ORLANDO, Fla. – When News 6 meteorologist Samara Cokinos received a text from our news director, Allison McGinley, she was thrown by the 208 area code.
The veteran meteorologist was convinced her boss had gotten a new corporate phone number, so she responded.
“It said, ‘Hi Samara, let me know if you get this text, Allison McGinley,’“ Cokinos recalled. “They responded with, ‘Great, we will be compensating some of our staff for good work.’”
The text message asked Cokinos not to mention it to anyone because it was supposed to be “a surprise.”
“Actually, it kind of blew me away… because they said, ‘Can you confirm you can get Visa cards at a nearby store?’” Cokinos said. “When I went into her office she said, ‘That’s not me.’”
An unofficial poll of the newsroom found at least 20 staff members received the identical text.
One text provided a list of stores to purchase the Visa gift cards from.
Samara brought the texts to yours truly and we quickly determined the end game would be the purchased cards and the codes on the back.
No one fell for the text imposters game.
This is not unique.
According to the Federal Trade Commission, “People reported almost half a million business and government imposter scams directly to the FTC.”
The FTC found several trends based on the reports that were filed:
Scammers are relying more on text or email messages to start their schemes, and less on phone calls.
Scammers are increasingly convincing people to send money through bank transfers or to pay with cryptocurrency.
Scammers often impersonate more than one organization, like a business and a government agency.
If you have an investment or consumer issue, email makeeendsmeet@wkmg.com or text the words “make ends meet” along with your issue and contact information to 407-676-7428.
GREAT BARRINGTON, Mass. (NEWS10) — A small business in the Berkshires was the victim of the growing cyber-crime known as social engineering. The business lost a significant amount of money that cannot be recouped.
“We can’t function without the fabric and without the money we can’t buy the fabric,” said Molly De St Andre.
Aurelien and Molly De St Andre own a children’s clothing store and they told NEWS10 the pandemic put supply chain issues in the spotlight which made them search far and wide for fabric. Online communication struck most of the trouble during this time.
“I was corresponding with my rep as I always do, and we have a good relationship. I did not realize that over time another person had hacked into their system and was posing as my rep,” said De St Andre.
She tells NEWS10 after several conversations she was given an official invoice, totaling nearly $40,000, from the person she thought was her rep. “The invoice that we took to the bank had fraudulent details on it and it went straight to the scammer. And we didn’t even know that for a month and a half,” said De St Andre.
They thought they were covered by insurance. “He told us we’re covered for cyber-crimes; we’re looking into this tiny clause in our insurance that basically made it impossible, it made them unwilling to cover this,” said De St Andre.
But help came from another source. On Railroad Street in Great Barrington the small businesses are coming together to support one of their own. “We’re watching out for each other and truly the expression of the rising tide lifts all boats, if one of us goes down, it only hurts our town in general,” said Mary Daire, owner Daire Bottle Shop and Provisions.
The business owner says she wants to let as many other business owners, as she can, know what to look out for . “Honestly you know, like if this could happen to us and we are so careful, this literally could happen to anyone,” said De St Andre.
One of those businesses helping De St Andre learned a few things as well when it comes to safe business practices. “We talked with our insurance agent to get more robust cyber insurance. We didn’t even realize that was something that would affect a small business such as ours. We’re not even doing sales over the internet but the sophistication level of these scams these days you can never be too safe,” said Alex Cosgrove, Co-founder Greenhouse Yoga.
The 2023 FBI internet crime report says cyber-crime victims’ losses exceed $12.5 billion, a 22% increase from 2022.
A GoFundMe has been set up to help offset the costs of the scam.
(FOX40.COM) — Two men have been sentenced to serve a year in jail after an investigation revealed them responsible for attempting to scam a Yuba County Walmart by placing a credit card skimmer at self-checkout registers in the store, according to the Yuba County District Attorney’s Office.
The DA’s Office said Romanian nationals Alexandru Capatina and Leontin Ionut, who will also serve two years on formal probation, also committed the same scam in Southern California before they brought it to Yuba County.
According to the Yuba County District Attorney’s Office, a call was made to the Yuba County Sheriff’s Department on Feb. 11 by a Walmart loss prevention employee with surveillance video showing two men placing a credit card skimmer on a self-checkout register.
The same Walmart employee also obtained a video of the men getting into a Jeep Grand Cherokee, which allowed Yuba County deputies to get essential license plate information that led them to a house in Sacramento believed to be owned by the suspects, the DA’s Office said.
Detectives confirmed the Sacramento residence where the two men were living and, with the help of the Sacramento County Sheriff’s Office, served a search warrant to the home on Feb. 27. During the search, detectives seized 46 Visa gift cards and $4,627 in cash.
During their investigation, Yuba County detectives learned that the two men had installed card skimmers at a Walmart in Yuba City, a Dollar General in Live Oak, along with the skimmer placed at the Walmart in Linda.
“Both Ionut and Capatina spent time in Mexico before entering the United States illegally about eight months before their arrests,” the Yuba County District Attorney’s Office said. “While both men deny any affiliation with organized crime, their skimmer operation in the Sacramento region is almost identical to dozens of skimmer operations in Southern California with ties to organized crime in Romania.”
The Yuba County DA’s Office said the men committed the same scam in Riverside County, located in Southern California, which was learned when a Sutter County investigator saw a bulletin about two men who were arrested for using a credit card skimmer and compared the booking photos with the previously gathered surveillance video.
“Thank you to the [Yuba County Sheriff’s Department] for your hard work for our community. Without your hard work, these criminals would still be installing skimmers and stealing from our residents,” the DA’s Office said.
A skimming device or “skimmer” is a device that is placed on ATMs to illegally extract people’s bank card information and any information about their identities. As people pay for items by inserting their bank cards, the skimmer records their bank account, bank card number, and personal information onto a sim card.
The Yuba County DA’s Office said that in this case, the devices appeared to be a frame of an ATM.
“Suspects don’t even need to remove the frame to obtain the information, [and will] pull the information from the sim card in the skimmer with a Bluetooth connection,” the DA’s Office added.
HOUSTON – A man has been charged with trademark counterfeiting after investigators say they discovered more than two dozen counterfeit Apple products worth $20,000 in the back of a stolen car during a traffic stop.
The Harris County Precinct 5 Constable’s Office says deputies pulled over a stolen Toyota Camry on Richmond Avenue near Greenridge Drive around 3 a.m. on March 29.
Deputies discovered five iPads, 11 Apple watches and 13 AirPods worth more than $20,000. Conelle Davis, 44, was arrested and charged with felony counts of counterfeit trademarking.
Conelle Davis (Copyright 2024 by KPRC Click2Houston – All rights reserved.)
“I wouldn’t be able to spot it just off the naked eye,” said Alima Bangura.
“I mean, it looks pretty legit,” added Lauren from Montrose. “I might be wrong. I think the plastic wrap looks fake.”
“Upon further examination, it was discovered many of the items had identical serial numbers and contained counterfeit products which were inconsistent with the labels on the boxes in which they were packaged,” the constable’s office said.
A spokesperson for the Harris County Precinct Five Constable’s Office says that the packages were legit and so were the Apple products inside. But the tech inside was different than what was being advertised. For example, a box for a new iPad Pro might have an older model, a used product or even a broken product.
“I haven’t seen this before,” said tech expert Dennis Underwood, the CEO of CyberCrucible. “It’s really interesting because just about every one example you can give to say, ‘Oh, this is how you check for a counterfeit.’ The counterfeiters and the people who swap out devices, they read the same blog post, they read the same how-to and so really, it’s not just one thing you need to look for. It’s a combination of things.”
The constable’s office says Davis has a long history of such crimes with two arrests on trademark counterfeiting in Harris County and several other arrests on similar charges elsewhere.
All the counterfeit devices were seized as evidence, according to the constable’s office.
“If you want to be absolutely safe, if you’re buying a gift for your partner or whatever, just go to the store. It’s not worth the hassle,” Underwood said.
Copyright 2024 by KPRC Click2Houston – All rights reserved.
BERKELEY, Calif. (KGO) — A North Bay man grieving the death of his wife awoke to a heart wrenching sight: a photo of his late wife staring out from a phony GoFundMe campaign. It was supposedly raising money for her funeral. The imposter had also hijacked the man’s Facebook account to ask for donations. And yet months later Facebook still refuses to shut it down.
Richard Links was struggling with grief over the loss of his beloved wife Cathryn. “On a daily basis, I’m confronting her absence,” he says. “I walk in here and I see her. I’m surrounded by her presence.”
Cathryn’s death from cancer last summer left him suddenly alone after 31 years of marriage.
But as grief tore at his heart, a scam made it worse.
