Have you become the victim of an online or phone based scam that has resulted in you losing a lot of your net worth through cryptocurrency? Are you desperate to get a recovery? Are you wondering what you should do and who can genuinely help you? Maybe you have even gone to the police and have been told “sorry, we can’t help you.” In this article, I highlight many of the barriers to cryptocurrency scam recovery, the lies fake cryptocurrency recovery scammers tell you, and why the amount of cryptocurrency you have lost matters to your chances of recovery.
Cryptocurrency Scams
The type of cryptocurrency scams I am addressing here are scams that have, through one way or another, convinced you to part with your cryptocurrency or given access to someone who can steal it. Broadly speaking, this has happened either through:
- You voluntarily transferring your cryptocurrency to a wallet that you thought was ‘safe’, and it isn’t, or
- You transferring your cryptocurrency to a person’s wallet who you thought was someone different to who they really are, or
- You have handed over your private key or secret recovery phrase to someone under a false pretext, or
- Your private key or secret recovery phrase has been stolen.
There are other ways to have your cryptocurrency stolen, such as through malicious smart contracts, hacks and other computer and software based attacks, but in this article I have the first four types in mind.
How Cryptocurrency Recovery Can Not Happen
Let’s start with dealing with some false assumptions and narratives that are NOT true.
There are always two sides to every coin, or so the cliché goes. And this is true with cryptocurrency. With crypto, one of the big benefits is that you can quickly transfer wealth, with a minimum of controls and no middleman, anywhere in the world nearly instantly. It’s what’s called a “trustless” system, and it puts a lot of financial transaction power back into your own hands. No authority keeps watch; there’s no one to stop you making mistakes and when a transaction is completed, it exists forever on the ‘black box’ of the blockchain (of whichever cryptocurrency you are using).
So unlike credit cards, there are no charge backs.
Unlike fiat going from your bank account, you can’t ask the bank to cancel the transaction or request the receiving bank refund your money because of a ‘mistake’.
With cryptocurrency, once it is done, and confirmed, it is permanent.
So let’s address some of the lies that recovery scammers tell you:
CHARGE BACK SCHEMES ARE FAKE
If anyone tells you they can recover your cryptocurrency through a chargeback like with a credit card, they are lying. Please, run the other way of anyone who tells you this. They are recovery scammers.
A chargeback on your credit card will not happen even if you have purchased cryptocurrency with your credit card, and then sent it to the scammer. This is because the purchase of the cryptocurrency was legitimate and lawful and therefore can not be charged back. What you did with the cryptocurrency is not the responsibility of the credit card company.
REVERSE HACKING THE SCAMMERS IS ILLEGAL
Unauthorised access to someone else’s software, hardware, digital wallet etc, is illegal. Yes, even if the money contained within it is yours.
Sometimes recovery scammers suggest using reverse hacking, which probably involves breaking the law. This can result in exposing you, the victim, to becoming a party to a crime. This is a very dangerous path to tread. Don’t do it. If your case does get into the hands of law enforcement (which it can even if you don’t report it, because there will be other victims, and they may report it), then the evidence that you authorised a crime to take place could land you in very hot water.
So don’t.
BRIBING OR NEGOTIATING WITH THE SCAMMERS
Recovery scammers may also tell you that they will find the scammers, and bribe or negotiate with them into agreeing to return some of cryptocurrency. Rexxfield has been in cyber investigations since 2008, and we have never heard of this happening. Not once.
Firstly, bribery is illegal, so don’t go there. The second problem is identity. While we can identify the wallet addresses, and ‘follow the money‘, it is another story to identify who owns the wallet and then gain some kind of leverage from which to be able to negotiate a partial recovery. Most scammers know they hold the advantage, and any threat of passing on their details to law enforcement is not even close to being enough power from which to negotiate from.
If a self-proclaimer recovery agent says they can gather enough evidence to negotiate with a scammer, don’t believe them. Unless your scammer is extremely stupid and/or naive, it won’t work.
FORCE AN EXCHANGE TO RETURN YOUR CRYPTO
Recovery scammers may also tell you that they will ask the cryptocurrency exchange to freeze the wallet that contains your crypto and have it returned to you.
