Cryptocurrency is on the path to mainstream adoption, thanks to the emergence of new use cases in web3 and ongoing efforts to regulate this nascent asset class. However, more crypto adoption also means cryptocurrency-related crime is on the rise. While growth in the legitimate usage of cryptocurrency vastly outpaces illicit usage, the growth of the asset class overall leads to large increases in the raw dollar value of illicit crypto transactions. As I have spoken about previously, you can’t have trillions of dollars move into a new asset class and not attract criminals, grifters, and malign actors.
There’s a common misconception that tackling cryptocurrency-based crime is solely in the domain of large national-level law enforcement agencies or elite cybercrime units. While that has been true for cases with national security implications such as the ransomware attack on Colonial Pipeline or crypto hacks by North Korea, that outlook misses an important fact: Cryptocurrency-based crime affects communities big and small around the world, and local agencies can take immediate action with the right tools and training. As an example, we’ll look below at how crypto scamming affects everyday people in jurisdictions around the world, and discuss how local law enforcement agencies can equip themselves to address it effectively.
Crypto scams carry enormous monetary and human cost
Scams are the biggest form of cryptocurrency-based crime, with over $26 billion taken from victims between 2017 and 2021.
So far in 2022, scammers have collected over $3.5 billion from victims — still a huge sum, though on pace to come in below 2021’s total. Another important piece of information: In 2022, the average victim transfer to a scam wallet is just over $1,000. That tells us two things:
- Even accounting for some people paying into scams multiple times, crypto fraud is impacting millions of victims
- Most of those victims are likely average, everyday people with just a bit of extra cash to spare
Given the sheer numbers, it’s highly likely that any law enforcement agency, including the smallest of local agencies, can count amongst their populations victims of cryptocurrency scams. A quick scan through local news sites reveals the human cost of these frauds. £1,500 from a university student in England. $4,500 from a Flint woman tricked in a Bitcoin ATM-related fraud. $80,000 in savings down the drain for a 58-year-old Tennessee man. Sadly, there are many more cases with victims all around the globe, and more are being uncovered daily.
The situation may be even worse in emerging markets. So-called “pig butchering scams,” which combine elements of romance scams and phony investment opportunities, cost Americans over $400 million in 2021 and the U.S. is not alone. It is a global problem. Victims the world over are being defrauded in this manner. In fact, as Chainalysis CMO Ian Andrews covered in a recent podcast, many perpetrators of these scams are victims themselves, trafficked from countries in Southeast Asia by powerful organized crime rings and forced to spend long hours scamming residents of wealthier countries.
Contrary to popular belief, you don’t need to be an expert on cybercrime to investigate many of these scams. With the right tools, you can go from one easily obtained piece of information — such as a victim’s cryptocurrency address — to getting the information necessary for a subpoena to unmask the scammer in as little as a few minutes. Let’s look at an example.
In June 2022, the U.S. Department of Justice announced indictments against the team behind EmpiresX, a cryptocurrency business that claimed it could guarantee investors high returns with a proprietary trading bot. In reality, EmpiresX appears to have been a Ponzi scheme that took in nearly $100 million from victims (some in cryptocurrency, some in cash).
Imagine if somebody reported to your department they were defrauded by EmpiresX. If they shared their Bitcoin address or the hash associated with a transfer they made to the scam, you could easily look up the transaction and visualize it using Chainalysis Reactor, as we see below.
We can see that between November 19 and 30 of 2021, this victim sent just under $20,000 worth of Bitcoin to EmpiresX. Where do we go from here? How do we identify the people behind this alleged scam? Simple: Like the old maxim says, we follow the money. Using Reactor, we can look at where EmpiresX sends the funds it takes in, and thanks to the permanence and transparency of the blockchain, we can do it faster and more comprehensively than we could in a traditional financial investigation.
The goal of any crypto scammer is to eventually convert the stolen funds back into fiat currency they can spend, but this can only be done through centralized cryptocurrency exchanges — think common brand names like Coinbase and Kraken — all of whom are subject to anti-money laundering (AML) compliance procedures like Know-Your-Customer (KYC), similar to banks. We can look through EmpiresX’s transaction history in Reactor to find instances of its wallet sending funds to a deposit address — similar to a bank account — at such an exchange. Law enforcement can subpoena the exchange to learn who controls that address. Check out the example we can find with a bit of digging below.
On August 30, 2021, EmpiresX sent over $110,000 worth of Bitcoin to a deposit address at a compliant cryptocurrency exchange (which we’ll leave unnamed in this blog). Armed with this insight from Chainalysis data, a law enforcement agency could subpoena that exchange to learn who controls that deposit address. This would likely be the first step in unmasking the operators of EmpiresX. After that, the investigation would continue to unfold in logical fashion incorporating a host of traditional investigative techniques. Investigators could also use similar blockchain analysis techniques to identify other potential victims of the scam, and see how widespread the fraud is.
None of the initial work described above required expert knowledge in cybersecurity or how cryptocurrency works. Of course, not every inquiry will be so straightforward, which is why additional training and knowledge of crypto fundamentals are necessary. But the low hanging fruit is there. Lots of active scams stealing billions from users around the world — potentially in your jurisdiction — can be identified and investigated today using the techniques shown above. Blockchain analysis tools and training from Chainalysis can help you start tracking down those bad actors and potentially recover victim funds. That last point is especially important — U.S. law enforcement and tax agencies have seized over $10 billion USD worth of cryptocurrency from criminals since January 2021.
Local Law enforcement agencies large and small have the power to investigate crypto crime
Scams aren’t the only form of cryptocurrency-based crime that local law enforcement agencies need to be thinking about. Ransomware attackers frequently target schools, hospitals, and other forms of critical infrastructure across the world. Darknet markets and narco-trafficking groups flood our communities with illegal drugs. These crimes are eroding trust, poisoning our cities, and raising costs of doing business as governments and industry struggle to counter them.
The diversity and impact of these threats underline the importance of blockchain analysis training for local and regional law enforcement. Criminals are causing billions of dollars in damage each year right in our own communities. Local and regional agencies can successfully investigate these cases with the right tools, data, and training.
About the author: Gurvais C. Grigg is a bilingual technology executive and recognized thought leader with over 28 years of public and private sector experience leading complex organizations, investigations, and technical programs. Gurvais retired from the FBI after 23 years and joined Chainalysis as the Global Public Sector Chief Technology Officer (CTO). He is responsible for connecting global governments with the cryptocurrency industry and providing them with the best data and tools to manage risk, address threats, and conduct effective investigations.
Not Investment or Other Advice
This material is for informational purposes only, and is not intended to provide legal, tax, financial, or investment advice. Recipients should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with Recipient’s use of this material.
No Endorsement of Third-Party Links
This website contains links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.
No Guarantee of Accuracy
Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in this report and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.