Crypto scammers are using black market identities to avoid detection: CertiK

Published at: Nov. 18, 2022

Crypto scammers have been accessing a “cheap and easy” black market of individuals willing to put their name and face on fraudulent projects — all for the low price of $8, blockchain security firm CertiK has uncovered. 

These individuals, described by CertiK as “Professional KYC actors” would, in some cases, voluntarily become the verified face of a crypto project, gaining trust in the crypto community prior to an “insider hack or exit scam.”

Other uses of these KYC actors include using their identities to open up bank or exchange accounts on behalf of the bad actors.

According to a Nov. 17 blog post, CertiK analysts were able to find over 20 underground marketplaces hosted on Telegram, Discord, mobile apps, and gig websites to recruit KYC actors for as low as $8 for simple “gigs” like passing the KYC requirements “to open a bank or exchange account from a developing country.”

Pricier jobs involve the KYC actor putting their face and name on a fraudulent project. CertiK noted that most actors are seemingly exploited as they are based in developing countries “with an above-average concentration in South-East Asia” and paid around $20 or $30 per role.

Meanwhile, more complex requirements or verification processes could fetch an even higher asking price, particularly if the KYC actors are residents of countries considered a low money laundering risk.

Some roles paid up to $500 a week if an actor was to play the role of CEO for a malicious project but the KYC actor market was “marginal” compared to the market for already KYCed bank and crypto exchange accounts according to CertiK.

Crypto to fiat — or vice-versa — conversions were also cited as a significant percentage of the transactions seen on these marketplaces with CertiK calculating that more than 500,000 members in marketplace sizes ranging from 4,000 to 300,000 were buyers and sellers on these black markets.

Related: Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021

CertiK warned that over 40 websites claiming to vet crypto projects and offer “KYC badges” are “worthless” as the services are “too superficial to detect fraud or simply too amateur to detect insider threats.”

They added the teams behind these websites are “missing the needed “investigation methodology, training, and experience” meaning these badges are then leveraged by scammers to mislead the community and investors.

That being said, the industry has been working hard and is gaining ground in its fight against crypto scammers. A tool released in October by traditional finance giant Mastercard combines artificial intelligence and blockchain data to help find and prevent fraud.

Contrary to popular belief, the open nature of blockchain transactions means it’s harder for fraudsters to hide the movement of funds. Another recent example has been the work of French authorities using on-chain analysis to find and charge five people who stole nonfungible tokens (NFT) through a phishing scam.

Tags
Kyc
Related Posts
Cardano Foundation Warns About Suspicious Activities in Japan
The Cardano Foundation — the organization behind major cryptocurrency Cardano (ADA) — warned that a suspicious firm is trying to rake in investments by claiming it has contacts with the foundation. On July 9, the foundation stated that someone claiming to be from or contracted by crypto exchange BTCNEXT professes to personally know the Cardano core members as a way to reassure that investments will be safe. A BTCNEXT representative told Cointelegraph that the person in question does not have any relationship with the company. In fact, she said that they are familiar with the individual behind the claims and …
Altcoin / July 9, 2020
India: Police Arrest Suspects in Alleged $14 Million Crypto Scam
Law enforcement in Mumbai, India have exposed a group allegedly involved in a cryptocurrency scam that amassed an estimated 1 billion rupees (nearly $17 million), local media outlet The Times of India reports on Feb. 17. The case reportedly led to the freezing of several accounts in the country and to the arrest of four individuals — Sanjay Sontakke, Rajnikant Kumavat, Alpesh Barodia and Kirankumar Panchsara. According to The Times of India, the police are also looking for a fifth suspect, Ashok Goyal, who reportedly played a key role in the alleged scam. The complaint that led to the four …
Crimes / Feb. 17, 2019
Crypto Thief Indicted in New York’s First SIM Swapping Prosecution
Manhattan’s District Attorney (DA) announced the indictment of an individual for stealing identities and funds, including crypto, via a process known as SIM swapping. The announcement was made in an official press release from the Manhattan District Attorney’s Office on Feb. 1. The defendant, Dawson Bakies, has been accused of stealing the identities of over 50 victims in the United States, and also stealing funds from some of them. The 20-year-old man has been charged with identity theft, grand larceny, computer tampering and scheme to defraud among other charges in a New York State Supreme Court indictment. According the Manhattan …
United States / Feb. 2, 2019
PlusToken Effect: Alleged Asian Exit Scam to Blame for Market Decline?
In the last week of November, the saga of an alleged crypto Ponzi scheme that has been lingering for more than half a year took a new turn. A hobbyist blockchain researcher reported on Twitter that he’d tracked almost 200,000 BTC that had gone missing over the summer, when several million people invested in PlusToken — a South Korea-based exchange and a high-yield investment program — found themselves unable to withdraw their money. The researcher suggested that the embezzled funds have been gradually dumped on crypto exchanges, potentially suppressing Bitcoin market price. Here’s what is known about the monumental scheme …
China / Dec. 3, 2019
British Army’s social media accounts hacked by crypto scammers
The British Army’s official Twitter, Facebook and YouTube accounts were breached on Sunday for almost four hours, with scammers promoting rip-off nonfungible token (NFT) collections and cryptocurrency scams. Just after 2:00 pm EST on Sunday, the United Kingdom Ministry of Defence (MOD) Press Office tweeted it was aware the Army’s social media accounts were compromised and had begun an investigation. Nearly four hours later, close to 5:45 pm EST, the Office provided an update that the account breaches were resolved. The British Army's official Twitter account also apologized for the posts, saying it would conduct an investigation and “learn from …
Defi / July 4, 2022