In principle this MAY be possible, for a while. Rexxfield has had some success asking exchanges to freeze wallets, but it can only ever be done for a short time (like a few days), and getting a permanent freeze requires the heavy hand of the law. So in theory, yes, but in practice it does not happen. This is because there are a number of problems which are not easy to overcome:
- Your crypto may have gone through an exchange, but it is probably not at an exchange anymore. So if it’s not at the exchange, the exchange can not freeze the wallet and return it to you,
- Many exchanges are morally corrupt if not legally so. Unless there is a LEGAL LAW ENFORCEABLE requirement to act against wallets in their system, they will be very reticent to do so,
- In addition to point 2, if an exchange is based in a non-western country and you are in a western country, then the exchange may be virtually untouchable. They will not comply with a request from a recovery agent, because they don’t have to and there is unlikely to be a leverage that can be used to compel them to,
- In the case of the bigger exchanges, they are process driven. Compliance and process driven, and the bigger they are and more ‘western’ they are, then the more they work under compliance and process. So they will not ‘listen’ to a recovery agent, even when the agent provides the exchange proof that stolen crypto is residing at their exchange. They will only listen to requests that come through the right channels, which is almost always through legal avenues – such as subpoenas and court orders – in their domicile.
So that is a lot of bad news right?
In reality, the above bad news helps to keep you safe from recovery scammers, who tell you to pay them and then disappoint you with no results.
They only plausible way to gain recovery of your crypto is through law enforcement, subpoenas and prosecution.
Read that again so you get it.
Any legitimate recovery model must include law enforcement. This is Rexxfield’s success formula:
Rexxfield’s formula: Crypto + OSINT + Social Engineering + Subpoena
If a recovery agent tells you anything different, RUN THE OTHER WAY and don’t give them any time or money.
HOW RECOVERY REALLY HAPPENS
RECOVERY THROUGH LAW ENFORCEMENT
This is not legal advice. None of it is, and neither am I not legally trained. This is just Rexxfield’s long experience talking.
Allow me to share the basic process of how cryptocurrency scam recovery can happen:
1. Gather the Evidence to Meet The Burden of Proof Test
At Rexxfield, we hold licenses and certifications for some of the world’s leading blockchain tracing tools (same ones the FBI and Secret Service uses). We use these to undertake a forensic blockchain investigation to ‘follow the money’ from your wallet to the scammers wallet and across the ecosystem. We also undertake Open Source Intelligence (OSINT) to search for digital breadcrumbs across the normal internet and Dark Web, to build a picture of who, what, when and where. This all comes together into an evidence package which is prepared for law enforcement.
2. Passing Evidence Package to Law Enforcement
Our evidence package consists of an inhouse developed report that is tailor-made for law enforcement (LEA). Co developed by our highly experienced team, our ex-FBI liasion officer, with constant improvement from current law enforcement feedback, finds an LEA home for your case. LEA receive the report and all the evidence we have gathered, which they they then proceed to replicate (connecting the dots that we have already discovered). This saves LEA upwards of 80 hours in investigation time in meeting the burden of proof requirement.
3. Investigation begins
When an investigation begins, the law enforcement officer engages directly with the victim. In time, hopefully a decision is made to send an affidavit for a warrant to get the identity of the scammer from an exchange (under KYC, CTF and AML rules) through which the cryptocurrency has passed through.
4. Prosecution and Execution of Seizure
If the law enforcement execution looks water tight, hopefully a prosecutor will agree to pickup the case. All going well, and if the cryptocurrency is still (at least in part) at the exchange, then the prosecutor will push for a court-issued warrant, issued to the exchange for a freeze and seizure of the stolen cryptocurrency.
5. When is my Recovery?
This does NOT mean you will get a quick recovery. At Rexxfield, we have at least one case where the crypto wallet was frozen by court-order for over a year, and still no recovery of money to the victim. The crypto is still sitting there, locked up tight, but recovery is still pending. Why? well one reason is that the proceeds of crime can be held in evidence for quite some time. The victim who initiated the investigation is unlikely to be the ONLY victim, and so there can be valid claims by many persons for the same assets. As you can imagine, this makes disbursement of claims a complex problem that takes time to work through.
Frustratingly, this path is slow, and so if you have lost cryptocurrency to a scammer, do not expect a quick outcome.
But the legal path is the most reliable, but there are still no guarantees.
No Guarantees
It’s not new news that crypto currency scams are increasing at an alarming rate, and at a rate that is not being matched by increased training and funding for law enforcement.
The FBI IC3 website stats for 2021 were:
– USD$6.9billion in victim losses to 2021
– 2,300 new complaints per day (over 840,000 in 2021)
– 550,000+ new complaints per year (5 year average)
Not all of the above were involving crypto, but these were all cyber crimes. Let’s do some simple math to see what these statistics mean:
If each complaint takes 100hrs of investigation, then that is:
– 84 million work hours in one year
– an average working year has 2100 work hours per agent
– so to process that many cases in one year would require 40,000 full time cyber agents
– sadly there is currently less than 1500 FBI cyber agents, so each agent is expected to do the work of 26 agents.
