Our firm is seeing a sharp increase in fraud using “screen sharing software” from Anydesk, Teamviewer and Screenleap and cryptowallets used to siphon off money.

investment fraud

This is a new form of investment fraud, which begins with arousing interest in complex investments (Forex, CFDs or cryptocurrencies). The criminal organization uses an investment website where the duped person creates an account. In reality, this is a boiler room; in fact, there are no real investments being purchased. By creating a fancy website, investments are fictitious while in reality there is nothing.

Ghost company

The criminal organization is after the duped person’s money and the so-called investments are only a way to elicit payments from which no investments are purchased. The idea is to get this money to the scammers. This happens without the duped person noticing, because the duped person first sees his investments increase in value (so that he invests even more). Because the investment firm does not really exist and is a ghost company, they cannot simply open an official bank account as a starting point for siphoning off the loot, so they have to come up with another way. Banks must abide by all kinds of rules to open a bank account, and criminal organizations cannot meet the bank’s requirements.

Roadblocks via crypto currency

The new method used by the boiler rooms is that the duped person must open a “wallet” into which money is deposited from his or her bank account. This is often simply done through “Ideal.” This wallet can be opened at a company registered in the Netherlands (such as Litebit, Coinmeester, Bitvavo, Coinmerce) but also at a large foreign company (such as Binance, Kraken, Coinbase or Bitpanda). These are billion-dollar companies, used by scammers to carry out their crime and siphon off the loot. From the money deposited in the wallet, cryptocurrencies are purchased, for example bitcoins. These can be compared to money, in that they can be transferred away to another “wallet,” which again is controlled by the criminals. Eventually, the crypto-currencies that are stored away can be redeemed again, for example, in cash that is no longer traceable.

Screen sharing software

In addition, the duped person must install screen sharing software, such as Anydesk, Screenleap or Teamviewer, for example. This is legal software, which can be abused. Here it is stated that this is necessary to “help” with the fake investments. In reality, this allows the criminal organization to get its hands on the wallet’s password. Without the duped person realizing it at the time, the friendly account managers of the fake investment company can operate the wallet. Then the cryptocurrencies present in the wallet are transferred away to other wallets controlled by the criminal organization. In practice, it is very difficult for police to recover these cryptocurrencies. In theory, transactions in the “blockchain” can be well tracked, in practice this is disappointing; for example, there may be swapping in different coins, or shredding, and thus in the end, cash is often withdrawn.

How do you recognize this type of fraud?

  1. Paying for investments via cryptocurrency is not normal, it is a sign of fraud. A reliable investment company can just go to a bank. Ask yourself why an investment firm cannot turn to a bank.
  2. Screen sharing software such as Anydesk, Teamviewer and Screenleap should only be used if you know someone personally and can trust them 100%. If someone you know only by phone asks you to use screen-sharing software, then you are probably dealing with a scammer, who wants to get his hands on your password.
  3. If you do trust someone, ask yourself whether you would also give them your debit card and PIN. If the answer is no, then you should not use screen sharing software either.
  4. If you study the investment website carefully you will discover that things are not right. For example, the company is not at the address where they say they are. The account managers also never use their own names.
  5. If someone else opens a wallet for you and directs you to an account that is already in your name, so all you have to do is deposit, then it is 100% certain to be fraud. The normal steps to open the account in your name are then skipped. You probably previously sent a scan of your passport when you became a client of the investment website, and the account was opened that way. So then they also know your password. Your digital wallet is then wide open.

Background articles/more reading?

This type of fraud is common internationally. If you want to know more you can read the following publications;

Fraud via Anydesk over GBP 25,000,000 in the UK (Fintelegram):

https://fintelegram.com/stay-alerted-uk-consumers-lost-25-million-with-screen-sharing/

Cryptowallet Binance widely used for money laundering (Reuters):

https://www.reuters.com/investigates/special-report/fintech-crypto-binance-dirtymoney/

Warning from Anydesk:

https://anydesk.com/nl/abuse-prevention

Declaration

If you are dealing with this type of fraud, you should at least report it to the police. It is also wise to change your passwords and have your computer checked for malware. You are dealing with cybercrime. The criminals are taking advantage of the lower security of some crypto wallets. For many of these wallets, knowing the password is sufficient. You don’t have the extra step of a code through a separate device that you do with Internet banking. Some wallets do allow you to set those but beware, criminals are inventive and will try to get that code into their device.

What can a lawyer do for you?

In specific cases, we can seek compensation from the wallet on your behalf. We think this is possible if the wallet in your case is hosted by a company that is not allowed to operate in the Dutch market, and there are quite a few of them – the crypto world is still young and sometimes does not adhere to legislation, which is still evolving, but sometimes it is very clear. Therefore, if you were (unknowingly) a customer of an illegal broker, that is also an opportunity for an aggrieved person to receive compensation. Examples of these types of illegal companies operating in the Netherlands while prohibited are Coinbase, Kraken, Binance, Exodus and Bitpanda. Whether this succeeds is uncertain, as this type of fraud is new and there are no rulings from judges yet. These are international lawsuits against wealthy companies that break the law. In the cases we are currently dealing with, the damages are between EUR 100,000 and EUR 500,000. If in your case there is a wallet that is registered with the Dutch Central Bank (check here) we can often do nothing but in some cases we can do something; it depends on details and is customized.

Our specialist: Marius Hupkes