Cryptofraud – hackers, false promises and fairytale returns

Fabian F. discovers a platform on the Internet, on which he is made the following offer: He should transfer 10 Bitcoin to the entity for investment purposes. For doing so, he is promised a monthly return of 35 percent as well as an additional daily return of 0.2 percent. After a while these profits are no longer able to be paid out, contact to the entity is broken off, and Fabian F. has lost his investment.

Phillip R. learns about the imminent ICO of an entity, which is wanting to launch a new kind of virtual currency on the market. The promised profits are so high that Phillip R. invests. A while later, the entity informs Phillip R. about a hacker attack, in which all deposits have apparently been lost. Then the contact is broken off and Phillip R. has lost all of his money.

Mr. S. is invited to join the Facebook group “Proffitt 7000”, which promises to make him rich quickly. In the group there are adverts for an online platform, which promises high returns for a minimal risk. And best of all: from an investment of Euro 7,000 the investor is even insured against losses in capital. Mr. S. originally only wanted to invest Euro 5,000, but doesn’t want to miss out on the insurance, so he therefore invests Euro 7,000.

Once the first transactions had been made, the value of his virtual securities account increased dramatically. When he then wanted his credit balance paid out, he was placed under pressure over the phone not to do so, but to invest more money instead, which he then also did.

A few weeks later he reads in the media about a case of international cyber trading fraud. One of the platforms named in the media reports is “Proffitt 7000”. Mr S. sustains a total loss. His money has disappeared in a money laundering network made up of front and dummy companies.

A new crypto-project is started, often using its own token and a large online presence (e. g. website, social media, “Telegram” group). The developers promise high profits, innovative technology, or a “new Bitcoin”. Investors get on board early and the token increases in value. As soon as there is enough money in the system, the developers remove all funds – usually by emptying pools of liquidity. The project vanishes: the token is worthless – and your money is gone.

• Due to the fear of missing out (FOMO): everyone is talking about it – you don’t want to be too late getting on board.
• Promises of high profits: 100% profit in a short period of time seems enticing.
• Social confirmation: fake comments, influencers and apparently “real” users held build up trust.
• Speed: Projects are often online for a few days or weeks – there is not enough time to check them thoroughly.

The perpetrators install malicious software onto your computer – usually by means of a harmless looking e-mail attachment or a manipulated link. Once the software is activated, the computer is blocked or all data encrypted. Then a message pops up: “If you want to be able to access your data again, pay X Euro in Bitcoin.”

• You open a seemingly harmless message about a package by e-mail.
• The message seems professional or urges you to react quickly (“Your account will be blocked…”).
• You don’t notice anything when you click on the message – the blackmail message only pops up hours later.

Many people think that this kind of thing only happens to companies, but private individuals’ photos, documents or tax information are vulnerable to attack. People pay up because they are afraid of losing money and their reputation.

Fraudsters contact people via social networks or dating platforms. For weeks on end they write in a charming, loving and supportive manner, and build up emotional trust. Then they mention an excellent opportunity investing in crypto-assets – or ask for assistance when in financial difficulties.

• Fraudsters pose as being successful businesspeople, soldiers stationed overseas or as having emigrated.
• Communications seem real: daily messages, plans to spend the future together, video telephony frequently using deepfakes, i.e. deceptively realistic faked videos, pictures or voices created with the help of artificial intelligence with the objective of deceiving people or defrauding them.
• Sometime a request for money is skilfully weaved in – e.g. to make a “test investment” in an apparently serious crypto app.

Trust is built up slowly over the course of weeks – and victims are often lonely and deeply emotionally involved. They are in no doubt, even if family members or friends warn them.

Fraud victims receive a phone call, and the scammers claim to for Microsoft, the police or the victim’s bank. They warn about current fraud attempts and the need to take urgent action to protect their account. Perpetrators lure victims to visit a website or directly go to a crypto-auto teller.

• The call is deceptively realistic: the name shown on the display seems trustworthy.
• The person on the other end of the phone line sounds both competent and concerned.
• The instructions seem logical: “Protect your money by converting it into crypto assets.”

Because people become stressed and afraid. The perpetrators deliberately place victims under pressure, and leave them no time to think rationally.