AFUE – Prevention: the exchange scam

Related

Share

Scams have always existed, just like it happens with human beings, they evolve. Today we live in a period where this type of risk can come from anywhere. Through the development of my profession, I try to help mitigate the risk, because, often, 0 risk does not exist: for this reason, one can only study and become aware, be careful – possibly always maintain an adequate level of guard – and avoid “looking for” trouble.

Years ago I started offering my know-how and the desire to study to the Association: often I find that unfortunately we look for problems.. and we continue to look for new ones.

This article applies to

  • who contacts you by phone
  • who contacts you via email, Whatsapp, Telegram, Facebook, Instagram, … (because, if you start responding to the first contact via email, or another system, the scammer will lure you, build empathy, and subsequently you will start talking on the phone: and what follows applies)

REMEMBER:

YOU are mentally waiting for someone to solve your problem: recovering your lost money.

AND THE SCAMMER KNOWS IT. VERY WELL.

Note Well: the article is long. And it is also boring. But, please, read it to the end, and if necessary, read it again, because it is easy to fall for this scam, while it is difficult (very, if not impossible) to recover your funds once you have sent them in this way to the scammer. I try to make reading easier for you with images and diagrams.

Perhaps not everyone knows that Value, today, is not so much and only tied to currency, but, above all, to Our data. Which we often do not adequately value.

In particular, it can happen to experience a scam, to lose money (a little or a lot, it is subjective).. and suffer the loss. This, mentally, is a “mourning”, which needs to be processed, because it can cause serious and further damage. More serious. It is necessary to learn to accept that loss. Referring to the sentence above, the main problem is the fact that we have “given away” our PERSONAL DATA in addition to the money, that there is a thriving market in the so-called black market, that those who have been scammed will be bombarded with calls from self-styled law firms and others, more or less.. linked to international entities thanks to which our money has been miraculously recovered: these are, all, inevitably, SCAMS.

I write this article in light of yet another development in phone scam: the recommendation is always to read the previous articles in the NEWS section of our site.

Why? Excuse me if I may switch to “tu”:

  • Because – always remember – there are only 2 (TWO) people who know about the scam you have suffered: YOU.. and the SCAMMER;
  • Because NO ENTITY, NO LAW FIRM, NO TECHNICIAN will EVER call you to tell you that they have found your money and help you recover it. Whoever calls you is ONLY and ALWAYS a scammer who wants to take more money from you. Accept the fact that NO ENTITY or LAW FIRM or anyone else WILL EVER CALL you. Never. NEVER;
  • Why someone calls you saying
  • Of course! Please provide the text you would like translated.

  • that tells you that they need a sum (bank transfer or cryptocurrency transaction) to unlock them…

HE ONLY WANTS TO SCAM YOU. AGAIN.

  • Why YOU MUST PSYCHOLOGICALLY ACCEPT that you have lost your money. IF you want to recover it, contact this Association or an accredited law firm to verify IF there are grounds to achieve restitution;
  • Because, as soon as you understand the meaning of the call, YOU MUST END IT IMMEDIATELY, because the attacker is trying to empathize with you. Every exchange you have with him allows him to obtain useful information to scam you again. He WANTS TO SCAM YOU.
  • Why never, Never, NEVER, NEVER should you allow a person who called you (meaning YOU did NOT call them), whom you do NOT know, who is NOT referenced, to remotely access your computer.

At the moment this person connects to your computer, THEY HAVE ALL THE TOOLS TO CARRY OUT THEIR SCAM AND DECEIVE YOU.

Your response, when the attacker tells you that they need to connect remotely to your computer is, simply, NO. N-O. Also because you should have ended the call minutes earlier.

An important note: if you have never, fortunately, experienced a financial scam, you might consider what follows as a mix of idiocy and naivety. Try to imagine the state of mind of a person who may be psychologically weak due to the lost money, in financial difficulties because of the scam suffered, who has always been told by investigators that there is no solution… this person is psychologically prostrated, desperate… and receives the call of an ANGEL who can solve the problem! This is the mood.

Let’s now come to the scam. Pay attention because the explanation is boring and technical. You reach this point ONLY IF you haven’t followed the above. It is quite trivial for a computer scientist, unfortunately for the rest of the people it is difficult to understand (when you experience the scam, and when they explain to you how they have stolen more money from you again. Your state of mind is a focal point on which the scammer builds their objective).

If you learn to follow the above advice, you have a good chance of “healing” and avoiding new scams… or at least scams of this type. Let’s go back to the scam experienced by our Associate:

  1. The client receives a call from the scammer, who pretends to be a foreign firm managing an FCA (or other entity) case related to their blocked funds. They are ready to provide (always false) documentation. They can even send their documents (?) to certify how correctly they operate…

How MUST you behave? After a few seconds, you thank, hang up the phone, block the number. If possible, add it to an antispam list.

