Together, Reducing Fraud Worldwide


The Fraud Examiner

 

Tracking the Intangible: How Fraud Examiners Are Busting Bitcoin Fraud

 


Share |


November 2013 

By Jacob Parks, J.D., CFE 

 

Due to its skyrocketing value over the past year (from around $10 per Bitcoin in November 2012 to over $900 per a year later), Bitcoin has been gaining popularity beyond just the tech community. Specifically, anti-fraud professionals are taking an interest in the digital currency. Bitcoin has been involved in a range of financial crimes, including theft, price manipulation, sale of illicit goods, money laundering and even Ponzi schemes.

 

Virtual currencies, perhaps most notably Bitcoin, have captured the imagination of some, struck fear among others and confused the heck out of the rest of us, including me,” said Senator Tom Carper, chair of the Senate Homeland Security and Government Affairs Committee, during a meeting this November. Bitcoin is an online peer-to-peer currency that uses principles of cryptography to validate transactions between users. Much like trading in national currencies, a person can go online and exchange bitcoins for dollars, euros, and a host of other national currencies (and vice versa). One of the key features of Bitcoin is that it is decentralized, meaning individual users around the world running Bitcoin software on their digital devices form the backbone of the system. This trait has separated Bitcoin from some other virtual currencies — such as e-gold and Liberty Reserve — which operated through centralized servers and were shut down for violations of anti-money laundering regulations. To read more about the origins of Bitcoin, see this previous article from The Fraud Examiner. 

 

Bitcoin has often been called an "anonymous" currency, but recent criminal enforcement actions have shown that individuals who use the currency for fraudulent purposes are not as nameless as they might hope.

 

Online Persona 

Investigators do not always reveal criminals by looking at the books. Reflecting the online nature of the currency, the Bitcoin community is also active through social media, online forum posts, chat rooms and comment sections. For some reason, many cybercriminals have a tendency to discuss or brag about their methods in online settings.

 

The FBI recently busted the operator of the most popular online drug site, the Silk Road. This site was essentially the eBay of drugs and other illegal items, and only accepted payment in Bitcoins for the purpose of maintaining the anonymity of buyers and sellers. The investigation involved many sources that eventually led to the identification of the suspected operator, Ross Ulbricht. One of those sources, surprisingly enough, was the suspect's LinkedIn profile.

 

 

 

According to the federal criminal complaint against Ulbricht, his profile obliquely stated his goal was "creating an economic simulation," designed to "give people a first-hand experience of what it would be like to live in a world without the systemic use of force by institutions and governments." That description fits that of a Silk Road advocate, and Ulbricht's profile gave investigators more evidence.

 

Undercover Operations 

Those who use Bitcoin as a means for crime often operate on the "dark Web," using Tor (a tool that makes tracking a person's IP address very difficult) and other techniques to cover their tracks. As a result, law enforcement agencies such as the FBI have successfully turned to undercover operations to foil such schemes. In the same Silk Road investigation, investigators posed as users of the illegal site to learn information about it, as explained in another criminal indictment.

 

Additionally, Ulbricht had an employee who had stolen funds from Silk Road users and was arrested by federal law enforcement. Ulbricht wanted to punish the former employee for stealing, and also feared that the employee would give information to the police. Ulbricht decided to hire (with Bitcoin payments worth $80,000) another person to murder the extortionist — or so he thought. The hired assassin was actually an undercover agent, who happily accepted payment for the murder contract. The police staged and photographed the fake murder of the former employee, who, indeed, was working with them. The undercover agent then sent the photos to Ulbricht as "proof" of the crime. This undercover operation gave the investigation team solid evidence to indict the suspect.

 

Vigilante Justice 

Cybercriminals are at continual risk of being "doxed," which occurs when one person (generally a hacker) reveals the true identity of an anonymous person in public fashion. The person doing the doxing has typically found vulnerabilities in the subject's strategy to remain anonymous and takes advantage of them to obtain identification information. Doxing is sometimes done as a means to harass or cause harm, but there are also times when someone who commits fraud or other grievances against the community is targeted for doxing as a way of punishment. As a result, reading these public posts can help investigators develop leads.

 

For instance, in July 2013, the SEC accused an individual of operating an illegal $5 million Ponzi scheme with Bitcoin-based investments. The subject, known as the online handle "pirate40," used all of the obvious hallmarks of a Ponzi scheme. First of all, with a name like "Bitcoin Savings and Trust," suspicion should have been aroused. The subject also promised 7 percent returns on investment every week, made statements that the investment was virtually risk-free, that he never was close to operating at a loss, and so on. In truth, he actually was trading at a loss and was paying early investors with new investors' funds — a scheme that soon collapsed. He also spent a large amount of his investors' funds on himself.

