Crypto scams or with great power comes great responsibility

If you’re a fan of the friendly neighbourhood Spider-Man, you might know the expression. When Peter Parker, the boy/man behind the mask, gets bitten by a spider and gets all these super powers, he is reminded by his uncle that he should use these to help people and fight evil as nothing in life comes for free and in this case together with the ability to be super strong and crawl up walls, Spider-Man has to accept his responsibility.

What does this have to do with Cryptocurrencies? Well, we get to that but to do so I need to explain a few things. Each week, we at PlanetCompliance, calculate and publish The RegTech Top 100 Power List, a list of the most influential RegTech firms based on their reach across social media and the Internet. One RegTech firm that has recently climbed the ranks as far as #2 last week is Coinfirm, an AML/CTF platform for Cryptocurrency and Blockchain transactions that recently ran a successful ICO. One of the reasons Coinfirm does so well on the RegTech list is, because they are quite active across social media, especially with the Twitter account they created for their token, AMLT by Coinfirm / @AMLT_Token. If you are familiar with Twitter, you know that you get notifications if people retweet your messages or mention you in their conversations (plus a number of other things). Following the announcement of the latest update of our list, Coinfirm used the occasion to share the good news of their second place with their community, which is great. After all, the objective of the list is to contribute to the discussion about RegTech and how it can help being compliant with regulations.

The genuine tweet

Oh, and please don’t forget…

 

 

If it sounds to good to be true…

Shortly, after there were more notifications arriving from AMLT by Coinfirm advising everyone not to forget “our giveaway of 5000 ETH”. That’s about €250,000, so you start to wonder why they would do that. All you had to do is click on the link and send some Ether to the wallet address indicated there and you would get back ten times the initial amount.

Simply copy the address and be defrauded

Well, if something sounds too good to be true, it most probably is not true. In this case it’s just the latest of a number of scams that has been going around for a while, including Ethereum founder Vitalik Buterin supposedly giving away free Ether if you send him some first. If you’re not familiar with Twitter, then let me explain how it works:  An issue with Twitter is that while each username is unique, the name that gets displayed is not. That’s for good reason as people genuinely can have the same name and surname. So, if you take a close look the account that has replied to the original response (and subsequently spammed our account with more replies), you will notice that the username actually is a slight modification of @AMLT_Token (e.g. AML_Tioken or AMLT_Token41or AMILT_Token), but the display name and the logo are the same and can easily be confused.

One of the fake Twitter accounts

So, what does that mean for Spider-Man? Well, with growing popularity Coinfirm and Vitalik Buterin obviously run the risk to be used by fraudster to abuse the their reputation. Does it also mean that they have the responsibility to keep an eye about whether someone is trying to make a quick buck with their name? Possibly, but that only my opinion and there are obviously limits as to what you can do. It certainly would be nice if Twitter was a little bit more diligent about who uses their services and for what purposes, but that’s all part of a wider discussion about the responsibility of social media. It is definitely down to every single one of us to be careful in the crypto world. The same principles as in all financial transactions apply, but in particular since it is still a field that attracts criminals, so a bit of common sense goes a long way.

As for the fraudsters, according to Etherscan they managed to collect almost 13 ETH (about €6,500) with this scam as 19 people fell for it. However, how much they actually made is difficult to say since they use different addresses (and probably different “celebrities”), the actual gain/damage is much higher though and there is little you can do about it. If you are one of the credulous, you can’t undo the transaction as everything that is written on the blockchain is set in stone (unless you manage to convince the majority of the token holder to hard fork as in the case of the DAO and turn back time).

As for PlanetCompliance, all we can do is share a warning with our community (something you might consider, too, if you come across this kind of scam) not fall for this. Coinfirm has done the same, but maybe it might have been a good idea to alert Twitter immediately (if they haven’t) to block the accounts that try to impersonate them and defraud people, though the question is how long Twitter takes to respond. We’ve reported the accounts we were aware of and are currently waiting for a reply from Twitter to see what they intend to do about it. You might want to do the same as well report any additional suspicious users as it may increase the pressure to act on Twitter.

All that remains to hope for is that with the growing maturation of the cryptocurrency industry and education of the public, people become more prudent and fraudsters less successful.

 

P.S.: The quote might originally be from Voltaire but that apparently depends on how you translate the original French. So, we decided to stick with Spider-Man and hope all Francophiles can forgive us!