Aug 14, 2022 5 min read

Cryptocurrency Exchange Scams

Cryptocurrency Exchange Scams

My journey on this scam all started with a suspicious DM in Twitter:

My immediate thoughts that this was a scam. Even Twitter thought so and flagged it as such. I was initially going to delete the message and move along. But then I thought, what if I see where this goes? So long as I don't give any personal details over, it should be OK (well that was my thinking).

So off I went. The first step was to get an email address that couldn't be associated with myself. For this I used the amazing service Fastmail. They have a service called Masked Email, that keeps your real email address private. Obviously the first step was to create an account on the exchange.

Well this is where the first surprise came about. I put in the promotion code from the Twitter DM in, and viola! I was 0.77242762 richer! This even more than what was said in the DM message.

So me being the evermore pessimist, I knew something wasn't right. I knew it was a scam. No one is simply going to randomly give that kind of money away. Even more so was the fact that the Twitter account that sent me the DM had been suspended by Twitter. It had be pondering for a few days what the angle could have been.

On the face of it, the exchange looked legitimate, to me at least. Someone would have had to gone through a lot of effort to get all the functionality in place for it to me some type of credential harvesting or personal detail information harvesting effort. There are real wallets, the ability to withdraw and deposit. Even the ability to  convert.

The Catch?

So I had all thoughts going through my head. Could it be some type of money laundering through a legitimate exchange? What else could it be?

Well last night I found out. I had purposely let it be for a few days to see if anything happened. Nothing did, so the next logical step was to withdraw the Bitcoin (BC). I certainly wasn't going to put in my personal banking details in, so I thought that I would move the Bitcoin to a wallet that I have in a well known and reputable exchange. And this was the message that I got:

Strange! I don't seem to recall that happening in any other exchange that I've dealt with before. But granted I'm no expert on this stuff, so perhaps the promotion code had something to do with it. Now I knew this was going to be a gamble. But decided to take the risk, and more importantly I still really wanted to find out the catch! So off I went, deposited the required 0.01 BTC.

Shock, horror! That was simply not enough. Because the next message I got when I tried another withdraw attempt was:

Ah! So that's the catch. They keep on getting you to deposit more and more in order to withdraw your funds. I tried different things to try get my balance below the magical 0.3 BTC number but even transferring was met with another message:

So yeah, I'm down 0.01 BTC (and I knew that was technically a possibility). But the funds are still technically available to me I suppose, so I will be keeping an eye on it and see how things play out.

Hindsight is a wonderful thing! With bitcoin, transactions and balances on wallets is public, so long as you have the address of the wallet. This really is something that I should have checked for first. Because had I, I would have seen that the wallet actually didn't contain anything in the first place!

https://blockchair.com/bitcoin/address/1Bymmgeu2j9pcpnMzibMbpxhKN44GhAZLm

💡
And another final check. I decided to create another account, and put in the same promotion code. And I now have another 0.77243297 BTC! So if there was any doubt in my mind about this being a scam, this helped to confirm it.

Questionable Security

If this were a legitimate exchange (there still is a possibility after all), they still have some questionable security around their platform:

And yes, that is both the email address as well as the plaintext password for your account, being sent in an email (plaintext). For something handling financial data, this is pretty worrying.

Conclusion

So this was an interesting journey, and it does give you an insight into why scams work. Scammers know that people generally are motivated by greed or financial gain. So anything with the promise of "free money" will almost always net a few victims. Heck I even got a bit carried away, knowing full well the risks at play (and a small part of me even believed that this may have been real). If you do see some offer of "free money", especially if it is a significant amount, be very wary and try err on the side of caution and simply ignore it. Lastly, if you wish to dabble in cryptocurrency, stick with the well known and reputable exchanges such as:

Update 17 August 2022

So a further update. The Bitcoin that I deposited was withdrawn on the same day:

https://blockchair.com/bitcoin/address/1Bymmgeu2j9pcpnMzibMbpxhKN44GhAZLm

And surprise, surprise it doesn't show in their platform:

There is beyond a shadow of a doubt that this exchange is a scam. Looking at whois records shows this to be a Cloudflare fronted service:

https://whois.domaintools.com/sanlybit.com

It looks like they are making a tidy profit as well:

Sean Wright
Sean Wright
Experienced application security engineer with an origin as a software developer. Primarily focused on web-based application security with a special interest in TLS and supply chain related subjects.
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Sean Wright.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.