News & Analysis

Indians Lost Rs.1000 crore due to Fake Crypto Exchanges

The sudden spurt in crypto as a means of investment has resulted in people getting scammed by threat actors operating from outside the country

The crypto markets might be witnessing a meltdown with hopes for a revival also being spoken off by proponents. However, investors who shift their focus to the lucrative cryptocurrency markets have had to face scammers and cheats too. Rahul Sasi, Founder & CEO of CloudSEK, has drawn the country’s attention to one such crypto-trading trap.

An ongoing operation involving several phishing domains and Android-based applications has been uncovered by CloudSEK. This large-scale campaign entices unwary individuals into a huge gambling scam. Many of these bogus websites impersonate “CoinEgg”, a legitimate UK-based cryptocurrency trading platform (


Here’s how the scam worked

In a statement, the company said the scam works in seven phases. The first is to create a fake domain where threat actors impersonate legitimate crypto trading platforms. The sites are designed to replicate the official website’s dashboard and user experience.

Once this is done, they move to the next phase of creating a social media profile, more specifically that of a woman This is then used to approach potential victims through establishing a social media friendship. The third phase begins immediately with the social profile encouraging the person to invest in cryptocurrency and begin trading. They even share a $100 credit as a gift from the fictitious crypto exchange. 

The next phase involves using the free credit to sign up on the exchange where the victim starts trading, often under the influence of the threat actor. The victim initially makes a significant profit, which bolsters their trust in the platform and the threat actor.

The next couple of phases involve the prospective target investing their own money, given the profits they made initially. The threat actor continues to influence the quantum of investments through promises of even better returns. Once the additional funds are added, the victim finds the account frozen. 

There is also a seventh step where victims take to other platforms to complain about the lost access at which point the same threat actors or their associates reach out in the guise of investigators. To retrieve the frozen assets, they request victims to provide confidential information such as ID cards and bank details, via email. These details are then used to perpetrate other nefarious activities.


What’s the way ahead?

As a method of mitigation, Rahul Sasi suggests that, in the short-term, crypto related phishing domains should be identified and taken down at the earliest. 

However, in the long-term it is imperative for the collaboration between crypto exchanges, ISPs, and cyber crime cells to raise awareness and take action against threat groups, he adds. 

Leave a Response