It seems that cryptocurrency frauds are becoming a common thing in Asia. A huge XRP phishing scam was recently busted by the South Korean police and FBI. Two fraudsters stole over $800,000 worth of XRP from investors in South Korea and Japan. The operation resulted in the arrest of a 42-year-old computer programmer and his employer, the mastermind of the scam.
The first step in this XRP phishing scam was to replicate a Ripple exchange website. Then, fraudsters copied the real exchange’s email account. From it, they sent emails to users in which they warned them that their assets had been frozen.
Scammed users would click on a link in the email, which took them to the fake website. There, users entered their login details, which allowed scammers to collect those records. Later, they used this information to log in to real exchange website and take XRP.
24 Korean investors and 37 Japanese investors lost their crypto assets in this XRP phishing scam. Although the target of this scam were investors in Korea and Japan, FBI was involved since Ripple is a US company.
Victim Becomes Scammer
The twist in this event was related to the brain of this operation, who was also a victim of a scam. Supposedly, in 2014 he lost all his assets during an exchange hack. The investigation did not produce any results, so he decided it was time for revenge.
During his XRP phishing scam, besides contracting the programmer, he teamed up with a Japanese cryptocurrency exchange operator. He gave him user data (email accounts, affiliated exchanges, and 2FA status) that he needed for executing his scam.
His Japanese accomplice is still on the run, apparently hiding in Japan, and not directly reachable by South Korean police. However, Seoul’s cybercrime police division is collaborating with Japanese authorities on this case.
Legislative Issues Supporting XRP Phishing Scam?
Since this cryptocurrency phishing scam was first of its kind in South Korea it is interesting to see how authorities will solve it. The biggest problem is that scammer claims that he already spent all stolen XRP. Allegedly, he converted XRP to Korean won and used that money to pay for luxury accommodation and items.
In addition, as cryptocurrencies do not have the status of a legal tender in Korean law, police can’t confiscate his other assets. This all leads to the fact that the victims of the scam probably will not get their money back.
Perfect environment to create new scammers, isn’t it?
Cybercriminals Giving Free Crypto
As stated in the recent Kaspersky Labs report, cybercriminals stole over $2.3 million dollars via crypto scams in the second quarter of 2018.
The most popular way to scam users is to organize “crypto giveaways”. In these scams, the fraudster is asking a user to leave his crypto wallet info in order to receive free cryptocurrency.
As in Hansel and Gretel’s case, there is no free chocolate, or in this case, cryptocurrency.