Skip to main content

AnChain.AI recently assisted an international law enforcement agency in cracking down on a scam operation that exploited public fear of coronavirus. This investigation, which is still ongoing, was covered in part by CoinDeskSpanning across East and Southeast Asia and still-developing as of this moment, we have already identified over $2 million worth of cryptocurrencies within the fraudsters’ expansive money-laundering network, primarily denominated in USDT (Tether stable coin pegged to US Dollar) but also Bitcoin and Ethereum.

As fears of the spreading coronavirus threat continued to intensify it was inevitable that, sooner or later, malicious individuals would exploit the rising panic for their own personal gain. With governments already cracking down on unscrupulous price-gouging by crafty vendors, it was only a matter of time before these same exploitative individuals turned to a more difficult-to-trace method of payment.

Figure: The USDT cryptocurrency money laundering flow by the coronavirus scammers, in Feb 2020.

The scammers utilized a multitude of tactics to acquire these ill-gotten gains, but most commonly peddled medical and health-maintenance supplies, many of which are due to become increasingly scarce as the coronavirus has disrupted supply chains around the globe.

While protective clothing, drugs, and other assorted healthcare supplies have all been seen on the scammers’ menu, the most popularly peddled item has, thus far, proven to be medical-grade facial masks, of which there has been a dramatic shortage for weeks. While many of the leading experts on the topic question the efficacy of these medical facial masks in preventing transmission, the fact remains that these fraudulent sellers are unquestionably preying on the panic of the public.

Scam as illustrated in the flow chart:

The typical scam flow is below:

  1. The scammer posts a sales notice for highly in-demand items on public forums, social media platforms, or e-commerce websites(Amazon, Ebay, Alibaba) as 3rd party sellers.
  2. The scammer leaves some sort of off-platform instant message ID like WeChat, WhatsApp, drawing users away from platform protections.
  3. Desperate potential customers contact the scammer for purchase details.
  4. The scammer provides instructions for payment, either bank wiring or, as we so often observed in this case, USDT or other cryptocurrency payment, justified to the customers by the scammer being located in a different country.
  5. The scammer promises to deliver the products upon receiving the crypto payment, but usually don’t even have inventory and continuously delay the shipment or deliver counterfeit products.
  6. The scammer wires received cryptocurrencies into exchanges to cash out. Most will utilize sophisticated money-laundering tactics to obscure their trail and reduce the risk of criminal investigation.

The AnChain.AI team urges everyone to be aware of fraudulent campaigns preying on coronavirus related panic. We plan to continue our collaboration with local and international authorities in any way possible, to prevent the exploitation of decentralized currency for criminal means.