With cryptocurrency becoming more widely adopted than ever before comes the inevitable interest of fraudsters. Criminals are now creating their own apps masquerading as legitimate financial businesses, even creating websites to dupe victims into making phoney investments before stealing their funds.
On 18 July 2022, the Federal Bureau of Investigation (FBI) released a private industry notification warning financial institutions and investors about cyber criminals creating fraudulent cryptocurrency investment applications.
These applications exploit legitimate cryptocurrency investments, defraud investors and cause reputational damage to legitimate investment firms. To date, the FBI has identified 244 victims of these schemes, estimating losses of USD 42.7 million.
Fraudulent cryptocurrency applications masquerading under legitimate financial institution names
The FBI has observed cyber criminals using the names, logos, and other identifying information of legitimate financial businesses, and even creating fake websites with this information. This has been used in a ruse to gain investors.
Between December 2021 and May 2022, it was reported that threat actors posing as a legitimate US financial institution tricked at least 28 victims into downloading an application and depositing cryptocurrency into their associated wallets. When victims attempted to withdraw funds from the application, they were informed they needed to pay taxes on their investments. After paying the supposed tax, the victims remained unable to withdraw funds. This resulted in the victims losing approximately USD 3.7 million.
YiBit scam
From October 2021 to May 2022, threat actors operating through a company named YiBit defrauded at least four victims out of approximately USD 5.5. million, according to the FBI.
A view of the YiBit website is displayed below. YiBit’s website no longer exists, and archived views indicate that the domain was up for sale in January 2022.
Figure 1: Screenshot from fraudulent YiBit website landing page
YiBit was the name of a previously legitimate cryptocurrency exchange company that ended operations in 2018. The fraudulent company was established in 2019 and raised suspicion on Reddit investor forums where users discussed suspicious women approaching them on WhatsApp asking them to download the YiBit app.
Once victims were convinced to download the YiBit application, they were further persuaded to deposit cryptocurrency.
Following these deposits, victims received an email stating they had to pay taxes on their investments before withdrawing funds. Four of the victims were not able to withdraw funds at all through the app.
Growing online cryptocurrency interest
The above case studies demonstrate recent scams by cyber criminals who are preying on a growing interest in online cryptocurrency investment to steal from consumers.
Statistics from 2022 indicate that there are more than 300 million people using cryptocurrency worldwide. More than 18,000 companies now accept cryptocurrency as payment.
The FBI has encouraged financial institutions to be cautious of unsolicited requests to download investment applications and recommends verifying a company's legitimacy before providing any personal financial information.
Financial Conduct Authority (FCA) recommendations
The FCA advises individuals to be wary of cryptocurrency advertisements promising high returns on investments – if it looks too good to be true, it probably is. If you are contacted out of the blue or pressured to invest quickly, be wary.
Individuals should conduct research into the product and company they are considering investing in. Try checking on Companies House to see if the firm is registered as a UK company, or conduct wider web searches.
The FCA further reminds UK citizens that it does not authorise most crypto firms. This means that investing in certain cryptoassets will not enable you to access the Financial Ombudsman Service or the Financial Services Compensation Scheme if anything goes wrong.
At MDR Cyber, we provide various online investigative services including cryptocurrency investigations. We use the latest tools and technology to automate the mapping of transactions, trace the flow of funds, and gather evidence. To find out more about our online investigative services, contact cyber@mishcon.com.