This weekend a scammer tried his luck by reaching out to me on WhatsApp. It’s not that I don’t appreciate it, but trust me, it’s bad for your business.
I received one message from a number hailing from the Togolese Republic.
WhatsApp message from an unknow sender
> “Jay, your financial account has been added. Account Csy926. Password [********] USDT Balance 1,660,086.50 EUR: 592,030.92 [domain] Keep it in a safe place.”
I asked them to send the message in English, pretending not to understand Dutch, but received no reply.
But since it was a rainy day and I’d never seen this type of WhatApp scam before, I decided to investigate.
Sometimes it takes some effort, especially when the domain is blocked for fraud by your favorite security software, but nothing was going to stop me now from looking for my new-found wealth.
Malwarebytes blocked the domain for fraud
To fully understand the message, it’s good to know that USTD stands for Tether, a cryptocurrency referred to as a stablecoin because its value is pegged to a fiat currency. In the case of USTD the fiat currency is the US dollar. The link makes a stablecoin’s value less volatile than that of other cryptocurrencies, which is attractive for traders that like to switch quickly between cryptocurrencies and fiat currencies.
So, I visited the domain which, no surprise there, turned out to be a fake trading platform. I tried the login credentials which were so kindly provided to me.
Welcome to login
Once logged in I checked my wallet and lo and behold, I’m rich! (Or "Jay" is.)
Nice wallet
The wallet belongs to Csy926 who has VIP5 access and contains 1658670.31 USDT or $602,494.07.
I can either recharge, withdraw, or transfer my USDT tokens or transfer the cold hard cash in dollars. Knowing that in this type of scam the victim always has to invest a—relatively-small amount to get the bait, I knew what to expect.
The easiest way would have been if I could transfer the dollars to a bank account, so I tried that first.
Transfer form
Sadly, there were obstacles:
So, to be a recipient of a US$ amount, I’ll need a VIP1 level account on the same platform.
Sadly, that's not me. So I decided to see what I can do with the USDT tokens.
Withdraw form
The form shows a security tip warning users to fill in their withdrawal account accurately, as assets can't be returned after transferring them out. That sucks for Jay.
But all in all, that looks promising, but again there are some problems.
Looks like it’s time to read the FAQs. Fortunately, this has the answers to all the “right” questions.
What should I do if I forget my KEY?
Long story short. You set the key when you open the account, and it cannot be retrieved. But……if you have two VIP accounts you can transfer funds from the old account to your new account. And there is no need for a KEY if you have a VIP account. Considering Jay has a VIP5 account there lies an opportunity.
How to activate VIP?
And here comes the catch all of our regular readers saw coming by now, VIP accounts that are able to receive funds cost money. The cheapest—VIP1—requires a deposit of 50 USDT (roughly $50) which is not refundable and can’t be canceled. But with a VIP1 account I can only receive $30 per month and it’s only valid for 2 months. So, that’s not a big help when you are as rich as I am, sorry, Jay is.
VIP1 account is the lowest level and the cheapest
It would take me until the next ice age—4600 years—to transfer the entire amount at that rate, with the off chance that the rightful owner would drain the account or change the password as soon as they noticed the leak.
Any unsuspecting victim that has come this far and is willing to steal from the treasure dropped in their lap, now realizes that before they can enjoy all that money, they first:
We decided not to sponsor the scammers, so this is as far as we were willing to go, but we have a distinct feeling that along the steps we outlined there might be other fees and deposits needed.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.