What to do if you fall victim to a crypto scam
What Investigators Need to Get Your Money Back
The surge in Bitcoin Doppler scams advertised through prominent social media channels marks a noticeable surge in crypto scams targeting the general public, many of whom are unlikely to be familiar with cryptocurrency or the ubiquitous nature of these scams are. Blockchain analytics and cryptocurrency investigation services like CipherTrace can help these victims get the information they need to potentially get their money back.
Step One to Recovering Your Crypto – Find Your Transaction IDs (TXIDs)
Before investigators can start tracking your assets, they will need all of the transaction IDs that identify the funds you sent to the scammers. These transaction IDs allow investigators to “follow the money” and see exactly where your coins are going. While it is still possible to conduct an investigation without transaction IDs, knowing them will speed up any investigation and reduce potential complications.
How to identify a transaction ID
On most blockchains, a transaction ID (TXID) is a unique sequence of letters and numbers that represent a record of the movement of cryptocurrency from one address to another. This can sometimes be referred to as a transaction hash. This hash identifies the date and time, send addresses, receive addresses, transaction amounts, fees and more. For example, a Bitcoin transaction hash is displayed as a 65-digit hexadecimal number, as shown below.
A visual representation of a Bitcoin transaction.
Depending on the purse or wallet you are using, you may need to dig deeper into your transaction information to find the transaction ID as shown below.
To find the transaction ID in a BRD wallet, users need to click “View Details” to view the additional transaction information.
I cannot find my transaction ID
Not all exchanges and wallets provide you with TXIDs. However, since most blockchains are public, you should be able to find them yourself through blockchain explorer websites like blockchain.com.
With Bitcoin as an example, start by finding the address you sent your Bitcoin to and pasting it into the search bar on the Blockchain Explorer website. This will show all inbound and outbound transactions to and from this address. To find your Transaction ID, there are two things you should look for:
- Appointment time
- Amount sent
If the date / time and amount received match your transaction, you can identify your transaction ID by looking up the hash associated with the transaction, as shown below.
My transaction ID does not match my address when I search in a blockchain explorer
If you think you’ve identified your transaction in a blockchain explorer by comparing the date / time and transaction amount, but the sender address does not match your sender address, don’t panic. If you’ve transferred your funds from your account on a cryptocurrency exchange, your deposit address on the exchange will rarely be the same address that is used for outbound transactions. This is because of the way cryptocurrency exchanges typically group outbound transactions to maximize cost efficiency. What you’re likely to see is an address associated with one of the exchange’s hot wallets. While funds appear to be sent and received to your account on an exchange, these systems are typically all internal and do not reflect actual movements on the blockchain. Instead, exchanges typically move transactions in and out of their hot wallets to best satisfy customer transactions by grouping orders to minimize the number of outbound transactions while maximizing cost efficiency to keep fees down for users.
The above illustration shows how exchanges move funds on the blockchain by grouping outbound transactions. Because of this, funds leaving an exchange are likely to have multiple inputs (send addresses) and multiple outputs (receive addresses). If you’re sending funds from an exchange, don’t be alarmed if you see this type of activity while looking for your address on a blockchain explorer.
Step Two to Recovering Your Crypto – Write your narrative
A clear and concise description of your incident will add color to your case and help the investigator understand the flow of money. Important information to include on your report is:
- all transaction IDs,
- from where you sent your cryptocurrency (private wallet, Exchange X account, etc.),
- where you thought you were sending your money (offender’s private wallet, arbitrage account at XYZ, etc.) and),
- all the details about the scam and the scammers.
In addition, law enforcement agencies usually require proof of ownership of the original source of funds. Please make sure that you still have access to any accounts that you originally used to send money to the scammers.
Step three to recovering your crypto – contacting investigators
CipherTrace offers two services to victims of crypto theft and fraud. In the event of a major loss, CipherTrace Professional Services can assist you with every aspect of the recovery, from investigating, helping law enforcement agencies draft their subpoenas, to giving testimony to support our analysis.
Minor thefts can use our Defenders League to assist with asset recovery, where our team of investigative interns will provide you with the information law enforcement agencies need to open an official investigation.
If you are a victim of crypto theft or fraud, you can contact us here: https://ciphertrace.com/bitcoin-scam-and-theft-asset-recovery/
I got hacked. Do these steps apply to me?
Yes! Investigators will still need the transaction IDs for the hack and a full narrative to contextualize their trail.
Next Steps – Contacting Law Enforcement Authorities and Reporting to IC3
The reporting mechanisms for cybercrime such as crypto fraud vary from country to country.
In the United States, you can contact your local police department to file a complaint. You can also report the crime to the Internet Crime and Complaint Center (IC3) at https://www.ic3.gov/.
In Europe, Europol is a great resource to find your country’s reporting website: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online. For Member States without a dedicated online option, Europol recommends contacting your local police station to lodge a complaint.
When it comes to lost cryptocurrencies, the likelihood of successful asset recovery depends on several factors including the amount lost, the obfuscation techniques used, and whether or not the funds have moved to a regulated exchange. While the CipherTrace Defenders League handles most cases, regardless of the amount of cryptocurrency lost, many law enforcement agencies have thresholds for investigation. Filing your complaint with your federal government will increase your chance of asset recovery in case a major investigation is ever opened against your fraudster.