Most heartbreakingly, my client lost her husband following a heart attack and was manipulated by an individual in a Facebook group called “I Miss My Husband” into transferring over £500,000 worth of tether (a stable coin designed to hold value to the US dollar) to a fraudster.
Funds were traced to individuals in South East Asia, with certain physical addresses including a human organ harvesting facility in Myanmar, which resulted recovery of funds.
This is not merely naivety – rather, these are highly sophisticated scams that prey on emotions, utilise data that is designed to instil trust, or by virtue of a small mistake, like phishing.
All too often, it seems there is no recourse for victims. However, it is not only possible but in fact a real and effective process.
Tracing shadows
The first step is to instruct investigators who utilise blockchain analytics software to trace the funds.
Where a victim has paid a threat actor (the thief/scammer) in cryptocurrency, there will be an immutable public record of the transaction including the blockchain address receiving the funds, and a transaction identifier.
Some might point to issues in tracing, like mixing services that seek to obfuscate the movement of funds. The trend leans to shutting these down these facilities – consider the now sanctioned Tornado Cash.
Also mixing software can largely be undone by unmixing software, subject to the obfuscation processes and technology available. However, in any event, it must be remembered that the focus here is not on the who, but on the assets themselves, their movement and their whereabouts.
Like those examples given above, organised criminal gangs use cryptoassets to extract funds from victims, then convert into fiat money as part of the laundering process. They utilise cryptocurrency exchanges, which convert those gains into local currencies, at the demand of their money mule customers.
Investigators can see that the funds moved from the threat actor’s address to several other addresses and landed at an exchange. The exchange is then put on notice that it has the proceeds of crime, and requests are made about its customers’ identities, usually provided subject to a court order.
Helpful ghosts
Importantly, substantive claims and injunctive relief (orders to freeze assets) can be obtained against a hypothetical category called persons unknown (PU). In doing so, we can use ghosts to our advantage.
In this instance, there are usually two: PU who committed the act, being the threat actor (D1) and PU who received the proceeds of the misappropriated funds, being the customer of the exchange (D2).
