The World Economic Forum reports that cryptocurrency’s market cap increased by 187.5% in 2021, indicating that many more consumers are investing in digital assets. However, with the growth in the cryptocurrency market, a significant increase in scams also came.
According to the Federal Trade Commission, “more than 95,000 people reported about $770 million in losses to fraud initiated on social media platforms in 2021.” The FTC also said it saw a surge in “bogus cryptocurrency investment” scams on social media in 2021.
On January 11, 2022, CNBC reported cryptocurrency scams as the “top threat to investors,” according to security regulators, and on January 31, 2022, Fortune referred to cryptocurrency scams as social media’s “latest crisis.”
Considering the report from the FTC and the threat posed by cryptocurrency scams, Overwatch analysts identified a crypto website scamming consumers for this brief.
The Scam Website
At first glance, https://www.crystalforextrade.com looks like a professional website for people that want to make money from investing in cryptocurrency.
However, crystalforextrade’s first claim is that it is the “most reliable” and “secure” online platform for cryptocurrency trading, investing, and mining. The claim is debunked with a simple Google search, where no reputable cryptocurrency publications or media outlets that cover finance, mention crystalforextrade in their writing.
Instead of stopping on the home page, however, we are going to dig deeper into the site. By scrolling down on the home page, we come across a second red flag, misspelled words.
The next thing we come across on the home page is the claims made by the site. According to crystalforextrade, they have been around 37 days, served 141 people, and withdrawn $19,739.
However, if we refresh the page, the section is populated with new details about the success of crystalforextrade.
What are the facts? Crystalforextrade was registered as a domain on November 31, 2021. Thus, its claims of starting 37 or 1,896 days ago are both false.
At the bottom of the home page, we come across fake accounts that have supposedly withdrawn money with crystalforextrade.
In open-source intelligence, we often use a method called a reverse image search. One of the reliable websites for performing reverse image searches is Yandex, which is Russia’s version of Google.
When we save the first image into Yandex and run a reverse image search, we find that the person in the first photo on crystalforextrade is not named Daniel Burton.
With this reverse image search, Yandex also provides us with a link to where the photo has appeared. By clicking the link, we find out that the individual in the picture is named Mariano, not Daniel.
But as open-source intelligence professionals we look for patterns, so let’s reverse image search the other pictures.
With the second image, we can see that the photo is used in dating profiles in the United Kingdom and the Philippines. Analysts note that the widespread use of the image suggests that it is also falsely represented on crystalforextrade.
The third picture provides us with more compelling data.
The fourth image shows that the photo is used on a website for cryptocurrency investments, legalcloudtrading.com
If we go to legalcloudtrading.com, we can see that it is an exact copy of the crystalforextrade.com website.
Overwatch wanted to delve further than these websites’ front pages. We created two fictious accounts to determine if crystalforextrade or legalcloudtrading were receiving or sending funds.
After logging in, we were brought to a dashboard that provided several different options, and what we want is to “withdraw” because that will give us the Bitcoin wallet address for crystalforextrade.
With blockchain.com, we can put the wallet address in the search box and see if it has received any Bitcoin.
According to blockchain.com, “This address has transacted 348 times on the Bitcoin blockchain. It has received a total of 3.30584675 BTC ($135,124.24) and has sent a total of 3.29005193 BTC ($134,478.64).” That is a significant amount of money for crystalforextrade.com, which as we stated previously was registered as a domain on November 31, 2021.
By creating an account on legalcloudtrading.com and signing up for membership, we get another Bitcoin wallet address.
This address, however, has done a lot more sending of Bitcoin across the blockchain. According to blockchain.com the address “transacted 805 times on the Bitcoin blockchain. It has received a total of 12.69052546 BTC ($518,649.21) and has sent a total of 12.69052546 BTC ($518,649.21).”
Further research shows that crystalforextrade was reported in a scam on Ripoffreport.com in December 2021.
The victim, Bella, was scammed for around $1,500 and explained her experience with crystalforextrade from a person she knew who was posting about Bitcoin on her Instagram. The person, Lara Gonzalez, told Bella that she needed to contact Maria Lucas on Instagram. Lucas told her to invest $500. She did that, and a few hours later was told that her account already had $10,000 in it.
However, Lucas said that for Bella to get the money, she had to upgrade her account, which would cost a one-time fee of $950. Bella did that, too, only to have to sign up and pay for a PIN to withdraw for her alleged money. When she realized what was happening, she asked Maria for her Bitcoin back, only to be blocked from contacting her.
Additionally, analysts looked at the U.S. WhatsApp phone number on the legalcloudtrading website and found it to be a VOIP with no name, address, or business attached to it. Also, the social media links on both websites are not functional.
Further, a network analysis of the two Bitcoin wallet addresses found that both websites are connected and show a pattern that indicates they are an investment scam.
Some Steps You Can Take to Mitigate Risk
- If someone reaches out to you on a social media platform about making money in cryptocurrency, ask them for their website URL. Research the URL with a Google Search and search major social media platforms like Facebook, Twitter, Instagram, and YouTube. If you are only seeing data from the website provider, it is a possible indicator that it is a scam.
- Once on the website, look at their photos for their team or clients. If the image looks suspicious or like a stock photo, click Save As on the image and then go to Yandex.com. Once on Yandex.com, click images and upload the image you saved. If the picture is widely used, it will show up in results on Yandex.
- Search for the website URL + scam in Google, Bing, and other search engines.
- If the social media page links on the website don’t work, that is another red flag.
- If the phone number they tell you to call is a WhatsApp number, it is another possible indicator that they are involved in a scam.
Fraudsters will continue to use social media platforms to target their victims for cryptocurrency scams, specifically focusing on how people can make much larger returns by investing small sums of money. With the significant growth of the cryptocurrency market, Overwatch assesses that social media fraud will increase in 2022, likely costing tens of millions of dollars more in losses than in 2021.
Additionally, novice investors will be especially susceptible to fraudsters in the cryptocurrency space, as they are not familiar with the tactics that cyber-criminals use to appear as legitimate exchanges or how they target their victims.