“They have taken a picture of my late wife Cathryn and posted it to the fake GoFundMe page,” said Links, a resident of Berkeley and Mendocino.
Links was shocked to find a particular post on his own Facebook page: it was a photo of his late wife, with a caption saying, “Donate in Cathryn’s memory, Richard needs your help…”
The post linked to a fake GoFundMe page, taking donations supposedly for her funeral.
An Oakland man says after the city’s ransomware attack multiple fraudulent purchases have been made in his name including a house.
He was helpless to stop it. His wife’s image, still staring out from the scam.
“To have this sort of evilness foisted on me… this is the worst possible thing, you know? Just stomp on me, why don’t you?” Links said.
“And I mean, my poor wife. She would be horrified if she were here, witnessing what’s going on. She would be so furious,” he said.
The hacker was also sending direct messages to Links’s Facebook friends, asking for money… In one, the scammer wrote: “People suggest I create a charity group for Cathryn… if you will like to donate I can send a tag… will you like Zelle or Cash App?”
Four friends had already donated to the phony GoFundMe campaign.
Links used a secondary Facebook account to warn others. It reached only a few people.
“I can’t stand on Broadway and fourth avenue and hold a big sign. it’s not going to do anything,” he said.
There was a Microsoft hack. The tech company said it was hacked by a Russia-backed group, Midnight Blizzard, or Nobelium.
His friends and 7 On Your Side alerted GoFundMe to the fraud.
Three days later, the site took down the campaign and refunded donors’ money.
However, Facebook has refused to remove the hacker from Links’s account.
“We’ve reviewed your complaint, yada yada we found nothing irregular,” Links said.
Links’s friends also tried to alert Facebook. To their amazement, Facebook kept sending automated responses saying the account met all standards.
In an email, Facebook told Links: “We reviewed the profile your friends reported and found that it isn’t pretending to be you and doesn’t go against our community standards.”
Which infuriated Links. He and friends tried again and again to explain — the profile was not the issue. It was a hacker controlling the account.
A hacker or hackers have accessed nearly seven million profiles of 23andMe customers, a spokesperson for the genetic testing firm told CNN on Tuesday, including in some cases users’ ancestry reports, zip codes and birth years.
Facebook kept sending an automated response saying, “We’ve taken a look and found that the profile doesn’t go against our community standards. We understand that this might be upsetting so we recommend exploring the options available to control what you see. If you want us to review something specific, be sure to report the content, not the entire profile.”
“We weren’t talking to a person at Facebook,” says Links’s friend Elizabeth Bernstein of Berkeley. “We were talking to an algorithm.”
This further infuriated Links.
“Well, how about this Mr. and Mrs. Facebook! These people stole my identity and are using it for nefarious purposes,” he said.
Facebook did not explain how the reported crime met community standards. To this day, the stolen account is still active — now claiming Links is raising money for prostate cancer, when he’s not.
“Does that sound like it goes with your policy?” Links said.
Facebook did not respond to ABC7’s inquiries asking why it’s letting a hacker control Links’s account and to commit fraud. But parent company Meta is planning a subscription service to charge money for account security for Facebook and Instagram users. A post by Meta’s Mark Zuckerberg says it will cost up to $14.99 per month for concierge service to, for example, restore a stolen account – like Links’s…Zuckerberg said in a post that giving everyone such security would cost too much.
7OYS’s consumer hotline is a free consumer mediation service for those in the San Francisco Bay Area. We assist individuals with consumer-related issues; we cannot assist on cases between businesses, or cases involving family law, criminal matters, landlord/tenant disputes, labor issues, or medical issues. Please review our FAQ here. As a part of our process in assisting you, it is necessary that we contact the company / agency you are writing about. If you do not wish us to contact them, please let us know right away, as it will affect our ability to work on your case. Due to the high volume of emails we receive, please allow 3-5 business days for a response.
Construction materials and an unfinished home peak through the trees at the front of Nacotee’s Vista neighborhood, where a custom home builder is accused of collecting deposits then abandoning the projects, a Florida sheriff’s office said.
The owner of a custom home construction company is accused of collecting millions of dollars worth of deposits from clients and then abandoning the projects, leaving half-built houses and vacant concrete slabs, a Florida sheriff’s office said.
Spencer Calvert, owner of Pineapple Corporation, embezzled and misappropriated $15 million, which included construction funds, payment for subcontractors and deposits from intended homeowners, according to a Friday, Feb. 23 news release from the St. Johns County Sheriff’s Office.
The sheriff’s office said Calvert’s company was under contract with at least 13 clients to build custom homes in Nocatee’s Vista neighborhood. The clients purchased lots between 2019 and 2023 from Calvert, according to the sheriff’s office.
Despite some clients paying Calvert years ago, their houses remain unfinished.
A few of the homeowners reached out to the investigation team at WJXT, and said they had paid hundreds of thousands of dollars to Calvert, but still had just a concrete slab.
One client, Lisa Sparta, told the outlet she moved with her husband from Philadelphia and went under contract in 2021 with Calvert, who said the home would be completed in a year and a half.
“After we paid some deposits to the builder, and the deposits weren’t passed on to the contractors, the house was just sitting or you know, a little bit of work would get done. And then it would sit for a few months. And there was always an excuse, there was always a reason it was out of their control. It had nothing to do with the builder. It was, you know, supply chain, it was labor shortages. It was any excuse you could think of it was never their fault,” Sparta told WJXT.
Sandy Yawn, known as a reality TV star on the show “Below Deck Mediterranean,” also bought a lot to build her dream house from Calvert and has paid $1.6 million, she told the outlet.
“We’ve spent every dime that we have. And so now we don’t really have the money to finish it. We have to try to get a loan. And we just want it when our house finishes. But more importantly, the person that took our money, I just want to know where our money is,” Yawn told WJXT.
The sheriff’s office said not only was Calvert not building houses, but he wasn’t paying subcontractors with the money he took for deposits.
Funds intended for labor, services and materials were never paid, the sheriff’s office said, and the costs totaled more than $900,000.
“Calvert is accused of knowingly and intentionally accepting deposits and abandoning the project without any attempt to refund or correct the situation,” the sheriff’s office said.
Calvert is charged with embezzling and misappropriating more than $100,000 in construction funds, first degree larceny of $100,000 or more and organized scheme to defraud, according to the sheriff’s office.
Nocatee is about 30 miles south of Jacksonville.
Irene Wright is a McClatchy Real-Time reporter. She earned a B.A. in ecology and an M.A. in health and medical journalism from the University of Georgia and is now based in Atlanta. Irene previously worked as a business reporter at The Dallas Morning News.
Valdrin Sahiti is a celebrity designer behind the stunning styles worn by Taraji P. Henson, Beyoncé, Halle Bailey, and more. However, the 37-year-old is now being accused of scamming several Black women out of thousands of dollars.
According to The Shade Room’sJustin Carter, the women allege Sahiti ghosted them after they paid hefty deposits for custom wedding gowns.
Now, on this episode of ‘TSR Investigates,’ Carter is getting to the bottom of it all.
More Details Regarding The Allegations Against Valdrin Sahiti
According to Carter, one particular Instagram post of Sahiti’s caught the eye of Tatiana French. French is a soon-to-be bride who will be walking down the aisle this spring.
The woman, based in Texas, says she was instructed to send her “first deposit” in September 2023. Then, she needed to complete professional measurements, and within 6-8 weeks, her custom gown, made in Kosovo, South Europe, would be ready.
“Midway between the 6-8 weeks, they said [I] would have a video showing with the dress on a model of similar measurements,” French told Carter.
According to the soon-to-be bride, she and Sahiti’s company agreed on a gown with a price tag of $2,500. French paid a security deposit of $1,331.
“Then, they’ll do the final touches or whatever that may be, and then they’ll get it shipped out to [me], and shipping would take 24-48 hours through DHL,” French explained.
At the end of the eight-week process, however, French said she hadn’t “heard anything.”
In November, French reached out to the company via WhatsApp. However, according to Carter, she “got the run around for days.”
Frustrated, French booked her flight to Kosovo, determined to bring back her gown “by any means necessary.”
What Happened To The Bride’s $2,000 Wedding Gown?
Sahiti’s company begged the soon-to-be bride to “be patient,” as they had “no intention” of keeping her gown from her. French never made her trip to Kosovo. However, she remained persistent.
On January 3, Sahiti’s company requested French to send the remainder of her payment with an additional $500 for shipping.
“It was just a Western Union link, and it says, ‘Send money to this person,’ and then the email confirmation was supposed to go to them, but I’m supposed to be paying DHL,” French said. “Another $500 is crazy — after I’ve already sent you this money, and you’re not even communicating with me effectively.”