  1. After some resistance from the Cliente, the attacker (truffatore) manages to deceive and convince them of the goodness of the phone call and its reliability: it is “in cottura”.

How MUST you behave? You are still in time: attack. The scammer has a document ready with all the exceptions that you raise to him, in order to deceive you (I insist on the term, because it is about deception).

  1. The Client’s defenses lower, the scammer manages to obtain the information: the Client makes cryptocurrency purchases on an exchange (fundamental information). He manages to get the name of the exchange in use. He tells him that it confirms what he already knew, that there are funds, IN HIS NAME, EXACTLY ON THE EXCHANGE THAT HE USES, only that they are blocked, that he cannot know! He and only he can show them to him… and explain how to get them. The “cooking” has reached a good point: FINALLY someone has found his money, has found a way to call him, has found a way to solve his problems, frustrations, fears, finally he can repair the roof, get married… It was so EASY!

Try to LIVE this situation, put yourself in the situation (instead of saying it can’t happen to you), listen to your body: you realize that you are getting fatigued, breathing poorly, your heart rate has increased. The scammer has filled you with adrenaline, AND you can’t take it anymore! YOU JUST WANT TO KNOW WHAT TO DO!!!

How MUST you behave? ATTACK THAT PHONE AND BLOCK THE NUMBER!!!

  1. The Cliente asks how to verify this thing: the truffatore explains that, VERY SIMPLY (this is another key. It’s trivial, you don’t have to do ANYTHING), just let him connect remotely to his computer, so he can show that everything is true: the Cliente is writing the tombstone on more lost money. Risk has reached 95%.

How MUST you behave? You have all the data in hand: they ask to connect to your computer. End the call, block the number. Remember that next time you MUST NOT get here.

  1. The Cliente consents to the remote connection, so as to be able to show what was being explained over the phone. It’s almost over. Bad

How MUST you behave? Try to snap out of the stupor, make up an excuse, the aliens that are taking you away, anything. But, please, end this phone call.

  1. The attacker connects to the PC (N.B. Windows, MAC, or a linux installation, it doesn’t make any difference: the scammers have all the procedures ready to scam you. These people run a business, nothing is improvised. The scammer acts with the goal of taking your money, there is probably also a monthly prize for those who manage to scam the most. You don’t know you are THE PREY)

Now I will explain to you, technically, the scam: it is a technical explanation, boring, I hope I can make you understand everything. Please, try NOT to reach this point. Then I will explain to you WHY THIS TIME IT DIDN’T WORK.

The scammer connects remotely to your computer

He tells you that he is loading a tool to highlight the real situation for you, or something like that. Remember that he is pressing you and now YOU ARE CERTAIN to recover your money THANKS TO HIM. He has you in his grip.

Upload a folder on the desktop. You do not know what is inside. He does.

He asks you which browser you usually use: the one with the green-red-yellow-blue ball, chrome, google!

OK. Open chrome, which you usually use (usually, for convenience, you save your passwords inside, ndr).

Click on the “3 vertical dots” at the top right and click on “Extensions”: it explains that, thanks to the connector of that exchange, which only they have, which is indeed called “Binance”, with the description “Binance Wallet Connector” (maybe you are checking what it is, you are sure not to get scammed again, maybe you also know English…), it is possible to detect those hidden funds blocked in your name. I am attaching the screenshots. In this case, the scam was on this exchange, but, of course, they have everything ready for any other exchange as well.

(obviously the scam can also be configured for other sites: through the answers that YOU have provided him previously, he has everything ready. There are no hitches, and everything is.. simply FANTASTIC)

Create this new connector, connected to the folder that was placed on your desktop. You are calm, because you are checking, they cannot scam you again, and the added connector has the icon of your exchange.

Now everything is ready! Connect to the exchange, and check!

In fact, you connect, go to your wallet, you see your “assets”… and this sum in Bitcoin has appeared! It also shows you the equivalent value. Exceptional!!! This good person whom you did not want to listen to was right! You have more than 82,000 euros in Bitcoin in your account, and you didn’t know it!!

But you CANNOT move them!!! What can you do?!??! Remember: you are now full of adrenaline. YOU WANT THAT MONEY!.

SIMPLE (again, once more, the answer is SIMPLE): just send them a practical management fee (€5,000, €8,000, 10% of the blocked amount…), typically in BTC, USDT, .., rarely by bank transfer, and he will immediately enable your money in the account!! WONDERFUL.

Remember, the voice of the scammer is always FIRM. There is never room for doubt: everything is ready to take more money from you.

BEAUTIFUL TRUE? BUT IF IT’S TOO BEAUTIFUL, TYPICALLY, IT’S NOT TRUE.