– each agent would therefore need to process a case in less than 4 hours to keep up!
With those sort of figures, is it any wonder that there is stiff competition to get your particular case investigated?
So with that volume of complaints, it has become painfully apparant that law enforcement must prioritise the cases they take on.
And it’s why what Rexxfield does is so valuable, because we dramatically cut down the 100 hours of work, enabling the same number of agents to take on more cases. Perhaps take yours. A known quantity case that requires, say 25 hours of work compared to an unknown quantity 100 hour case…
Which would you choose?
WILL RECOVERY BE LIKELY IN YOUR CASE?
The criteria by which law enforcement use to decide which cases to take on and investigate is both a sensitive topic and constantly moving. It also changes between local and federal agencies.
The FBI, for example, with the above highlighted caseload, probably has a different criteria for which cases to take compared to the Secret Service, RCMP or your local Sheriff.
At Rexxfield, we also have to make some assumptions to determine which cases we take on and which ones we do not. It has been a sobering experience for us telling victims who seek our help, that while yes we could have taken your case last year, but this year the goal posts have changed and we no longer, in good conscience can.
We are very conscious of victims contacting us full of hope of a recovery, and then finding after a lot of money and work, that our law enforcement liaison officer can not find a LEA agency to accept the case. When that happens, the hope of the victim plummets.
It’s one thing to have lost your life savings, but to add salt onto those wounds through disappointment is something we try at all costs to avoid.
REALISTIC EXPECTATIONS
That is why, my friend, you must have realistic expectations about your chances of recovery.
The chances of recovery for a case that meets all the right critera is already slim, long and frustrating.
But if your particular cases has any of these criteria, then your chances drop much further – certainly with the overloaded federal law enforcement agencies:
-
If your loss is less than above USD$250,000 (not including fake ‘investment returns’, which were never real). This value is moving, but is what we (at time of writing) use as a threshold, or
-
The scammer is traced to a domicile that law enforcement in your country can not reach, or
-
The crypto is traced to a location that can’t be reached by law enforcement, or
-
You are in a country where your law enforcement does not accept our reports, won’t work with private investigators or is so poorly trained that your case will go nowhere.
If the above criteria applies to your case, then we will advise against undertaking an expensive recovery focused full investigation service with a managed handover of the evidence package to federal law enforcement.
Your only real path is local law enforcement, who MAY be able to take your case (if you can find one with the skills, motivation and low caseload).
If your case is not accept by us, and you still want to pay for an investigation, then we will provide you with a much cheaper investigation report, and hand it over to you. But it will be at your prerogative, discretion and responsibility to try and find a local law enforcement agency who will take it and investigate on your behalf.
Without us finding a home for it, the cost is substantially reduced for you.
BUT PLEASE UNDERSTAND THAT LAW ENFORCEMENT OF ANY KIND WILL LIKELY SAY NO IF YOUR CASE IS LOW VALUE OR THE BAD ACTOR AND THE CRYPTO IS IN A COUNTRY THEY CAN’T REACH.
Conclusion about Cryptocurrency Recovery Chances
Cryptocurrency scammers currently have the upper hand because of the sheer volume of scams and the pressure that applies to law enforcement. Unless your case is high value and both you and the bad actor are in locations that law enforcement can act, and/or the cryptocurrency is in an exchange where it can be frozen, then recovery will be nearly impossible to achieve.
If you want to pursue recovery anyway, then we can do the investigation for you, hand you the report, and leave it with you to find a police department to take your case. If you go down this path, and you are successful, then you can be rest assured that we will support you through every step. We will provide assistance to the law enforcement agents when asked, we can ghost write subpoenas, will provide expert witness in court and we also provide pro-bono training to law enforcement agencies.
One last word of hope: Sometimes there is hope even if law enforcement initially reject your case. This is because other victims may come forward. For example, if we find 5 victims who have each lost $100k each, but together make a total loss of $500k, then is total easily exceeds the threshold above which a federal investigator will act. So when you ask us to do an investigation, we seek your permission to keep your data, so that later we can reach out to you again if we can connect you to other cases.
So despite the doom and gloom, there is a chance that even a small crypto loss can be recovered.
But with a little luck, hard work and a lot of patience, hopefully your case will be one of those that come to a successful conclusion.
Further Reading:
For more information about cryptocurrency recovery scammers, see: https://rexxfield.com/money-recovery-phishing-scams-targeting-past-victims/
To file a cryptocurrency scam report, please do so here: https://rexxfield.com/cryptocurrency-crime-report/