However, French wasn’t the only Black woman who experienced the run-around with the celebrity designer. Scroll above to watch as more Black women share their experiences with Valdrin Sahiti, how the company has responded, and whether or not these soon-to-be brides received their thousand-dollar gowns.
Explore the biggest crypto hacks of 2023 in our comprehensive review, including the roles of notorious hacking groups and their impact on the crypto industry.
Cryptocurrency hacks in 2023 have seen the industry lose over $1 billion, with the largest hacks occurring in the final quarters of the year. The recent bull market has marked the end of a prolonged crypto winter that started in 2022, driven by the Terra LUNA crash and the FTX collapse. However, this has also renewed hackers’ interest in the market, with more malicious threats targeting major defi protocols and crypto exchanges.
From the multi-million dollar heist at Mixin to the sophisticated phishing scams affecting individual investors, each hack provided a stark reminder of the ongoing battle between cybersecurity and cybercriminals in the digital age. So, what were the largest crypto hacks of 2023? Let’s find out.
Mixin breach ($200m): biggest crypto hack of 2023
September 2023 saw arguably the largest recent crypto hack, as the Mixin platform suffered a staggering loss of $200 million. This incident unfolded through a data breach of Mixin’s cloud service provider. The platform could not track down the attacker or recover the stolen funds. However, Mixin committed to compensating users for half of their lost holdings.
[Update] After statistical analysis, the affected assets in this incident were mainly ERC20-USDT, ETH, and BTC. Other assets were not affected. The specific compensation details are still under discussion. Please stay tuned for updates on the progress of this incident. In order… https://t.co/XHlNmJFbeZ
In March 2023, Euler Finance experienced a significant hack, losing nearly $200 million. The breach was initially identified by PeckShield, a blockchain security firm, which noticed unusual transaction activity on the platform. These transactions were later confirmed as the method through which $197 million in cryptocurrency was stolen.
However, in a rare occurrence, the stolen funds were unexpectedly returned to Euler Finance a few weeks after the hack. An apology note was included in one of the return transactions, as observed on Etherscan.
Poloniex hack (over $120m)
Popular crypto exchange Poloniex faced a security breach in November, leading to a loss exceeding $33 million, later revised to over $120 million. The unauthorized outflow of funds from its hot wallet affected multiple networks, including Ethereum (ETH) and Bitcoin (BTC). Justin Sun, the majority shareholder of Poloniex, reassured the community of the exchange’s financial stability and pledged full reimbursement for the lost assets.
To resolve the situation, Sun initially offered a $10 million bounty to the cryptocurrency hackers for returning a significant portion of the funds within a week and provided wallet addresses for potential reimbursement. However, as per the latest reports, the hackers did not respond. Poloniex continues its internal investigation and remains committed to compensating affected users.
HTX hack ($110 m)
Yet another exchange linked to Justin Sun experienced a major breach this year. HTX, formerly known as Huobi, experienced a significant security breach, leading to a net outflow of $250 million after resuming operations.
This outflow followed the November attack in which HTX lost around $110 million, according to Sun. The incident prompted a temporary suspension of withdrawals and deposits. Despite the substantial outflow, an HTX emphasized that user funds were safe.
MultiChain rug pull ($130m)
In July, MultiChain, a cross-chain protocol, reported suspicious withdrawals totaling $130 million, sparking concerns of a hack or rug pull. The series of transactions led to the Chinese authorities’ arrest of MultiChain’s CEO, Zhaojun, fueling speculation of insider involvement.
Zhaojun’s devices, including phones and hardware wallets, were confiscated. The incident led to MultiChain ceasing operations, as detailed in a post on social media. The closure of MultiChain followed these events, leaving many questions about the true nature of the incident.
Atomic Wallet hack ($100m)
In June, Atomic Wallet, a widely-used software crypto wallet, was hacked, leading to the loss of $100 million. The breach impacted over 5,000 user accounts, with some users experiencing partial thefts and others having their wallets completely emptied.
The initial suspicion pointed toward the Lazarus hacking group. The incident led to a class-action lawsuit from Russian investors against Atomic Wallet in August 2023. The latter claimed that the trace led to the Ukrainian group of hackers. However, there has been no proof of this statement since then.
The company’s response to the crypto hack and the legal repercussions are yet to be fully resolved.
CoinEx hack ($70m)
Crypto exchange CoinEx suffered a major security breach in September, resulting in the theft of $70 million. Crypto hackers accessed numerous private keys for user hot wallets, transferring substantial amounts of various cryptocurrencies, including nearly 5,000 ETH and 231 BTC.
Despite the significant loss, CoinEx’s cold wallets remained unaffected. The North Korean Lazarus group is suspected to be behind this attack.
KyberSwap hack ($47m)
The KyberSwap hack in November 2023 stands out for its complexity and the significant loss incurred. The multi-chain decentralized exchange aggregator fell victim to a smart contract reentrancy attack, leading to the theft of $47 million across various networks, including Ethereum, Polygon (MATIC), Arbitrum (ARB), and Optimism (OP).
This breach resulted in a drastic 90% drop in KyberSwap’s total value locked, falling from $84.9 million to just $8.28 million, showcasing the severe impact of smart contract vulnerabilities.
The hacker behind this attack made unusual demands, seeking total control over KyberSwap’s protocol, which included its governance mechanism and company assets. These demands, attached to a transaction on Etherscan, were unprecedented and highlighted a new level of boldness in crypto hacking.
The hacker sought to overhaul KyberSwap’s operational structure, including employee salaries and executive buyouts. This incident reflects the technical vulnerabilities of defi platforms and underscores the evolving challenges in securing defi ecosystems against increasingly sophisticated attacks.
Stake hack ($41m)
September was undoubtedly one of the costliest months this year, with the number of hacks exceeding all other months in 2023. Popular crypto gambling platform Stake also suffered a breach that month, leading to a theft of $41 million.
This hack specifically targeted users’ crypto hot wallets, and the assets stolen included Ethereum and Dai, among others. All funds were initially transferred to a single wallet, believed to belong to the hacker, and then dispersed to various other wallets. This dispersion tactic made tracking the stolen assets more challenging. The FBI’s investigation later confirmed the involvement of the North Korean Lazarus hacking group in this theft, although the stolen funds remain unrecovered.
North Korea’s Lazarus group: state-affiliated threat in crypto hacks
In 2023, the Lazarus Group, a North Korea-linked hacker organization, has been a prominent actor in the crypto hacking landscape. They have been responsible for over $300 million in crypto hacking incidents, accounting for approximately 17.6% of the total losses incurred in the crypto industry during the year. This contribution to the total losses highlights the group’s significant impact on the crypto space.
Historically, the Lazarus Group has been involved in some of the largest cyberattacks, dating back to their activities against Sony Pictures in 2014. Over the years, they have shifted their focus to crypto protocols, acquiring billions of dollars from these attacks. From 2021 to 2023, approximately $1.9 billion has been stolen from various crypto projects, showcasing the group’s persistence and evolving tactics.
In 2023, the Lazarus Group executed at least five attacks, including a notable $70 million theft from the Hong Kong-based crypto exchange CoinEx. Their strategy moved towards targeting centralized finance platforms and noncustodial crypto wallets, demonstrating keen adaptability to the changing landscape of the crypto industry.
Despite a global decline in the overall amount of money stolen in digital asset hacks, the threat posed by groups like Lazarus remains significant. Law enforcement agencies have been actively combating these activities by tracing stolen funds and disrupting crypto mixers, which obscure illicit funds’ origins. The U.S. Treasury Department has addressed these challenges by sanctioning popular mixing services like Tornado Cash and proposing stricter regulations for decentralized platforms.
Crypto hacks in 2024: prospects
The surge of crypto hacks in the latter half of 2023 reflects a concerning narrative for the industry heading into 2024. The upcoming year is poised to be a crucial time for crypto, with the expectations around the Bitcoin spot ETF launch in January and the Bitcoin halving event in April.
So, the industry is preparing for a busy 2024, and so will the hackers. Building industry-wide resilience would be the key to curbing these large-scale threats; otherwise, we might be in for a costlier new year.
FAQs
Can blockchain be hacked?
While blockchain technology is generally secure due to its decentralized and encrypted nature, it is not completely immune to hacking, especially through vulnerabilities in smart contracts or centralized points like exchanges.
Is Bitcoin hackable?
Bitcoin’s core blockchain protocol is highly secure, but Bitcoin exchanges and wallets can be vulnerable to hacking.
What is the world’s largest crypto exchange hack?
The world’s largest crypto exchange hack occurred at Coincheck in 2018. The company lost $534 million worth of NEM tokens.
What is the biggest hack in Bitcoin history?
