Feds seize $1.4 million of tech support scam proceeds with the help of crypto firm

Avatar

The cryptocurrency company Tether seized $1.4 million on behalf of U.S. law enforcement investigating a tech support scam targeting elderly citizens, the company announced Tuesday — as it attempts to burnish its reputation amid accusations that its USDT coin is the currency of choice for online fraudsters.

The U.S. Attorney’s Office of the Northern District of Illinois announced the seizure on Friday and “acknowledged Tether for its assistance in effectuating the transfer of these assets.”

“The company will continue to voluntarily assist law enforcement agencies to help protect the safety and security of its users and the broader crypto community,” Tether said in a release.

According to a January affidavit requesting permission to seize the funds, the ongoing investigation involves a tech support scam in which cybercriminals pose as Microsoft or Apple employees after a popup on a victim’s computer alerts them that their device is compromised and that they should call the companies for assistance.

“The scheme has affected individuals located all over the United States,” the affidavit said.

In one case, a victim called a number purportedly for Apple support after a popup alert appeared on his computer. They convinced him that his Social Security number had been compromised, his financial assets were in jeopardy and that he should transfer his funds to a so-called “treasury account.”

As part of the elaborate scheme, the scammers provided a letter with the fake signature of Federal Reserve Chair Jerome Powell saying that a “fraud prevention officer” would complete “Revalidation of… bank accounts and financial assets.” They also provided a fake letter from the bank holding the victim’s retirement account instructing him to liquidate the funds and transfer them to the supposedly secure account.

He was then instructed to install a program allowing for third-party remote access and to “leave a phone line ‘open’” throughout the day to monitor activity. The scammers told him to make wire transfers to two banks that had agreements with Crypto.com, where he set up accounts.

He was instructed to install the digital currency wallet Exodus and ended up transferring $3 million to $4 million to several accounts before following the same process for his wife’s accounts as well, which he was told could be compromised.

Much of the funds were then transferred to USDT, a stablecoin that is pegged to the U.S. Dollar, and then transferred elsewhere by the cybercriminals. According to the affidavit, the FBI identified wallets holding funds stolen from five victims, which Tether froze at their request.

After “burning” the funds, Tether reissued “the equivalent amount of USDT tokens associated with each address and [transferred] that USDT to a government controlled wallet.” According to the FBI, tech support scams inflicted losses of more than $924 million in 2023.

Tether and law enforcement have partnered in the past to seize illicit funds. In November, the Justice Department announced the seizure of $9 million in USDT stolen from more than 70 victims in so-called pig-butchering scams.

The same week, Tether announced that it had “voluntarily” frozen USDT worth $225 million “linked to an international human trafficking syndicate in Southeast Asia responsible for a global ‘pig butchering’ romance scam.”

A sweeping United Nations Office on Drugs and Crime report on transnational crime in Southeast Asia recently found that USDT “has become a preferred choice for regional cyber fraud operations and money launderers alike due to its stability and the ease, anonymity, and low fees of its transactions.”

The company responded directly to the report, saying its partnerships with law enforcement provide for “unparalleled monitoring, surpassing traditional banking systems that for decades have been the vessel for laundering substantial sums.”

This week, Tether announced that the circulation of USDT had passed $100 billion for the first time.

CybercrimeGovernmentNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

EU Parliament passes AI Act in world’s first attempt at regulating the technology

Next Post

HHS to investigate UnitedHealth and ransomware attack on Change Healthcare

Related Posts

LottieFiles Issues Warning About Compromised “lottie-player” npm Package

LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to release an updated version of the library. "On October 30th ~6:20 PM UTC - LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code," the company said in a
Avatar
Read More