Did I manage to capture your attention? Yes? Now I’ll explain two things to you:

  1. How did it end with the Cliente of the truffatore (already our associate)
  1. I explain to you where the scam is, how it works, how to verify that it is a scam. And how to check.. if you want. Please remember that YOU MUST NOT REACH THIS POINT. STOP BEFORE. HANG UP THE CALL IMMEDIATELY AND BLOCK THE NUMBER.
  1. How did it end? THE CLIENT of the SCAMMER (our Associate) WAS NOT SCAMMED! By mistake. Or rather, simply because he did NOT have a congruent amount in his account on the exchange, he did NOT have cryptocurrency ready to make the payment, he did NOT have the required funds to proceed with the transaction. Our Associate told him to get back in touch at a later time.

This is a DEFEAT for the attacker, because they have to let go, the Client “cools down”, and there is a strong risk that they will not be able to complete the scam. The Client-Associate indeed contacted me, asked me how to access that money and, not accepting that it was a scam, I asked to connect to their computer: I showed them how the scam was devised.. so I was able to persuade them that the money did not exist in reality. UNFORTUNATELY, IT IS DIFFICULT TO ACCEPT NOT HAVING THAT MONEY.

  1. Where is the scam and how does it work. And what are the other critical issues.

First of all, the lecture: never let someone connect remotely, especially if you don’t know them and you didn’t seek them out, because they can upload anything to your computer and steal personal information about you. Information of any kind. Any.

It could also load “a program” that steals your data, money, encrypts documents, etc…

In this case, the truffatore has uploaded a folder containing JavaScript code (but you don’t know what it is). Inside in this case there are “only” some parameters that need to be read.

He asked you which browser you use: then he opens the “Extensions” of that browser and “maps”, connects that folder, so that reading those files is enabled, upon the occurrence of certain conditions. As I explained to you above: you are calm, because the name of the exchange is written on the added extension.

And now? Now you are cooked! You log in to your exchange… and “magically” you find that value! But why? Because in the program code, added to your browser extensions, it is written to insert that information into your page when you log in to the exchange. You cannot move or access that money, simply because literally, “it is just a writing” on the page. The exchange you use HAS NO RESPONSIBILITY whatsoever. That is just a writing that you have allowed the scammer to display at your login.

How to verify the scam?

But… how do you verify that it is a scam, in a simple way, if you do not have a background in computer science?

  • Log in multiple times with your account to the exchange, and you will see that the value in BTC, locked in your account, is always the same (obviously)… but the “countervalue” in euros IS ALWAYS THE SAME. It is impossible, because it should vary almost instantaneously, due to the currency exchanges;
  • Connect to the same exchange with another account, maybe a new one: you will see EXACTLY the same information. Strange…
  • Connect to the exchange using your account, but using a different browser from the one you usually use (EDGE, FIREFOX, OPERA, SAFARI, …): you will see that “MAGICALLY” you will no longer see your BTC blocked! Because the scammer has added the extension only on the browser you usually use! v^·´`◆•
  • Go online and search on the search engine for the value of Bitcoin in euros: there are many tools that allow you to enter the total of your locked BITCOIN (copy and paste what you see on your dashboard). You will notice that the equivalent value in euros is VERY different from what you read on the exchange. This is because the scammer cannot continue to modify the value set in the JavaScript file. (in the next patch of the code, they will fix this bug, also thanks to reading this article. It is quite trivial, but after all, we are only at version 1.0 of the code..)

Precautions

My personal advice, if you have reached this point, would be to close that “burned” account. By now the scammer knows too much about you. If possible, create a new email and make a new registration. You must first cancel your old account. At the very least, change the password and increase the security levels, but you may still encounter many other problems of various kinds.

Sad note

The worst thing is, always, having the awareness that these articles of ours are only an advantage for the truffatore, not for the people we want to protect. Why?

Why does the human mind not accept that all this is a scam and MUST BELIEVE that that money is real

Why these articles are read anyway by “Our Dear Scammer Friends”, who are

always ahead of us, and they use this information to refine the attacks.

Because too often the scammed person who contacts us has already been scammed, maybe they are already Ours

Associated. And for us, this is yet another defeat. Always.

Because while we SURVIVE with “a membership fee,” working for the protection of people, the fraudster “INVOICES” millions in any currency. Tax-free.

What does it mean? That, in addition to getting rich, they have an almost infinite budget to develop new scams.

Please help us help you: when you receive this call, HANG UP IMMEDIATELY and BLOCK THE NUMBER. You work hard to earn your money, they do NOT.

I’ll leave you a scheme to protect and defend yourself from scams: print it and make it yours! I recommend it!

Greetings from Alessandro Vailati Team AFUE!