The most significant Bitcoin hack was the Mt. Gox incident in 2014, where approximately 850,000 bitcoins were stolen, greatly impacting the Bitcoin community and market.
What are the latest crypto hacks?
Recent notable crypto hacks include the attacks on Ledger, HTX, KyberSwap, and Poloniex, with losses mounting over hundreds of millions.
Barely a day goes without a scam of some kind popping up on our phones or in our email, trying to get us to download malware, reveal a password or pay for fraudulent goods. But there’s one bit of con artistry gaining traction that you definitely don’t want to fall for.
It’s called a “pig butchering” scheme, because the perpetrators will “fatten up” a victim to gain their trust before “butchering” them — typically by persuading them to invest large sums of money into a fraudulent investment, then making off with all of it.
Four men, three of them from Southern California, were recently charged in connection with such a scam, the U.S. Department of Justice announced Thursday. The DOJ alleges that the con cost victims $80 million.
Alham Lu Zhang, 36, of Alhambra; Justin Walker, 31, of Cypress; Joseph Wong, 32, of Rosemead; and Hailong Zhu, 40, of Naperville, Ill., were charged with conspiracy to commit money laundering, international money laundering and concealment money laundering, the DOJ said. Zhang and Walker were arrested and appeared in court Wednesday. If convicted, they face a maximum penalty of 20 years in prison.
Pig butchering scammers often find their victims on dating sites or social media, or by calling and pretending to have dialed a wrong number, federal officials said in the release. The scams are largely carried out by criminal enterprises from Southeast Asia, which use human trafficking victims to reach out to millions of people around the world, according to the U.S. Treasury Department. Scammers create relationships with the victims to gain their trust and, in many cases, introduce the idea of using cryptocurrency to make a business investment.
In cases involving cryptocurrency, victims are directed to fraudulent platforms to make investments, unwittingly sending their money to scammer-controlled accounts. The platform falsely shows significant gains on the investment, and the victims are then encouraged to pony up more and more. However, when they eventually try to withdraw their money, the scammers stonewall them — or just disappear with the funds.
In the case announced Thursday, the feds allege that Zhang, Walker, Wong and Zhu conspired to open bank accounts and shell companies to launder money from a cryptocurrency investment scam. The four are accused of making hundreds of transactions that caused the victims to lose more than $80 million — more than $20 million of which ended up in the defendants’ bank accounts.
According to FBI spokesperson Laura Eimiller, pig butchering scammers are patient and will build a relationship with daily small talk to make the victim feel comfortable. They may also send photographs portraying themselves as wealthy and successful. One sign that the romantic partner you met online may be a scammer is that the person is never willing or able to meet with you, always offering excuses and reassuring you they will visit soon.
The scammers usually introduce the investment opportunity by sharing their own success stories and saying they got wealthy through a particular investment platform, Eimiller said. They’ll share screenshots of their bank accounts with high balances and eventually pressure the victim to invest, presenting it as a “near guarantee” to make money — with the caveat that the victim should start with a small amount of money to see that it works.
The victim is sent a link to download a mobile app, or they’re directed to a website to open an account, according to Eimiller. The accounts, which the scammer will control, require them to upload their identification. Victims usually start with small amounts of money and get instant returns. They’re able to withdraw early on, which makes them believe the platform is legitimate.
Victims tend to increase their investment based on the returns they’ve seen, or they may be pressured to invest more by the scammers. They see reports of regular profits and eventually decide to make a large withdrawal. At this point, the hammer drops: They’re told that they need to pay taxes, about 15%-25% of their profits, and will need to find additional funds. Then they’re told that their account is frozen due to securities fraud or money laundering. They never get their (fictitious) earnings, nor will they recover the money they invested.
Eimiller advises against sending money to an investment platform just because someone you met online or over the phone advised you to do so.
“Most of these investment returns do not even mathematically make sense, but people want to trust those who pretend to be their friend, colleague or potential partner,” she wrote in an email. “And the use of third-party investment platforms seems to disarm people. In their eyes, they’re not giving their money to a stranger, they’re investing with what they are convinced is a legitimate investment company.”
Senator Elizabeth Warren’s proposed Digital Asset Anti-Money Laundering Act, aimed at combating crypto-related scams, ignites a complex debate over the balance between regulation and innovation in the digital finance arena.
In a Nov. 16 hearing, Senator Elizabeth Warren (D-Mass) voiced concerns about cryptocurrency’s role in financial scams, particularly those targeting older investors. Warren’s criticisms align with the introduction of her Digital Asset Anti-Money Laundering Act bill, aimed at curbing such fraudulent activities.
During the hearing, Steve Weisman, a senior lecturer at Bentley University, highlighted the anonymity afforded by cryptocurrencies as a significant factor in their use for illicit activities. He noted that while crypto mixers, which obscure the source of funds, can serve legitimate privacy needs, they predominantly facilitate criminal endeavors.
This complexity was evident in the ransomware attack against Colonial Pipeline, where despite initial success in tracing the accounts, the involvement of mixers hindered further tracking.
Warren’s legislation proposes to enhance the ability of regulators to monitor suspicious crypto-related activities and take decisive action against scammers. The senator emphasized the urgency of implementing regulations to combat the proliferation of crypto crimes.
However, the bill and its motivations have faced criticism, particularly following a Wall Street Journal report on Hamas’s alleged use of cryptocurrency for financing operations in Israel.
The report, partially refuted and corrected for overstatements, has been cited by the crypto industry as an example of misrepresenting the role of digital currencies in illicit finance. Industry leaders argue that the inherent traceability of cryptocurrencies actually deters their use by criminals.
Yaya Fanusie, from the Crypto Council for Innovation, criticized the bill for applying traditional financial regulations to the defi sector, which he considers inappropriate and overly broad. Additionally, a group of digital asset industry professionals with national security backgrounds expressed concerns that the legislation, fueled by exaggerated reports, might adversely affect U.S. national security interests.
NFT protocol JPEG’d alerted community members to malicious actors targeting holders of its token as phishing scammers continue to target crypto and DeFi operators.
The P2P non-fungible token (NFT) lending platform JPEG’d posted a notice on X following numerous complaints from users citing phishing campaigns and a booby trap revocation tool. These services are typically employed by web3 users to clear out access previously given to decentralized applications.
Bad actors launched a number of malicious platforms mimicking genuine services per the update from JPEG’d. The goal is to secure transaction approval before draining NFTs and digital assets in the wallet.
It has come to our attention that scammers are targeting $JPEG holders claiming false approvals on phishing contracts and linking to a malicious revocation tool. The current name they go under is “Trojansec”.
Please do not interact with them or any contract that you are unsure…
Several phishing efforts have been directed toward cryptocurrency participants and decentralized finance users. As crypto.news reported, hard wallet maker Trezor became the target of a new phishing campaign. Social media accounts tied to rapper Nelly were also compromised.
Viral SocialFi app Friend.Tech reported suffered Google search manipulation attacks and investors lost $4.5 million in USDT to a phishing scam.
JPEG’d’s call for vigilance comes months after hackers attacked on-chain stable swap exchange Curve Finance, stealing nearly $100 million from multiple protocols and liquidity providers. Some of the funds were recovered by white hat hackers and a collaborative DeFi helpline tagged SEAL 911 was formed.
Jim Meduri answered a terrifying phone call in January from a man pretending to be his son.
The caller, who sounded on the verge of tears, said he’d been in a car accident. Meduri was convinced his son had been arrested for driving under the influence and injuring a pregnant woman and her daughter.
The San Jose resident later spoke to people impersonating a defense attorney and a courthouse clerk, who told him his son might be sent from the Bay Area to Nevada because of an mpox outbreak at the jail. Panicked and in a rush, Meduri agreed to send bail money through cryptocurrency. The fake lawyer directed Meduri, 65, to an ATM where people can buy the digital currency bitcoin. He inserted $15,000 in cash into the machine, scanned a code provided by the scammers and transferred the money.
When Meduri realized he’d been duped, his money was gone.
“They played on fear and what a parent would do to help their kid, and it was elaborate,” said Meduri, who was able to get most of his money back with help from the Santa Clara County district attorney’s office.
Meduri’s misfortune is just one example of how scammers are using bitcoin ATMs to swindle victims out of thousands of dollars, fraud that law enforcement officials warn is on the rise.
The machines, in convenience stores, gas stations and even bakeries, are an easy way for people to buy cryptocurrency quickly with cash, which is harder to track than a wire transfer or check. As scammers exploit the convenience these machines provide, bitcoin ATMs are also attracting the attention of lawmakers, regulators and consumer advocacy groups looking to protect people from fraud and exorbitant fees.
