Opinions expressed in this article represent a diversity of viewpoints and do not reflect the position of WEB3+
This article is written from the first-person perspective of the author.
A Carefully Designed Scam: A Comprehensive Breakdown of Fraud Techniques
Recently, our company has received numerous requests for assistance from users. With the consent of the individuals involved, I conducted an in-depth analysis of this case and discovered that scam techniques have evolved to a shocking degree.
This particular scam method is completely different from the traditional LINE group investment scams. The fraudsters have employed several technological upgrades, including completely avoiding digital traces, utilizing legitimate platforms to build trust, and providing real profit displays. The difficulty of preventing this set of techniques is extremely high, and even we industry insiders believe that existing protective mechanisms need to be reevaluated.
Each time a scam is successful, there may be a family suffering economic loss behind it. I hope that through a detailed analysis of this case, we can help everyone understand new types of fraud techniques and protect our friends and family from being deceived.
Complete Analysis of Fraud Techniques
The fraud group first contacted the victims through the Tinder dating app, using their leisure time during unemployment to build a trust relationship. The scammers cleverly inquire about how long the victims have been using Tinder, thereby gauging their awareness and experience with online scams. Users with shorter usage times are less exposed to scams and more easily targeted.
To establish trust, scammers share photos of life in Kaohsiung and even provide local information such as class suspensions, creating a realistic living background. More cleverly, they proactively remind victims not to click on unfamiliar links, emphasizing that all applications should be downloaded from the App Store, which instead increases the victims’ trust in their professionalism and responsible attitude.
Once preliminary trust is established, the scammers begin to guide the victims into investment discussions. They emphasize the legitimacy of Web3 and DeFi, packaging the scam as an opportunity to learn about emerging technologies, fully leveraging the victims’ curiosity and desire for knowledge, leading them to believe this is a learning and investment opportunity.
The subsequent operational process demonstrates the technological upgrades of the fraud group. The scammers guide victims through voice calls to download and set up various applications, including the Bitget exchange and KryptoGO wallet. The brilliance of this approach lies in leaving no written or screenshot evidence, making it difficult for judicial authorities to trace. Victims are required to use a credit card to purchase USDC on Bitget, with the 5-8% transaction fee explained as a reasonable market cost.
At the core of the scam is a carefully designed phishing website, registered on July 16, 2024, and only accessible via mobile browsers. After connecting their wallet to this website, victims can see daily interest returns of about 1%. Unlike traditional scams, these returns are real; the fraud group indeed transfers money into the victims’ wallets, significantly boosting trust.
The fraud group then designed phased supply chain activities to gradually guide victims to increase their investment amounts. In the first phase, achieving 50 USDC would yield a return of 68 USDC, allowing victims to taste the sweet rewards.
The second phase requires an increase to 1,100 USDC, equivalent to approximately 35,000 New Taiwan dollars. Once victims complete this phase, the fraud group suddenly raises the requirement to 5,000 USDC.
The final trap is designed quite cleverly. When victims refuse to continue investing, the scammers use pop-up windows on the website to entice them to participate in the “Bounty Compound Reward Program.” This program claims that 7,000 USDC must be reached to unlock funds; if the goal is not achieved by the deadline, the principal cannot be retrieved, and additional fees will be incurred. This design leverages the sunk cost fallacy, putting victims in a dilemma.
Key Points of Technological Upgrades
This scam’s technological upgrades are primarily reflected in three aspects.
- Completely avoiding digital traces: Scammers guide all operations through voice calls, leaving no traceable text or screenshot evidence, significantly reducing the risk of being apprehended by judicial authorities.
- Cleverly utilizing legitimate platforms to build trust: Scammers guide victims to use the well-known foreign exchange Bitget, allowing (credit card) transactions to occur overseas, avoiding Taiwan’s financial regulatory system, as well as the Taiwan-friendly Web3 wallet KryptoGO. Both the wallet and exchange are legitimate applications downloaded from official app stores, further lowering victims’ guard.
- Providing real profit displays: Unlike traditional scams that only show fake figures, this fraud group indeed provides real interest returns, resulting in actual increases in victims’ wallet balances. While this approach incurs higher costs, it significantly boosts victims’ trust, preparing for subsequent large-scale fraud.
Analysis of Psychological Manipulation Strategies
The fraud group also demonstrates a high level of professionalism in psychological manipulation. They gauge victims’ internet experience by asking about their Tinder usage habits and apply different wording and strategies tailored to different types of users. For users with less online experience, they are more direct; for experienced users, they take a more roundabout approach.
Scammers also leverage the psychological state of victims during periods of unemployment, packaging the investment as an opportunity to improve their economic situation. They moderately exhibit concern, inquiring about the victims’ financial conditions and future plans, establishing a friend-like relationship. This emotional connection allows victims to lower their guard and accept the scammers’ investment recommendations more easily.
When victims begin to express doubts, the scammers skillfully change the subject or provide more “professional information” to alleviate concerns. They even recommend legitimate bank loan products to increase their credibility. This meticulous psychological manipulation makes it difficult for victims to realize they are being scammed.
Blockchain Tracking Findings
Through blockchain analysis, we discovered that this fraud group lacks professional experience. After the scam succeeded, they did not immediately transfer the funds; approximately 8,000 USD remained in the scammers’ accounts. This suggests they may be users purchasing scam kits rather than a professional technical team.
This finding offers a glimmer of hope for fund recovery but also exposes a larger issue: there may be professional scam toolkit suppliers in the market that standardize and sell the scam process to various fraud groups. This commercialized scam model exacerbates the prevalence of fraudulent activities and makes them harder to eradicate.
Prevention Recommendations and Considerations
Faced with such sophisticated scam techniques, traditional prevention education may no longer be sufficient. We need to establish protective mechanisms on multiple levels, including technical defenses, educational outreach, and regulatory cooperation.
On the technical front, what we can assist with is establishing a real-time blacklist mechanism that can identify and intercept known scam websites. When users connect to unknown DApps, we will display clear risk warnings to remind users to prioritize safety.
In terms of education, we need to inform the public that normal DeFi annualized returns typically range from 4-10%. Any project promising high daily returns should raise significant alarm. Furthermore, investment opportunities encountered through dating apps, regardless of how professionally packaged, should be approached with skepticism.
In regulatory cooperation, it is recommended to establish emergency contact mechanisms with overseas exchanges to quickly freeze related accounts in the event of a scam. Additionally, enhancing cooperation with international law enforcement agencies will improve the efficiency of handling cross-border fraud cases.
The high knowledge threshold of Web3, along with improvements in wallet UX, provides scammers with new tools and opportunities. As industry practitioners, we have a responsibility to continuously improve security mechanisms to protect users from fraud. At the same time, we hope to raise public awareness of new types of scam techniques and enhance their prevention capabilities through sharing these cases.