Skip links

More victims of fake crypto investor scam speak to The Register

Exclusive When Ahad Shams detailed on Twitter how his company was scammed out of $4 million in cryptocurrency after a face-to-face meeting, Chris Hunter immediately recognized what was going on.

Only weeks ago, Hunter fell victim to the same con apparently run by the same group. Having contacted Shams after reading his story in The Register, Hunter quickly learned that there are more victims out there.

“We are by no means the only people this has been happening to,” Hunter told The Reg. “It seems to date back to 2018, but it takes slightly different forms each time.”

Shams, co-founder of Web3 metaverse gaming engine Webaverse, wrote that while rounding up venture capital for his startup, he was contacted by someone in November 2022 representing a wannabe investor. After a few weeks of negotiations, he flew to Rome to meet the so-called investors in a hotel lobby.

The scammers convinced him to shift $4 million in crypto into a Trust Wallet account he set up and, somehow, in the course of the face-to-face meeting, they were able to steal the money and disappear. Shams still doesn’t know how they stole the money.

Another victim comes to light

The con was similar to what Hunter – co-founder and CEO of UK-based Coin Publishers, a crypto-focused publishing and data services company – went through over a couple of weeks in January.

Like Webaverse, Coin Publishers was looking for VC backing when Hunter was contacted in mid-January through LinkedIn by someone calling himself “Stefan Fölmli” from CH Development, a company in Switzerland. “Fölmli” said he represented a wealthy individual who wanted to invest.

They talked about the business model, financial projections, and other aspects of the company and fielded questions from “Fölmli.”

“Everything seemed to check out,” Hunter told The Register. “We didn’t see the guy initially on camera, but he was very confident. We are very new to the whole VC thing. The conversation eventually turned to them getting a [10 percent] commission for raising these VC funds. We thought that was a bit unusual, but we were very clear we’re not paying a penny in commission until we’ve got our promised $2.2 million in the bank.”

Eventually “Fölmli” suggested meeting at the El Palace Hotel in Barcelona. Hunter and two other executives – brothers Jonathan (sales director) and Michael Kennedy (operations director) – flew to Spain on January 27.

They met late that morning with a well-dressed man calling himself “Bartolomeo Moreno,” a wealth manager. After an hour discussing the business and financials, “Moreno” suggested meeting for drinks later that night.

They sat at a table in the bar with “Moreno” and another man calling himself “Richard Janssens” on one side and Hunter and the Kennedys on the other.

This is where things went sideways.

“They brought up the subject of that commission,” Hunter said. “They wanted to know how they were going to get it. They wanted it in Bitcoin. They wanted us to create an empty Exodus wallet, which we did.”

The Bitcoin request seemed odd, but the two men said they wanted to avoid paying taxes, Jonathan Kennedy told The Register. They said they wanted to run a test transaction by sending $10 in Bitcoin into the new Exodus wallet. To do that the miscreants said they needed to get the QR code of the wallet, so Hunter turned his phone to face the two men, with one using his phone to scan the code while the other talked to the Coin Publishers execs, a ruse Hunter believes was done to distract them.

Fewer than 30 seconds later they returned the phone to Hunter and sent the $10. Hunter and the Kennedys returned to the UK, and the following Monday the so-called investors said the deal was on and they needed $206,000 commission in Bitcoin in the Exodus wallet, to be distributed after the paperwork was signed.

Hunter put the money into the wallet and 45 minutes later it was gone.

It only takes seconds

“In those 15 or 30 seconds that they had my phone, it only takes five steps to get to the screen in Exodus where you can take a picture of the seed phrase,” giving them access to the wallet, he said. “Because it was a brand new wallet, the wallet wasn’t secured because I guess I didn’t have any reason to think that it needed securing there and because there was nothing in it. I secured it on my phone when I got home, but by that point, they’d already gotten the seed phrase.”

Until this week, an ashamed Hunter and Kennedy kept quiet about the scam. However, they contacted Shams after reading his story and he brought them into a Telegram group of other business people who have been taken in by the same con, sometimes for millions of dollars.

“The things we have seen in the last 24 hours are toe-curling, absolutely shocking,” Hunter said, adding that one person talked about being drugged at the meeting, and another contemplated suicide after losing $450,000. “We are by no means the only people this has been happening to.”

The stories of others

That is true. As The Register noted, NFT entrepreneur Jacob Riglin, founder of Dream Lab, wrote a Twitter thread in 2021 about $90,000 in crypto being stolen from him following a meeting with fake investors in the same Barcelona hotel.

The same year, Belgian entrepreneur Frederik Van Lierde wrote a blog about almost being scammed by a fake VC. It had all the same markings: a cold call from someone about a possible investment, a website that checked out, the right questions being asked, and a meeting in Barcelona.

Van Lierde wrote that warning signals went off when the people started talking about being paid a “management fee” in Bitcoin ahead of the $10 million investment. He pushed back and soon got a message that the deal was off.

His conclusion: “When discussing investment deals, never, yes never, pay a management fee or any other fee upfront.”

Hunter said that based on what he’s seen in the Telegram group, there are probably a dozen or so victims that come from North and South America, Turkey, Malta, and other regions. Group members are exchanging information and photographs of the crooks and some are recognizing men in the photos as those who took their money. They are young men, well dressed, and bearded. Hunter said their accents were hard to place.

“Fred [Van Lierde] ID’d the guy that scammed us,” Hunter said. “But this is a much bigger gang. We’ve got multiple pictures of individuals, but there are definitely common individuals that are doing it.”

Fraudulent accounts

He said a key problem is how easy it is for people to set up fraudulent accounts on social networking sites like LinkedIn, which can help give scammers an air of legitimacy.

Last year, FBI Special Agent Sean Ragan told CNBC that fraud on LinkedIn was a “significant threat” to both users and the platform, adding that “there are many potential victims, and there are many past and current victims.”

In the same article, LinkedIn officials said there had been a recent increase in fraud on the site and that in 2021, the Microsoft-owned company removed 32 million fake accounts from the platform.

It’s unclear how many victims from the Telegram group have reported the thefts to law enforcement. Shams said he alerted the police in Rome and the FBI. Hunter said he eventually reported it to UK authorities and had heard from others that Italian police “seem very interested.”

But until something breaks, Coin Publishers and the rest of the victims are nursing huge losses.

Some victims don’t want the negative publicity that comes with admitting they’ve been scammed, worried that it will hurt their chances of raising money. Others are embarrassed. Hunter and Jonathan Kennedy understand that. They’re still trying to raise money for their startup but worry that VCs may look at them now as a greater risk.

They also are gun-shy. They’ve been conned once already. How can they trust that the next person they’re talking to is legitimate?

A scary part is how many of these people being conned are in the tech industry, Hunter said.

“We are technical people,” he said. “There was no way anyone was going to pull a scam on us, and yet they did… When you talk about people being scammed, it’s not normally individuals as technical as us. It’s normally your everyday, non-IT person. For people like us to be getting scammed at this level of sophistication, we thought we had our bases covered.

“But we didn’t.” ®