Starting in January, California will limit cryptocurrency ATM transactions to $1,000 per day per person under Senate Bill 401, which Gov. Gavin Newsom signed into law. Some bitcoin ATM machines advertise limits as high as $50,000. The new law also bars bitcoin ATM operators from collecting fees higher than $5 or 15% of the transaction, whichever is greater, starting in 2025. Legislative staff members visited a crypto kiosk in Sacramento and found markups as high as 33% on some digital assets when they compared the prices at which cryptocurrency is bought and sold. Typically, a crypto ATM charges fees between 12% and 25% over the value of the digital asset, according to a legislative analysis.
“This bill is about ensuring that people who have been frauded in our communities don’t continue to watch our state step aside when we know that these are real problems that are happening,” said state Sen. Monique Limón (D-Goleta), who co-authored the bill.
Although similar scams have existed long before the rising popularity of cryptocurrency, the use of these digital assets by fraudsters has been increasing, according to the Federal Trade Commission. Since 2021, more than 46,000 people reported losing over $1 billion in crypto to scams, the agency reported in 2022.
Victims of bitcoin ATM scams say limiting the transactions will give people more time to figure out they’re being tricked and prevent them from using large amounts of cash to buy cryptocurrency. But crypto ATM operators say the new laws will harm their industry and the small businesses they pay to rent space for the machines. There are more than 3,200 bitcoin ATMs in California, according to Coin ATM Radar, a site that tracks the machines’ locations.
“This bill fails to adequately address how to crack down on fraud, and instead takes a punitive path focused on a specific technology that will shudder the industry and hurt consumers, while doing nothing to stop bad actors,” said Charles Belle, executive director of the Blockchain Advocacy Coalition.
While California lawmakers have striven to balance the need to support the cryptocurrency industry and protect consumers, recent legislation has hewed toward tighter state regulation. Another law would by July 2025 require digital financial asset businesses to obtain a license from the California Department of Financial Protection and Innovation.
When signing the legislation, Assembly Bill 39, Newsom included a message that said the law needed further refinement to provide clarity to consumers, businesses and state regulators.
“It is essential that we strike the appropriate balance between protecting consumers from harm and fostering a responsible innovation environment,” he wrote.
In 2022, months before the collapse of cryptocurrency exchange FTX, Newsom vetoed a similar bill that would have required cryptocurrency companies to get a state license, citing concerns a new regulatory program would be costly and the actions were premature.
Erin West, a Santa Clara County deputy district attorney who helped Meduri recover his money, said scammers turn to bitcoin ATM machines because they accept large amounts of cash. The value of bitcoin can also rise, giving fraudsters a way to increase their plunder.
Scammers use different tactics to trick people into handing over their money, including creating a false sense of urgency and winning over their trust. Some befriend or seduce their victims through social media or dating apps, luring them into a web of lies that include fake emergencies. Other times, the scam starts with a text message directing victims to a fake cryptocurrency investment site.
West said her team has been able to recover $2.5 million for scam victims like Meduri by tracking down the cryptocurrency exchange that was involved in the transaction. After Meduri put $15,000 into a kiosk operated by Bitcoin ATM Services, the digital money ended up in the cryptocurrency exchange Binance. The exchange complied with a search warrant, allowing her team to retrieve the stolen funds from Binance and return them to Meduri.
Although it’s possible for cryptocurrency victims to get their money back even if it travels overseas, West said it’s rare. Some cryptocurrency exchanges are more cooperative with law enforcement than others, she said.
“This whole thing is a speed game,” said West, who is part of a task force called REACT — Regional Enforcement Allied Computer Team — that combats high-tech crimes. “Can we get the victim in front of a competent investigator who knows how to find things on the blockchain in the least amount of time?” Blockchain is a type of shared digital database that stores information about crypto transactions.
An 80-year-old retired teacher in Los Angeles, whom The Times previously interviewed, said she hasn’t been able to recover $69,000 she sent to scammers through a bitcoin ATM over multiple days in May. The stolen funds ended up in Seychelles-based cryptocurrency exchanges KuCoin and Huobi.
The scam started when Mrs. K, who wants to remain anonymous because she’s more wary about giving out her personal information, got a loud pop-up alert that her computer was infected with a virus. After calling a fake tech support number and later talking to a person impersonating the FBI, Mrs. K thought her Chase bank account had been taken over by foreign Chinese hackers involved in a child pornography case. To keep up the elaborate ruse, the scammers also sent Mrs. K fake Chase bank emails.
“If it wasn’t this convoluted mishmash, I probably would have been a little smarter and not fallen into this trap,” Mrs. K said. “I feel so disappointed in myself that I just fell hook, line and sinker.”
Mrs. K said the FBI impersonator told her to withdraw $75,000 in cash over three days from her Chase checking account and not tell anyone. If workers at the bank asked, the scammer told Mrs. K to say that she was withdrawing cash for construction.
The FBI impersonator convinced Mrs. K she could help law enforcement catch the child predators if she converted the cash to cryptocurrency and transferred the funds to a digital wallet the agency would monitor. The intricate lie eventually led Mrs. K to a Coinhub Bitcoin ATM machine at a doughnut shop in Highland Park that accepts up to $25,000 in cash daily per person.
By the time she realized it was a scam, Mrs. K had sent $69,000 to the fraudsters. She reported the crime to police but hasn’t been able to recover her money.
Under federal law, bitcoin ATM operators are typically considered money services businesses, so they’re required to register with the U.S. Department of Treasury’s Financial Crimes Enforcement Network, or FinCEN. The agency collects and analyzes financial information to combat money laundering and other illegal uses. The businesses must also maintain an anti-money-laundering program and report suspicious activity to the agency.
Logan Short, the chief executive of LSGT Services, which does business as Coinhub Bitcoin ATM, said in an email the company does “everything in its power to protect consumers, but unfortunately fraud is not 100% preventable in any industry.” The Las Vegas company is registered with FinCEN but faced allegations that it operated crypto ATM machines in Connecticut without the required state license.
Bitcoin ATM Services, which operates the kiosk used by Meduri, says on its website that it is registered with FinCEN. The Times couldn’t find a record of Bitcoin ATM Services being registered as a money services business with FinCEN. A company called Cash ATM Services that has the same mailing address as Bitcoin ATM Services was registered. Bitcoin ATM Services did not respond to a request for comment.
Law enforcement has cracked down on unlicensed crypto ATMs,but it can be tough for consumers to tell how serious the industry is about addressing the concerns. In 2020, a Yorba Linda man pleaded guilty to charges of operating unlicensed bitcoin ATMs and failing to maintain an anti-money-laundering program even though he knew criminals were using the funds. The illegal business, known as Herocoin, allowed people to buy and sell bitcoin in transactions of up to $25,000 and charged a fee of up to 25%.
Cryptocurrency regulations vary by state. California has long exempted crypto ATMs from licensing requirements for businesses engaged in money transmission.
Crypto ATM machines serve people who don’t have a bank account or just want the convenience of buying cryptocurrency at a gas station, convenience store or other shop, said Ayman Rida, CEO of Cash2Bitcoin, who works with cryptocurrency ATM operators including in California on complying with state regulations. The fees ATM charge are higher than online exchanges, he said, to cover certain expenses. That includes the cost of leased space, machine maintenance and cash management.
Crypto ATM operators aren’t opposed to having clearer rules and guidelines, he said, but they are against capping fees and transactions. Crypto ATM operators typically require more forms of identification if a customer makes a transaction of more than $1,000, and in some cases flag high-value transactions, which could help stop scammers.
“Scammers are getting smarter,” he said. “My question for the regulators is, why are you killing an industry when scams also happen to other industries but they’re not doing anything about it as well?”
As for Meduri, he’s just relieved his son wasn’t really arrested and in a car accident. Oddly enough, finding out it was all an elaborate lie came with a sense of relief.
“My wife and I were just wrecked that day,” he said. “I didn’t even care. I was happy he was OK.”
Dining and dashing, but cranked up a notch? Over in Spain, a 50-year-old Lithuanian man locally known as the “gastrojeta” has been arrested and accused of faking heart attacks in an effort to get out of paying restaurant bills!
Restaurant Employees Called The Police After Picking Up On The Alleged Ruse
According to Spain’s EFE news agency, the situation unfolded last month in a touristy section of the city of Alicante.
Moisés Doménech — the manager of the establishment, El Buen Comer — says the man entered and casually requested a seafood dish and a couple of whiskeys.
However, an unnamed employee eventually noticed the customer was trying to dine-and-dash and confronted him. In turn, the 50-year-old reportedly said he was going to retrieve money from his hotel room, though the employee didn’t budge.
