT (Tether) or USDC (Circle), but a fake smart contract address for verifying transactions. The potential victim must understand how to verify a smart contract address before attempting to engage in complex cryptocurrency transactions. One other common practice of Ms. Defrauder is to provide a link to victims for accessing their account, but that link changes and must be requested each time a victim attempts to access their account. Imagine calling Charles Schwab (the brokerage) for its new website address each time you wanted to check the balance of your IRA—that hypothetical is absurd and if Ms. Defrauder is requiring such a request be made, it is a strong indicator of a scam.
Defrauder requests a “good faith” transaction from the potential victim that may be lower than $10,000 so the potential victim can prove they are serious about sending money.
Restrictions are placed on the withdrawal of funds such as an additional fee to be paid.
Threats are made when a victim requests the withdrawal of funds such as the threat to report the victim to law enforcement or investment regulators.
If a potential victim is showing signs of wariness, Ms. Defrauder may become impatient and insist on a “good faith” transaction; a transfer of money in an amount smaller than the initial solicitation. This request may be paired with a threat of ending the conversation. When a victim attempts to withdraw funds, they may be asked to make this request in a message to Ms. Defrauder. There is not typically a withdraw mechanism present on the fake websites to which they have been directed. When a request for withdrawal is made, there is often a new, even more lucrative solicitation. When that fails, a request is made for bank account numbers or payment card numbers from the victim, and they are asked to transfer a percentage of their balance to initiate the withdrawal. This withdrawal fee is almost never applied as a reduction to the balance. The option for reducing the total withdrawal is generally provided when a withdrawal occurs in a traditional brokerage account to account for things such as withheld taxes, early withdrawal penalties, etc. Account numbers and payment card numbers should never be provided to receive a withdrawal; this is an attempt to gather additional information that can be used in a later identity theft scam. Provide a cryptocurrency address for receiving transfers of cryptocurrency—this information is designed to be shared and can be obtained through a legitimate cryptocurrency exchange such as ones based in the United States. If a threat is made at any time, that is also a very strong indicator of a scam.
Defrauder, who is selling investments or soliciting funds, initiates contact with the potential victim.
Defrauder does not have any verifiable references that can be contacted using public information (and not contact information provided by that individual).
Often, potential victims are approached on social media or on relationship websites or apps. Potential victims are then asked to move that conversation to a different messaging platform and only then are provided with an “investment opportunity”. Do not move conversations off the initial platform; doing so may violate that service’s terms of service and may absolve them of any potential liability related to the scam. The solicitation is often paired with tales of woe, of need, or of a rich, well-connected uncle (who also may be described as a retiree with a team of actuaries and risk managers). An actual well-connected person with a team of actuaries and risk managers does not generally use his/her niece or nephew to solicit new business through social media platforms. The stories told by Ms. Defrauder and friends vary, but the profiles used to communicate with potential victims are fake. In fact, a reverse image search can often reveal that the photos on the profile were taken from somewhere else on the internet. These profiles should be reported to the platform on which they appear along with details of the attempted solicitation.
Defrauder specifies a time limit for involvement and transfers or engages in other high-pressure sales tactics.
Defrauder requests secrecy or confidentiality related to trading plans, returns, or other investment details.
In a cryptocurrency scam, which is riddled with fake websites and fake transactions that appear real and may even be visible using a public block explorer (because the token itself has been faked and designed to mimic an actual cryptocurrency token such as USDC or USDT), potential victims are often told or shown that trading opportunities expire quickly. They may even be shown a fake website where opportunities are expiring right before their eyes and Ms. Defrauder helps them calculate how much profit he/she just missed (FOMO, anyone?). Ms. Defrauder may accelerate the solicitation and send multiple messages about fast-approaching deadlines to make transfers; sometimes within a week or sooner. This tactic of instilling a sense of urgency is borrowed from older, successful business e-mail compromise (BEC) scams; also known as e-mail wire fraud. Ms. Defrauder will employ another well-known tactic borrowed from BEC scams—the request for secrecy. This request may refer to trading strategies employed by Ms. Defrauder, her uncle, or their team these same secret trading strategies come back into play when a victim requests a withdrawal of funds. It is then that the secret trading strategies are revealed to be illegal or against some regulation or another and threats are made to disclose the victim’s information to authorities. None of these things are true. There is no uncle, no team, no secret (except that it is really a scam), and no illegality or regulatory violation on the part of the victim. In fact, Ms. Defrauder herself is not real, but is a profile run by a group of people who work for a profitable business and have received training on how to perpetrate exactly this kind of scam.
In summary, remember that Ms. Defrauder is not an individual person (even if you have spoken on video chat) and although she may appear charismatic, sweet, innocent, nice, savvy, or rich, “she” is a team of people trained to perpetrate scams online. These scams follow a pattern, and that pattern evolves as perpetrators communicate about which methods are most effective. Be wary. Be vigilant.
Disclaimer: This article does not substitute for legal, tax, or financial advice and is intended for general informational purposes only. This article does not constitute an expert opinion and should not be construed as such.
 FINRA BrokerCheck Detailed Report for Bernard L. Madoff, CRD#316687.
 This is not easy information to find, thanks to a complete lack of regulatory oversight or consumer protection related to third-party blockchain-service providers. Feel free to lobby your favorite politician in support of an exchange’s public disclosure of its hot wallet addresses and a token creator’s disclosure of its blockchain addresses for smart contracts; these two disclosures would go a long way towards protecting consumers related to blockchain products and services. For instance, USDC’s smart contract addresses are buried in its developer documentation, https://developers.circle.com/developer/docs/what-is-usdc, under the section, Which blockchains support USDC? (The title of this section is misleading because it implies that a blockchain itself provides support when the reality is that Circle built smart contracts for its products and deployed them to these various blockchains.) USDT’s contract addresses are buried in the Details links of its transparency section, https://tether.to/en/supported-protocols.
 In fact, Ms. Defrauder may have offered her assistance to the potential victim in opening and funding a legitimate cryptocurrency account, such as ones held at Coinbase, Kraken, Gemini, and others. The scam transfers occur in forms of outgoing cryptocurrency transfers purchased through a legitimate exchange.
 https://images.google.com, https://www.bing.com/visualsearch, and a favorite among investigators, https://tineye.com, just to name a few.