 

However, "pirate40" was doxed at some time near September 2012 on Bitcoin forums, revealing his identity as Trendon Shavers of McKinney, Texas. The doxing in this case was a community effort to recover the stolen funds. Those who claimed to help uncover his identity also claimed to have notified various law enforcement agencies. The following year, the SEC brought its charges against Shavers.

 

Fraud examiners should exercise caution in using this type of information for several reasons. First, it is not necessarily reliable. The wrong person could be doxed and the information could be inaccurate, purposefully falsified or contain other problems. Additionally, evidence that is obtained illegally can cause issues if the case were to go to trial, especially if the illegal search was conducted at the behest of investigators. Therefore, legal counsel should be consulted before attempting to access or use such information in a fraud investigation.

 

Analyzing the Block Chain 

Bitcoin is more accurately described as pseudonymous than anonymous, meaning that while a user's name is not attached directly to an underlying transaction, the transaction history itself is permanently stored on an online public ledger for all to see. This ledger is referred to as the "block chain," and is searchable at http://blockchain.info/. Researchers and data analysis professionals are developing techniques that might be used to detect suspicious activity in Bitcoin transactions, and perhaps even trace them to specific people.

 

Researchers at the University of California at San Diego and George Mason University undertook research to identify ways in which Bitcoin transactions could be grouped and traced back to specific users. While the public information alone probably would not reveal the person's identity, a warrant or subpoena served on the user's Internet service provider (ISP) might be effective. For instance, the researchers were able to map transactions from certain parties (e.g., the Silk Road) that were related to users believed to be customers. The researchers created a transaction link diagram, as seen here.

 

 

 

Additionally, government and private organizations are working on tools to detect Bitcoin fraud, in case the digital currency continues its rise in popularity. Markus Rothenhöfer, CFE, works for Contelligence GmbH, a company that is working with German law enforcement and the European Union to develop data analysis software for Bitcoin. Rothenhöfer states that the tool "makes it possible to trace and detect fraudulent transactions via mathematical methods by combining graph theory with statistical models." A screenshot of the tool is provided below.

 

 

 

The Future of Bitcoin Fraud 

Bitcoin has the potential to benefit legitimate parties, such as merchants who might incur much lower transactional fees for payment processing. Many Bitcoin advocates believe that the currency or one like it will be the next disruptive development in payment technology, much as credit and debit cards were in the 20th century. While that prediction is far from certain at this point, it is good to know that there will be ways for fraud examiners to investigate crimes involving Bitcoin.

 

  

Contact the ACFE
For more information, contact Scott Patterson, Media Relations Specialist
Phone: (512) 478-9000 ext. 156; email: spatterson@acfe.com


 
 

2 Comments

  • Avatar

    Mr. Parks, excellent article thank you. I think you have touched on many key issues we face with bitcoin. The good news is that many of us that work in bitcoin, especially at the investigative/regulatory compliance level have many years of experience in building successful departments for tech/internet based financial institutions. I personally, was fortunate enough to get in on the ground floor of a now very successful payments company and with the blessing of the company and the efforts of my incredible staff- we built a global investigations group that has done a lot of long term good.
    We as a company and the industry in general have to differentiate ourselves from some of the bad actors out there and we must show that we are part of the solution not part of the problem. We are also fortunate because the vast majority of bitcoin users are young, dynamic and extremely intelligent people who believe in bitcoin and the good that it can do. They want to see this succeed and want to do the right thing. Bitcoin is obviously very disruptive (in a good way) to commerce. What merchant wouldn't love to take bitcoin knowing that there is no risk of charge back due to fraud? CC fraud has done great harm to the US ecommerce market- Bitcoin helps solve many of these issues.
    I think the opportunity is present for governments, regulators, law enforcement, customers and companies to come together and build something that benefits everyone involved.
    It is always great to read articles from people such as yourself that have taken the time to understand the issue and present the information in a fact based way even when pointing out the 'warts.' While there will always be those who choose to exploit and take advantage of anything and everything. There will also be others who will do their best to do the right thing. We also realize the huge responsibility that we have in helping to protect our US Financial system. Again, thank you great article!

  • Avatar

    I think the Fraud Examiners are not busting Bitcoin fraud, they are busting the same crimes that have always been committed by criminals. Whether or not payments for murder, ponzi scheme investments, or other illegal acts happen to occur in dollars, notes, IOUs, or Bitcoins is irrelevant. This issue is that a crime was committed and consideration was given for an illegal act.
    In addition, Bitcoin is a fiat currency (it has no intrinsic value) just like the post 1971 US dollar. Fiat currencies are state-issued money which are not convertible by law to any other thing, nor are they fixed in value in terms of any objective standard. I believe that the issuance of fiat currencies is the real crime, whether done by private parties or governments.

Add Comment

Text Only 2000 character limit

Page 1 of 1