At that point, the man is accused of flopping onto the ground and dramatically feigning a heart attack. He allegedly requested that the establishment contact an ambulance for him, though they instead called the police.
Spanish Authorities Confirm The Man “Was Arrested Multiple Times” For His Antics
Once officers arrived at the scene, the man reportedly reiterated his ambulance request. However, he was swiftly recognized and taken into custody.
In a statement to Insider, a spokesperson for the Alicante National Police confirmed the “gastrojeta” was a repeat offender. It’s also noted that the city has had twenty instances of the ruse going down in the past year.
“He was arrested multiple times in the city of Alicante. The modus operandi was the same.”
Additionally, we should add that one responding offer claimed to have arrested the man on four prior occasions, with the first incident occurring in November 2022.
Insider reports that, while the Alicante National Police spokesperson confirms the man was jailed, the specifics remain unclear.
Funds stolen in a prior exploit have reportedly been channeled into Tornado Cash, totalling an estimated 1,500 BNB now within the mixer.
Deposits into Tornado Cash
According to an Oct. 11 from Certik, an exploit occurred on BH Token (BlackHole token), resulting in an exploiter (0xFDb) acquiring $1.2 million USDT, which was later converted to BNB and deposited into Tornado Cash, an Ethereum-based privacy tool.
Now, in a follow-up development dated Oct. 19, the malicious actor responsible for the theft has channeled stolen funds into Tornado Cash, has deposited a total of 1,500 BNB into the mixing service so far.
A subject of another alert
Unfortunately, this is not the first time that Tornado Cash has made headlines for being part of a malicious attack in recent weeks.
On Sept. 11, another Certik alert went out about a wallet associated with over $24 million in stolen cryptocurrencies that had transferred 600 Ether (ETH) valued at approximately $936,000 into Tornado Cash.
Earlier in August, Tornado Cash founders also faced charges for money laundering tied to North Korea.
“They were looking to come in at a follow-on round for another $10 million in total,” Patrick said. “Kyle had said to me, that round was too small for him.”
Patrick said he left the December meeting optimistic, and they stayed in touch, communicating as recently as May of this year.
Then there was the Byju’s deck. The India-based ed-tech service had been on a tear since 2016 when Mark Zuckerberg and Priscilla Chan invested $3.4 million in the company. By June 2021, the company was valued at $16.5 billion.
Deschanel told people he was working directly with Anita Kishore, Byju’s 33-year-old chief strategy officer, on its next funding round. He was also getting, he said, help from his sister, Gabrielle de Rothschild Deschanel, an attorney at Citadel based in Chicago. In addition to an Oxshott colleague who was leading the Byju’s push, his sister was copied on several emails relating to the deal.
“Byju’s, I mean, it is a proper deck,” said Brian, the finance source who was looking into working with him to raise funds. “This is a real deck. I’ve seen decks before. This is a real deck.”
In September 2021, Oxshott reportedly clinched a deal to lead the fundraising round for Byju’s Series F, which would bring in a total of $297 million. Regulatory filings with the Indian Ministry of Corporate Affairs showed that the investment was the equivalent of $160 million at the time. A leading Indian business outlet, Economic Times, mentioned Oxshott several times in a 2021 article about the deal. That December, Reuters reported that Churchill Capital founder Michael Klein—a longtime adviser to the Saudi Public Investment Fund, and Aramco—was exploring a deal with Byju’s to raise $4 billion to take the company public via a SPAC valuing it at $48 billion.
Those who knew him said that Deschanel exhibited outward signs of stress around this time. At the start of 2022, Donna described watching him take many phone calls with backers, often in Arabic. He took visits to Washington, DC, telling her he was meeting with ambassadors, she said.
“There were a few very large Middle Eastern investors that he introduced to Oxshott,” Stern said in his statement. “He represented that these investors stemmed from his Saudi connections.”
Deschanel told people he looped in his sister at Citadel, as legal counsel. He was working the phones nonstop. Brian, the source in finance, said that a number of investors turned him down citing, vaguely, red flags.
According to a New Delhi reporter for the Singapore-based financial blog the Morning Context, the Byju’s board introduced a resolution in March 2022, stating that the LLC providing the funds wouldn’t be Oxshott, but a related entity called DRD Holdings. (In emails Kyle would sign his full last name as De Rothschild Deschanel.) In July 2022, the outlet reported that the DRD Holdings/Oxshott funds never made it to Byju’s. The company told the Morning Context that Oxshott had never been the lead on the investment round but the allotted shares for the company were still outstanding. The same month, Indian member of Parliament Karti P. Chidambaram said that he was referring an investigation into Byju’s finances to the government’s fraud regulator, but Byju’s held firm and said that the funds would be delivered in August.
Donna said Deschanel seemed to be in constant conversation with his sister. At one point, Donna asked why he couldn’t just have his family, whom he had time and again represented as institutionally wealthy, help him out. She said Deschanel told her that his family didn’t like to use its own money on such deals when it could find outside investors.
Deschanel’s social acquaintances at the time said that he continued to party throughout this period. According to Donna, he turned up to her workplace after having been at an after-hours until dawn, residue in his nose. He would spend time at the new Tao Group–owned establishments at the recently opened Moxy Hotel on the Bowery, often hanging with Dylan Hales, who had been brought in to run the spaces. Little Ways was a particular favorite. In February, Hales cohosted Deschanel’s birthday party where the guest of honor secured more than half the tables and invited hundreds to celebrate. (According to the list on the invitation sheet, Leonardo DiCaprio RSVP’d no, saying, “Happy day my guy. All love 💙”. A representative for DiCaprio did not reply to a request for comment.)
By early 2023 Byju’s announced that Oxshott had withdrawn from the funding round. Around this time, friends say Deschanel started to hit them up for cash, asking a person for $250,000 and promising a return within a week. He put Seamless charges on a girlfriend’s card until she caught him and walked out of the house. He used Tini’s credit card to pay for Ubers and ran up tabs. She confronted him. He denied it. But, she said, “I knew it was him—you don’t steal a credit card and go to Little Ways for a $500 brunch, which is his favorite place next to his house.”
“And then I got the receipt and it’s his fucking drink order,” she said.
The tab included eight Aperol spritzes, oysters, steak and eggs, a burger, and two orders of Casamigos Blanco, with an extra charge to use the liquor to make an espresso martini.
Tini clarified later that “the tequila espresso martini was his sig drink.”
He sent conspiracy-tinged texts to friends about how he lost money, or money got stolen from him.
“So, I’m an idiot, I keep all my credit cards and password on a convenient page in the Notes app and then I made a questionable romantic choice for the evening last month—I have tens of thousand [sic] of dollars in charges,” he texted Evans. “I hate myself.”
Donna blocked all of Deschanel’s numbers. She said she threatened to take out a restraining order after Deschanel continued to reach her via his Venmo account. His purported sister, Gabrielle de Rothschild Deschanel, emailed to attempt a mediation. Donna googled the name and found nothing. (Reached for comment, a representative at Citadel said it had “No record of someone with her name or variations of it ever working here.”)
“Is this Kyle?” she responded. “I know this has to be Kyle.”
He would offer to Venmo friends for meals and drinks, and never follow through. The house that cost $25,000 a month to rent fell into disarray. His relationship with Vitolo started to stray as well. Rumors circulated about him hitting up fellow patrons for cash, or even trying to take out a large loan by playing up his connection to the restaurant. Apparently, according to multiple sources, Deschanel hosted a dinner with several female companions, ran up a bill, and then he ditched, stiffing his fellow diners. Eventually, Vitolo figured out that Deschanel wasn’t in his high school class. There was another guy named Kyle.
Deschanel opening a bottle of Pol Roger Brut Réserve at his home on Broome Street in Soho.Photo credit: anonymous.
After I reached out in June, Vitolo said, “I got better things to do with my life then [sic] talking about a fraud.” In August, when presented with accounts of Deschanel attempting to use Emilio’s Ballato to borrow funds, Vitolo texted “All false” but declined to elaborate.
And there were certain instances that pierced through the once impeccably maintained aura of wealth that Deschanel cultivated in himself. One nightlife friend faced such a moment when he asked Deschanel for a ride back to the city from Montauk after a weekend at the Surf Lodge.
“He was driving, for a guy like him, supposedly with his lifestyle and whatnot, he was driving a very, very crappy car that was filled—when I tell you it was filled, dude, I’m talking about, there would’ve been, on the floor and the front seat, 30 bottles of empty Diet Coke,” the friend said. “It was a junkyard. There was shit in the back seat. It was disgusting. And he told me that that was his assistant’s car. He told me that his assistant was an Orthodox, Hasidic. So throughout the car, there were various Hebrew books and all sorts of shit.”
