Opinion articles present diverse opinions and do not represent the position of WEB3+
This article is written from the first-person perspective of the author.
A Carefully Designed Scam: A Complete Breakdown of Scamming Techniques
Recently, our company has received numerous requests for help from users. With the consent of the parties involved, I conducted an in-depth analysis of this case and discovered that the scamming techniques have evolved to a shocking extent.
This scam method is completely different from traditional LINE group investment fraud. The fraud group has adopted multiple technical upgrades, including completely avoiding digital footprints, using legitimate platforms to establish trust, and providing real profit demonstrations. The difficulty in preventing this method is extremely high; even we industry insiders believe that the existing protective mechanisms need to be re-evaluated. Behind every successful scam, there may be a family suffering financial losses. I hope that through the detailed analysis of this case, we can help everyone understand the new scamming methods and protect their friends and family from being deceived.
Comprehensive Analysis of Scamming Techniques
The fraud group first contacted the victims through the Tinder dating app, building a trusting relationship during their idle time while unemployed. The scammers would cleverly ask the victims about their duration of use on Tinder, thereby assessing the victim’s alertness and experience regarding online scams. Users who have been on Tinder for a shorter time typically have less exposure to scams and are more easily targeted.
To establish trust, the scammers would share local life photos from Kaohsiung and even provide local information such as class cancellations, creating a realistic living background. More cleverly, the scammers would proactively remind victims not to click on unfamiliar links, emphasizing that all applications should be downloaded from the App Store, which ironically increased the victims’ trust in their professionalism and responsible attitude.
After establishing a preliminary trust, the scammers began to guide the victims into investment topics. They emphasized the legitimacy of Web3 and DeFi, packaging the scam as an opportunity to learn emerging technologies, fully utilizing the victims’ curiosity and thirst for knowledge, convincing them that this was a learning and investment opportunity.
The subsequent operation process showcased the technical upgrades of the fraud group. The scammers completely guided the victims through voice calls to download and set up various applications, including the Bitget exchange and KryptoGO wallet. The brilliance of this approach lies in leaving no text or screenshot evidence, making it difficult for judicial authorities to trace. Victims needed to purchase USDC on Bitget using a credit card, with the resulting 5-8% transaction fee being explained as a reasonable market cost.
The core of the scam lies in a carefully designed phishing website, registered on July 16, 2024, which can only be accessed through mobile browsers. After victims connect their wallets to this website, they can see daily interest returns of about 1%. Unlike traditional scams, these interest returns are real; the fraud group indeed transfers funds into the victims’ wallets, significantly increasing trust.
The fraud group then designed phased supply chain activities, gradually guiding victims to increase their investment amounts. The first phase only requires reaching 50 USDC to receive a return of 68 USDC, allowing the victims to taste the sweetness of profit.
The second phase requires an increase to 1,100 USDC, equivalent to about 35,000 TWD. After the victims complete this phase, the fraud group suddenly raises the requirement to 5,000 USDC.
The final trap is designed quite cleverly. When victims refuse to continue investing, the scammers use website pop-ups to lure them into participating in the “Bounty Compound Prize Activity.” This activity claims that 7,000 USDC needs to be reached to unlock the funds; if the goal is not achieved within the deadline, the principal cannot be withdrawn, and additional fees will be incurred. This design exploits the sunk cost fallacy, putting victims in a dilemma.
Analysis of Technical Upgrades
The technical upgrades of this scamming method are primarily reflected in three aspects.
- Completely avoiding digital footprints: The scammers guide all operations through voice calls, leaving no traceable text or screenshot evidence, significantly reducing the risk of being caught by judicial authorities.
- Skillfully utilizing legitimate platforms to establish trust: Scammers guide victims to use the well-known foreign exchange Bitget, allowing the (credit card) funds to occur overseas to evade Taiwan’s financial regulatory system, along with the Taiwan-friendly Web3 wallet KryptoGO. Both the wallet and exchange are legitimate applications downloaded from official app stores, further reducing the victims’ wariness.
- Providing real profit demonstrations: Unlike traditional scams that only display false numbers, this fraud group indeed provides real interest returns, causing the victims’ wallet balances to increase. Although this method incurs higher costs, it significantly enhances the victims’ trust, preparing for subsequent large-scale fraud.
Psychological Manipulation Strategies Analysis
The fraud group also demonstrated a high level of professionalism in psychological manipulation. They would assess the victims’ online experience by inquiring about their Tinder usage habits and adopt different rhetoric and strategies for different types of users. For users with less online experience, they would be more direct; for experienced users, a more roundabout approach would be employed.
The scammers would also exploit the psychological state of the victims during unemployment, packaging investments as opportunities to improve their financial situation. They would show appropriate concern, inquiring about the victims’ financial status and future plans, establishing a friend-like relationship. This emotional connection made it easier for victims to let down their guard and accept the scammers’ investment suggestions.
When victims began to express doubts, the scammers would skillfully change the subject or provide more “professional information” to alleviate concerns. They would even recommend legitimate bank loan products to increase their credibility. This meticulous psychological manipulation made it difficult for victims to realize they were being scammed.
Blockchain Tracking Findings
Through blockchain analysis, we discovered that this fraud group lacks professional experience. After the fraud was successful, they did not immediately transfer the funds; approximately 8,000 USD remained in the scammers’ accounts. This indicates that they might be users of scam package services rather than a professional technical team.
This discovery provides a glimmer of hope for fund recovery but simultaneously exposes a larger issue: there may be professional scam toolkit suppliers in the market who standardize and sell the scamming process to fraud groups around the world. This commercialized scamming model exacerbates the prevalence of fraud and makes it more difficult to eradicate.
Prevention Suggestions and Considerations
In the face of such sophisticated scamming methods, traditional preventive education may no longer suffice. We need to establish protective mechanisms from multiple levels, including technological protection, educational advocacy, and regulatory cooperation.
On the technological front, we can assist in establishing an immediate blacklist mechanism to identify and intercept known scam websites. When users connect to unknown DApps, we will display clear risk warnings to remind users to pay attention to safety.
In terms of education, we need to raise public awareness that normal DeFi annual returns typically range from 4-10%, and any project promising high daily returns should raise significant alarm. Additionally, investment opportunities encountered through dating apps, regardless of how professionally they are packaged, should be approached with skepticism.
In terms of regulatory cooperation, it is recommended to establish an emergency contact mechanism with overseas exchanges to quickly freeze relevant accounts when fraud occurs. At the same time, strengthening cooperation with international law enforcement agencies can enhance the efficiency of handling cross-border fraud cases.
The high knowledge threshold of Web3, along with improvements in wallet UX, provides new tools and opportunities for fraud groups. As industry practitioners, we have a responsibility to continuously improve security mechanisms to protect users from fraud. At the same time, we hope that through sharing these cases, we can raise public awareness and prevention capabilities against new scamming methods.