The report released by Certik, is a reminder of the level of risk crypto platforms face from the dark web. For as little as $8, rogue actors can purchase Know Your Customer (KYC) details, the report revealed.
With the rising popularity of cryptocurrencies, scammers are now finding a safe haven in the anonymity they provide.
The number of bad actors requesting payments in crypto is rapidly rising. Statistics provided by ACC Australia reveal that its citizens have lost over $300M in investment and crypto scams this year alone.
Most scams involve getting the victim to transfer cryptocurrency to the perpetrator’s wallet address for what appears to be a legit investment opportunity.
KYC identities in the dark web
Regular KYC checks are an annoying process honest retailers have to undergo to access services from centralized platforms. While basic checks take hours to complete, more detailed checks take days to complete depending on the workload.
The checks are a huge barrier to rogue actors attempting to showcase scam projects or rug pulls, a deeper inquest by Certik however suggests a different narrative.
Determined criminals can blackmail victims into providing identity checks, the dark web provides a less strenuous way to obtain real identities.
The report revealed willing sellers from developing countries providing KYC services at a fee. The fee ranged from $8 for basic verification and significantly higher if the buyer required KYC from a country with low risks of money- laundering. Sellers easily made $20 to $30 from a deal.
On certain instances, we found some KYC actor roles, such as acting as the CEO of a crypto project, paid up to 500 USD a week. Our explorations show that the global prevalence of these OTC marketplaces is significant, with an above average concentration in South-East Asia and group sizes ranging from 4,000 to 300,000 members
Certik report
The investigators identified over 500,000 willing buyers and sellers involved in the trade.
Role false identities in Crypto scams
The number of retail users defrauded by crypto scammers is rapidly rising. Developers today masquerade scams as legit projects using face identities to capture the trust of their users.
As revealed in the report, for $500 a week, developers can easily manage a community without the risk of exposing their identities which would carry high legal risks.
Notable rug pulls include the OneCoin case, where users lost up to $15B. Others include AnubisDAO ($58M), Uranium Finance ($50M), DeFi100 ($32M), Meerkat Finance ($31M), Snowdog DAO ($30M), and StableMagenet ($22M). The level of stress and financial losses by investors who put their money into these projects is insurmountable
The role of the identity actors in the dark web is not to provide privacy or freedom to the buyers, but particularly to defraud investors. The sad reality is that investors do not have the expertise to determine the authenticity of the developers behind these projects. It is even sadder that most of the current KYC compliance techniques used by most platforms are too amateur to tell fake from real identities.
Fake identities can lead to very serious consequences, fraudulent users bypass their verification process, leverage these identities to mislead and scam additional investors, and escape accountability for their crimes.
Common crypto scams
Cryptocurrencies are the choice mode of payment because they are unregulated, untraceable and irreversible.
Investment scams: imposter managers promise high returns on crypto investments, they win the trust of the victim and steal their funds once they ‘invest’.
Pump and dump: scammers hype up new digital assets that inherently have no value with promises of high price growth. Investors buy into the dream by buying the coins, the imposters later sell their stake leaving investors with worthless coins.
Phishing scams: malicious links to fake websites promising high returns on investment, or stealing user credentials to steal funds from their wallets.
Ponzi schemes: a structured form of investment where funds from new investors are used to pay out old investors. The system eventually becomes unsustainable and the rogue developers make away with investor funds.
Mining opportunities: these are commonly targeted to novice investors who are not familiar with how blockchain technology works. The investors are duped into purchasing mining software and hardware that are run remotely with the promise of high mining rewards.