For Tini such moments were small—at first. There was a $12,500 check that Deschanel asked her to cash for him. It was signed by someone named Saki Dodelson, of Lakewood, New Jersey. Tini and a friend we’ll call Andrea discovered online that Dodelson was the founder of an education company called Beable. LinkedIn revealed a woman in a white button-down shirt and blazer, with droopy red earrings and eye shadow. Deschanel said he was on the board of Beable and shrugged it off.
A few months later, Andrea was at 514 Broome Street, she said, drinking and smoking cigarettes, when she blurted out that she’d heard so much about Deschanel’s family, but had never met any of them. Why weren’t there any pictures on the walls? Deschanel tapped at his phone and showed her a picture of his mother. It was Saki Dodelson.
Then there was the Global Entry card.
“I happened to be over at his house looking for something,” Tini told me. “He’s like, ‘It’s upstairs somewhere.’ And so I’m upstairs and the pants on the floor, the belt, I’m not snooping through drawers. It’s literally his fucking pants on the floor that he just took off. I’m looking in the pocket and his real global ID and his Amex are in there, his matching Amex.”
There, on the US Customs & Border Protection–issued card, Tini said she saw Deschanel’s face.
The name next to it was Aryeh Dodelson.
Situated 68 miles from downtown Manhattan, Lakewood, New Jersey, is a city of about 135,000 people—roughly two thirds of whom are Orthodox Jews. It’s an inland area in Ocean County, and the air has the faintest hint of the beach in its aftertaste. One weekday this summer, I hitched a ride with two men—one a current Lakewood resident, another a former—as they offered a dose of local history and gossip. The town is home to, and in many ways driven by, the famed rabbinical school Beth Medrash Govoha, the largest yeshiva outside of Israel. According to locals and hometown news reports, BMG picks candidates for local office for the Haredim to support, controls hundreds of millions of dollars of real estate, and maintains a fundraising machine through its supporters.
“It’s a billion-dollar operation. It’s ‘Yeshiva Enterprise,’” said one of my hosts as we drove past the campus that has its own Kushner Pavilion, named for a certain prominent New Jersey Jewish family.
Like many such Orthodox enclaves, the town is by nature insular. Because no cars or electronics can be used on the Sabbath, everyone needs to live within walking distance from shul. Marriages are arranged—and meticulously so. The ambulances are staffed by volunteers—all married Orthodox men. But the Lakewood community also exhibits markers of upper-middle-class striving familiar to other New York–area suburbs. Over the last decade or so, new luxury gyms, with separate hours for men and women, have popped up—as have high-end kosher restaurants, and kosher liquor stores which stock Casa Azul tequila and copious Glenfiddich blends alongside Israeli wines. We strolled into a grocery store with the scale and minimalist approach of a Whole Foods, but stocked entirely with kosher goods. The checkout-line magazines were all about the Orthodox faith.
Until very recently, according to sources and public reporting, Aryeh Malkiel Dodelson, 36, was a practicing rabbi in Lakewood, New Jersey, where he lived in a home with his wife and child. He was the head of a local kollel, a group of married men who devoted their days to the study of the Talmud, making him a rosh kollel at the yeshiva. He was an adviser to the Chief Rabbinate of Israel, in Jerusalem.
“Being a rosh kollel, it’s like the dream for everyone,” Henry, a high-profile Orthodox personality who spent years in Lakewood and was driving us around, told me. “It’s like wanting to play in the NBA.”
Dodelson was in-demand, accomplished, a serious scholar of the ancient laws. He was invited to serve as a visiting rabbi at places like the West Side Institutional Synagogue, on West 76th Street. He wrote several books, including a 201-page-long text about agunot, the Talmudic laws that surround a Jewish woman’s rights to leave a marriage.
“It was not something that’s off-the-cuff or something, he took on a very hard, complex subject, and did a very good job with it,” said Riley, another resident of Lakewood who lived down the street from the Dodelson family. “So he’s definitely very learned and definitely brilliant.”
Dodelson hailed from one of the town’s most important families. His mother, Saki, is a cousin of the Rosh Yeshiva Malkiel Kotler, the dean of the historic school’s 8,000 students. He is the great-grandson of Aaron Kotler, who founded the yeshiva in 1943, a seismic development in Orthodox Judaism’s rise in the United States.
A finance company boasting hundreds of apparently glowing online “customer reviews” and an A+ rating from the Better Business Bureau was this week civilly charged with cheating over 700 investors — many of them senior citizens — out of more than $30 million over 5 years.
El Segundo, Calif.–based Red Rock Secured and its controlling chief executive, Sean Kelly, were accused by the Securities and Exchange Commission of playing on the retirement and tax fears of older investors to sell them gold and silver coins at vastly inflated prices to hold in self-directed IRAs.
The markup on the coins “was almost always above 100 percent, and typically 120 percent or more,” the SEC said in its complaint.
Between 2017 and last year, Red Rock pocketed more than $30 million of the $50 million investors paid for the coins, said the SEC, which also sued two former Red Rock executives.
Attorney Michael Schafler of the Los Angeles law firm Cohen Williams, representing both Red Rock and its CEO, said the company had “nothing to hide” and has been “completely cooperative” with the SEC investigation.
“Red Rock has demonstrated that it is focused on compliance and providing clients with information necessary to make reasoned and informed decisions about purchasing precious metals,” he added. “Red Rock stands by that. It looks forward to the opportunity to defend itself against the government’s allegations in Court.”
According to the SEC, Red Rock used an aggressive marketing campaign to target investors, especially those who were “conservative” or “right wing” politically and “over 59½ [years old].”
Sales personnel played on customers’ fears about government policy, inflation, the stock market and retirement to persuade investors to move IRA funds to Red Rock and invest in gold and silver bullion, according to the SEC. But then, using what the commission calls a “bait and switch,” they persuaded investors instead to buy niche “premium” gold coins with huge, but hidden, markups, which included an 8% sales commission.
These so-called premium coins included an obscure silver Canadian coin for which Red Rock Secured controlled the entire market, allowing it to claim falsely that the “market value” of the coin was more than twice the value of its silver content, the SEC said.
Red Rock Secured salespeople were told to pitch the idea of a “worry-free retirement” to potential clients, while warning them that in the stock market “you could wake up and half your retirement could be gone,” the SEC said.
“The defendants used fear and lies to defraud investors out of millions of dollars from their hard-earned retirement savings,” said Antonia Apps, director of the SEC’s New York office.
There was no hint of any of this in the company’s glowing online “customer reviews.” At Google, Red Rock had an average rating of 4.8 stars out of 5 from 136 self-described customers. At Trustpilot, it got an average rating of 4.8 stars out of 5 from 167 alleged customers. Trustpilot said the rating was “excellent.” At the Better Business Bureau, Red Rock got an average rating of 4.75 stars out of 5 across 96 reviews. At Consumer Affairs it got an average rating of 4.9 stars out of 5.
The Better Business Bureau, contacted by MarketWatch, said it had added an alert to its site about the SEC probe into Red Rock. But, it added, “BBB ratings are not a guarantee of a business’s reliability or performance. BBB recommends that consumers consider a business’s BBB rating in addition to all other available information about the business.”
The organization, which provides information about businesses through a rating system and handles consumer complaints, said its standard policy is to check that all reviews are from legitimate customers by contacting the company being reviewed. The BBB does not possess legal or policing powers.
Business-review platform Trustpilot also told MarketWatch it had added an alert to the Red Rock Secured review page.
“Trustpilot is an open, independent review platform, meaning anyone who has had an experience with a business can leave a review — whether positive or negative — on the business’s Trustpilot profile page,” the company said in a statement “We are currently investigating Red Rock Secured to ensure that they are using our platform in line with our business guidelines, and should we find any evidence they are not, we will take the necessary steps to prevent it.”
Logan Paul, the YouTuber and wrestler has been saddled with a class-action lawsuit over “fraudulent actions” regarding his NFT game, CryptoZoo.
After a year of investigation, Stephen “Coffeezilla” Findeisen, a YouTuber who looks into fraudsters and fake gurus in the crypto space, discovered that Logan Paul’s CryptoZoo was something of a scam. CryptoZoo, a blockchain game that was supposed to function like passive income for Paul’s ardent fans and early investors, actually wound up being a rug pull for just about everyone involved because Paul’s team preemptively sold the in-game currency, zoo coins, before everyone else. Aside from some of the folks hired to work on CryptoZoo, who allegedly made thousands of dollars, others interested in the “game” lost hundreds if not thousands, according to Coffeezilla’s multi-part investigatory series.
