en
Back to the list

Aurora Labs exec details 'fascinating and devious' crypto scam he almost fell for

Security

cointelegraph.com 08 August 2022 08:21, UTC
  
Reading time: ~3 m

Aurora Labs' head of product, Matt Henderson says there is a sophisticated over-the-counter (OTC) transaction scam running about that almost duped him into losing a stash of his hard-earned cryptocurrency. 

Henderson detailed his personal run-in with a scam artist known as ‘Olai’ to his Twitter followers on Aug. 5. 

Olai's scam essentially involves tricking a victim into believing payment had been received for an OTC crypto transaction, when in fact it wasn’t.

Today I nearly got caught by a fascinating and devious crypto scam during an OTC transaction. Read on to learn what happened, so you can avoid it happening to you.

— Matt Henderson (@dafacto) August 5, 2022

How it worked

Henderson explained the crypto scam began when Olai contacted him on the Telegram messaging app, inquiring about purchasing AURORA tokens with USC Coin (USDC).

The pair agreed to conduct the transaction via escrow, a common strategy by which a trusted, neutral third party holds assets on both sides of the transaction and releases them to the counterparty when payment conditions are met.

In this case, Henderson selected Aurora Labs’ head of security Frank Braun to act as the escrow agent, who he initially referred to as "Steve" in the Twitter thread. 

Olai suggested:
1. I send the AURORA to Steve
2. Olai sends me a small USDC test transaction
3. Steve send Olai an small AURORA test transaction
4. Olai send me the USDC balance
5. Steve then sends them the AURORA balance

— Matt Henderson (@dafacto) August 5, 2022

However, Henderson caught wind of something suspicious when his escrow partner shared a screenshot of him supposedly giving the go-ahead to release the full amount of AURORA tokens to the buyer. 

According to Henderson, the scammers replicated his Discord profile and directed Braun to release the AURORA token balance to the scammers.  

Discord's blocking function made sure Henderson was unaware his profile had been cloned and scammers were impersonating him. 

Based on this, some security steps I'll take in the future:

1. All funds sent to the escrow. No exceptions.

2. Inspect transactions in block explorers. Don't accept verbal confirmations.

3. Always create group chats yourself.

4. Verify IDs and confirmations out of band.

— Matt Henderson (@dafacto) August 6, 2022

After successfully evading the con, Henderson later unpacked the intricacies of the scheme, warning anyone trading crypto through OTC means to take extreme caution and avoid falling victim to the sophisticated scheme.

Related: Solana-hacked crypto could be claimed as a tax loss: Experts

He also shared that the scammer named ‘Olai’ may still be active in the community, as a person using a similar name and tactic has been spotted on Telegram, according to Twitter user Scott Yeager.

"How curious... I was recently approached by an Olai Olsen on Telegram attempting to initiate an OTC deal and offering USDC. Same character?"

Earlier this year, the United States Federal Trade Commission found that nearly half of all crypto-related scams originated from social media platforms in 2021. 

In a report in June, the FTC reported that as much as $1 billion in crypto has been lost to scammers throughout the year, more than a five-fold increase from 2020. 


   Source
Back to the list