The ‘Fake Bitcoin’ fraud or how not to get tricked out of your lifetime savings

As the Polish police informs the number of frauds involving financial services, including cryptocurrency, is invariably growing. Let us look at a hypothetical case: Edward lost his job due to redundancies at his company. The ongoing pandemic and his close-to-retirement age did not make it easier for him to find new employment. In theory, he had enough savings to cover for his basic needs. However, things turned bad for Edward and he suffered a severe loss. What do you think happened? 

A survey would come in handy at this point, but it will be easier for me to use a few examples which would fit well in this quite stereotypical scenario. And no, it was not the ‘fake grandson’ or ‘fake policeman’ or any other fraud method involving a trustworthy person. Edward fell victim to a fraud which for the purpose of this article I called the ‘fake Bitcoin’ fraud. 

Situation 1. The Internet scam

Who would not like to get rich quickly and easily? Especially in a situation where they struggle to find a steady source of income? Edward was one of such people. While searching through social portals on daily basis an advertisement glorifying the possibility to earn money on cryptocurrencies caught his eye a few times. A smiling attractive woman at the side of a prominent businessman in the picture was an additional stimulus encouraging him to click on the advertising banner. Next, it was enough to read a few sentences about ‘your only chance in a lifetime’, fill in the contact form and wait for a phone call from ‘a broker/consultant/exchange agent/personal advisor’ (the sky is the limit). 

What next? Well pleased Edward sets the kettle to make some tea, rubs his hands and… Huh, the phone is ringing! Good morning, good morning – the usual exchange of courtesies. He can hear that there is a gentleman at the other end. Eloquence, elegance. A slightly foreign accent, but after all Edward’s grandmother was from Vilnius, so we cannot suspect a man of dishonest intensions based on that! 

‘Right then, so what is the plan? Well, dear sir, 250 euros/dollars will suffice. Such a trivial amount, you must admit, considering the sea of opportunities which will later unfold for you!’ Things followed a scenario that is well known to the police and the Financial Supervisory Authority (KNF): 

Edward was asked to install an application on his computer, which would enable the consultant to run the so-called ‘remote screen’. Thanks to that, as was explained, he could show Edward step by step how to run the operations. He also needed a trading application (a cryptocurrency wallet) and another one, which would enable him to make multicurrency transfers, preferably one that also offers a quick exchange to cryptocurrencies. Edward made a transfer for 250 euros. 

Next, having learnt ‘his client’s needs’ the consultant persuaded Edward to make another bigger investment. All legal, off course. Edward could see with his own eyes the steps that were being taken. Both men were operating on the same computer, the only difference being that the consultant was present remotely and every now and then asked Edward to provide the codes that were being sent to his client’s phone number. At some point the situation got complicated, because unlike so far, when Edward could see his funds in the wallet, now he saw them disappear… and they never came back. In panic he tried to contact the nice gentlemen but, unfortunately, it was impossible to connect to him. He lost 1000 euros.

Situation 2. A phone scam

A similar situation, yet this time Edward receives the information about ‘the investment of his life’ on the phone. The speaker presents himself as a representative of a well-known company/cryptocurrency exchange and informs Edward that his phone number was retrieved from a database in which Edward’s number was available as the result of a consent he had given to be contacted for marketing purposes. Dismayed Edward cannot recall anything of that sort, but then again, he was not reading the message that carefully. They start the conversation. The broker asks about his economic situation and cheers his victim up, saying he could not have come at a better time. They make an appointment to meet. Once the broker presents the investment plan, Edward decides to invest 50,000 PLN. The broker assures him that he does not need to do anything. Well, only to go through a positive KYC verification, but that is just the same as for banks – there you need to give your full credentials as well. No need to worry, they will help. 

The day comes when Edward is asked to make an additional verification as part of the KYC procedure. This time in the form of a video conversation with an exchange worker. Edward does not find it convenient, but his new advisor promises to prepare him for the video call. This way during the conversation Edward conceals the fact that he is not acting on his own behalf and was persuaded to open an account by a third party. Let us assume that he managed to outsmart the exchange worker. As a result, Edward can make transactions for more than 1000 euros. He gives his advisor details to access the account and… that’s right. The advisor disappears along with Edward’s savings. Edward calls the exchange support, appalled. He learns that workers of the exchange never call to their clients first, and they surely do not offer help in the form of investment advice. Edward was frauded and must report the fact to the police. 

Summarizing the above situations: 

  • NEVER give your personal information to third parties – this concerns both your personal details and credentials to access your banking systems, e-mail and the like.  
  • ALWAYS check who you are speaking to. If there is something that rises any doubts in you, trust your intuition and resign for your own safety. 
  • If you receive a phone call from someone who present themselves as Kanga exchange worker (or a worker from another service), tell them you will call them back. Note down the phone number and call the support of the company which allegedly contacted you (do it preferably by phone, since scammers most probably also have access to your e-mail box). You may also report the case to the police. 
  • Fraudsters may also try to contact you via such popular communication channels as Whatsapp, Skype or Telegram. 

Finally, I will describe one more method used by fraudsters, equally popular. 

Situation 3. Phishing or crypto phishing 

This method has been known among fraudsters for a very long time. It involves sending spam messages with the use of an email or text message. The fraudsters pretend to be cryptocurrency exchange or other cryptocurrency service providers (e.g. exchange offices). Most often the messages include a link confusingly similar to those sent out by real companies. For the sake of the discussion for this situation we must assume that Edward already has some funds in a cryptocurrency wallet and receives a worrying message (e.g. that his funds are in danger) with a call to action. Unfortunately, unluckily for Edward, he fails to carefully check the sender’s address and clicks the link, which redirects him to a clone website. He enters his logging credentials and is surprised to see that everything is fine. He logs out and the next time, once he logs in to the proper service, he is in for an unpleasant surprise: his wallet is empty 🙁 

Fraudsters in social media, including the popular Facebook platform, work in a similar manner. They create a fanpage that is identical to the one our protagonist observes and place information about free bitcoins there. Additionally, very often they tag their victim posting a dedicated message with congratulations. It is enough for the user to click on that link and… you know what will happen next. 

Summarizing:

  • ALWAYS check carefully and thoroughly the email address and phone number from which you received a message which rises your doubts, especially when it comes to your finances and personal details! 
  • Do not believe that someone wants to give you a Bitcoin or another cryptocurrency for free. 
  • Install anti-virus software on your devices. 
  • Never allow a third party to access your devices remotely! If they ask you to install such applications as TeamViewer or AnyDesk – do not install. 
  • Whenever possible enable two-step verification. 

You can read more about the actions taken by fraudsters in our previous article or on the website of Polish police. 

Something made you feel alarmed? Contact us immediately!