Initially, Paul was furious with Coffeezilla’s year-long investigation, calling him the “Keemstar of crypto in finance” and threatening to sue him in a since-deleted YouTube video. Paul has walked that statement back, apologizing to his fans and Coffeezilla while also putting forth a three-step plan to “finish and deliver” CryptoZoo, which has been basically broken since its August 2021 launch. Now, as Coffeezilla tweeted on February 3, Paul has been hit with a class-action lawsuit.
G/O Media may get a commission
It’s a camera. For your car. The Ring Car Cam’s dual-facing HD cameras capture activity in and around your car in HD detail.
The plaintiff, a Texas police officer who poured about $3,000 of his own money into CryptoZoo in the hopes that it would yield big returns, filed the litigation in the city of Austin. According to the suit reviewed by Kotaku, the plaintiff is seeking damages north of $75,000 for “conspiracy to commit fraud,” “fraudulent misrepresentation,” “negligence,” “unjust enrichment,” and more. The plaintiff named everyone involved with the game’s creation, including Paul and former lead developer Eddie Ibanez. In the end, the plaintiff wants repayment for copious damages, from attorney’s fees and the costs of action to civil penalties and mental anguish.
Paul has not responded to the lawsuit at all since it was filed. However, he did make an appearance (and got injured) during WWE’s 2023 Royal Rumble event on January 28. His YouTube accounts, including his Impaulsive podcast, have been pretty quiet since February started. As all of this is going on, though, Paul’s likeness is slated to appear in developer Visual Concepts’ WWE 2K23when it comes out on March 17.
NIANTIC, CT (WFSB) – Two men are accused of trying to purchase and fraudulently return items to Starbucks locations in three states, including in Connecticut.
Antwone Washington, 30, of Far Rockaway , NY, and Dante Shirfield Isaac, 31, of Hartford, face a list of charges, according to East Lyme police.
Police were called to a Starbucks on Flanders Road in Niantic on Thursday just before 8 p.m.
A woman from Delaware reported that someone made unauthorized purchases on her credit card at a Starbucks in East Lyme.
Police found that suspects were also trying to return merchandise from other Starbucks stores. They learned that two suspects had been pulling the same scam at other Starbucks locations in southeastern Connecticut.
Washington and Isaac were taken into custody without incident.
Police said they had a rental vehicle, which contained about $1,800 worth of Starbucks merchandise, along with receipts from stores in Pennsylvania, New York and Connecticut.
Washington was charged with fourth-degree larceny, criminal attempt at sixth-degree larceny, illegal use of a credit card, third-degree identity theft, and other charges.
Isaac was charged with criminal attempt at sixth-degree larceny, illegal use of a credit card, third-degree identity theft, second-degree breach of peace and other charges.
Zelle has been criticized for rampant fraud and scams that can leave some bank customers on the hook for financial losses.
Over the past several months, banks in Charlotte and beyond have faced sharpened scrutiny of Zelle, a digital payment network created and marketed by the country’s seven largest banks.
And many customers have fallen victim to scams that are growing more common on the service.
Lawmakers have pushed banks to crack down on Zelle fraud and pay back a greater number of customers when they get tricked into losing money. Banks say they reimburse all unauthorized transactions already, and that fraudulent claims account for a minuscule fraction of the money sent back and forth on the network.
Here’s a breakdown of why the payment service has come under fire — and what you can watch for on Zelle to protect your own cash.
What is Zelle?
Zelle is a peer-to-peer payment network similar to PayPal or Venmo. It allows users to digitally send money from their accounts to users at different banks.
The service, created in 2017, is operated by Early Warning Services LLC, a company co-owned by seven banks: Bank of America, Wells Fargo JP Morgan Chase, Truist, U.S. Bank, PNC and Capital One. But many other banks use Zelle — a total of more than 1,700.
Zelle is now the country’s most widely used transfer service, with more than double Venmo’s payment volumes, MarketWatch reported in October.
But unlike Venmo, CashApp or other similar services, Zelle transfers money instantaneously from bank account to bank account with no entity in between.
Why is Zelle being criticized?
Lawmakers and regulators have pointed to growing complaints of fraud from bank customers, suggesting that Zelle users may have become a target for scammers.
Fraudsters are likely drawn to Zelle for its ubiquity and ability to instantly transfer cash directly from a bank customer’s account, said Teresa Murray, a consumer watchdog for U.S. Public Interest Research Group.
A report from Sen. Elizabeth Warren found that four of the country’s largest banks, including Bank of America and Truist, are on track to report more than half a million claims of fraud on Zelle for the past three years.
Critics also argue the banks don’t do enough to repay customers that get scammed on Zelle.
By law, banks are required to cover customers’ losses for unauthorized transactions, like a third party hacking into a customer’s account. From the banks’ point of view, those rules don’t apply to authorized transactions — ones that a customer initiated — even if they were tricked into doing so.
That means that customers are often left on the hook for losses.
Zelle and the banks behind it have pointed to the growing number of users as an explanation for increased claims, and the fact that the vast majority of transactions on the service — more than 99.9% — occur without incident of frauds or scams.
What do Zelle scams typically look like?
One common con on Zelle is known as a “me to me” scam.
This is how Bank of America described it in one email to customers: Customers get a text that looks like a fraud alert from their bank, asking about a suspicious transaction from their bank account. After sending a text back saying they weren’t the one to make the charge, customers get a phone call.
The caller identifies themselves as a bank employee, and offers to help stop the fraud by asking Zelle users to digitally send money to themselves.
Scammers often don’t even need a password, Murray said. They can use customer’s usernames and two-factor verification code to access your bank account, and steal thousands of dollars within minutes.
In other scams, bank customers get an email, text or call from what looks like a person or business they know, urging them to send funds through Zelle.
“It’s frighteningly easy,” said Murray. “You combine robo calls and texts, with this easy, virtually untraceable way to rip people off, it’s like a horror movie.”
What happens next for Zelle?
At least three of the banks behind Zelle — JP Morgan Chase, Bank of America and Wells Fargo — are discussing a possible new reimbursement plan for customers that get scammed using the service, the Wall Street Journal reported.
The conversation has centered on standardizing refund procedures, the Journal reported, in the hopes of building trust in the service and helping more customers get their money back.
Barring a new plan from the banks, Murray said, regulators may step in to create guidelines for reimbursing customers.
The best protection against fraud
The best way to protect yourself is to watch for signs of a scam.
“Never respond to unexpected phone calls or texts or emails,” Murray said. And never ever, ever share the two-factor authentication code whether it’s for your bank account or your email.”
“If you abide by those two things, you will have fended off a lot of fraud.”
This story was originally published December 2, 2022 5:50 AM.
Related stories from Charlotte Observer
Hannah Lang covers banking, finance and economic equity for The Charlotte Observer. Her work has appeared in The Wall Street Journal, the Triangle Business Journal and the Greensboro News & Record. She studied business journalism at the University of North Carolina at Chapel Hill and grew up in the same town as her alma mater.
SPRINGFIELD, Mo. (KY3) – Springfield Police are warning people about a “potential scam.”
Officers contacted several people wearing traffic vests at a busy intersection in Springfield, asking for donations for a teenager’s funeral. Springfield police say it violates city ordinances. Police say the panhandlers even walked into traffic to get money wearing bright vests. Police say they are seeing this in other nearby cities too.
“These people were just being more aggressive and getting up all in your face and everything,” said Connie Pugh, a driver who witnessed it. “They were asking for a funeral for a 15-year-old child.”
Officers received calls about the group. Pugh says she knew they weren’t from the area because panhandling like this violates a city ordinance. A similar group was spotted in Buffalo, Missouri. The sign had a different name for the teen’s funeral.
Buffalo police also sent out a warning about this group.
”There was this picture of this woman, and look like the same woman I had seen down on Sunshine and West Bypass,” said Pugh. “When you got people that are walking the intersections impeding traffic really, then you know that is dangerous for everybody.”
Drivers spotted the same people along Glenstone and Sunshine. And SPD says intersections along Kearney as well.
”It’s a violation of our city ordinance, and for whatever reason that they are giving. It may not be a legitimate purpose,” said Lt. Steve Schwind, Springfield Police. “It’s not only a violation for the pedestrian to approach vehicles to solicit money and take any type of donations from the roadway, but it’s also a violation of the ordinance for the motorists to stop and give money to the pedestrian.”
Pugh says panhandling in Springfield is getting out of hand and hopes the city starts cracking down on the problem.
”If that is a scam that they were doing over the weekend, I hope these people get caught,” said Pugh.
/cloudfront-us-east-1.images.arcpublishing.com/gray/MMMNWTGZBFDMLHZL4KG53VJVNA.JPG)
/cloudfront-us-east-1.images.arcpublishing.com/gray/SZZTW67LMRAMPPCKBBQMSUTFRA.JPEG)