How Fake Investors (Almost) Scammed a Tech Startup Out of $1.2M in Crypto

This post is also available in: Português

The fake investment scam is a cautionary tale of fake identities, startup vulnerabilities, and crypto wallet bugs

If you are a founder or investor in a startup, you need to be aware of a highly sophisticated fake investment scam that uses fake investment promises to steal funds from cryptocurrency wallets set up as proof of funds by startups. The case reported by Dr. Daniel Veidlinger, a professor at California State University, Chico, illustrates how these scammers precisely manipulate and steal from their victims. Dr. Veidlinger, an experienced angel investor in Silicon Valley, shared details of this incident on his blog.

The Fake Investment Scam Proposal

In June 2024, an AI startup received an innocuous-looking email. The sender, “Jacob Laurent,” introduced himself as the International Relations Manager at Tesalia Asset Management (TAM). He claimed to represent ultra-high-net-worth family offices interested in investing in the company.

TAM maintained a professional website, complete with staff bios and financial expertise, which later was flagged by Luxembourg’s financial regulator, CSSF, for fraudulent activities. The regulator issued an official warning confirming TAM’s role as a scam operation. Read the warning here.

Laurent set up a Zoom call with “Robert Maximillian Getty,” who claimed to be a descendant of the Getty Oil and Miller Duty-Free Shops billionaire families. Getty confidently discussed investing $5 million, offering a valuation higher than the startup’s last funding round. He sweetened the deal by inviting the CEO to Monte Carlo post-investment closing to spend time on his yacht.

Getty abruptly exited the negotiations due to a “personal emergency,” and Laurent then introduced “Rudolf Bouvier,” who claimed to be the nephew of Swiss billionaire art dealer Yves Bouvier. Bouvier proposed EUR 5 million investment –  later changed to USD $8 million – but conditioned it on the company setting up a cryptocurrency wallet with $1.2 million as proof of funds.

The Pressure to Set Up a Cryptocurrency Wallet

The scammers pressured the startup to demonstrate proof of funds, initially requesting $1.2 million. Intense negotiations led to an agreement for $50,000 from the CEO’s personal account; he refused to use corporate funds. Dr. Veidlinger, an investor in the startup, was brought in to set up the wallet. The first wallet was created on Coinbase, but due to verification delays, the funds were transferred to Trust Wallet and eventually to Atomic Wallet (version 1.29.5). Each time, however, the scammers found reasons to insist on changing crypto wallets, citing “regulatory verification” issues.

The QR Code Scam

After the Atomic Wallet was set up and assets were verified on Etherscan, “Rudolf Bouvier” expressed satisfaction and stated that he was ready to close the investment. However, he requested one final step: introducing his “nephew,” Nathan Lambert, to inspect the wallet during a live Zoom call, to make sure everything was alright.

During the call, Lambert claimed he needed to verify that the startup could send and receive cryptocurrency transactions correctly. He requested a test transaction of $0.05 in USDT. Lambert instructed Dr. Veidlinger to manually enter the amount and scan a QR code he displayed on the screen. Lambert’s demeanor and technical requests appeared legitimate, which lowered both CEO’s and Dr. Veidlinger’s guard.

The QR code, however, had been programmed to overwrite the manually entered amount with $50,000 USDT. The transaction was completed, and instead of transferring $0.05, the wallet sent $50,000 USDT to the scammers, exploiting Atomic Wallet’s flaws.

Atomic Wallet Flaws:

1. The QR code overwrote the manually entered amount without a confirmation prompt.
2. The US dollar equivalent was not updated to reflect the altered cryptocurrency amount.
3. A critical visual flaw removed the decimal point in the USDT amount, making $50,000 appear as “0049977.”

Nathan Lambert insisted the phone’s screen face the camera, minimizing the chance to spot the discrepancy. The scam was so subtle that even careful examination would likely miss the overwritten amount before pressing “Send.”

For a comprehensive visual analysis of this scam, including the specific tactics used by the fake investors and the impact on the targeted startup, watch the following case study by Daniel Veidlinger:

The Loss and Reaction

After the theft, the CEO confronted Bouvier via messages. Initially, Bouvier pressured him not to disclose the incident, but he eventually admitted to the theft. Lambert denied involvement despite blockchain evidence.

The funds were traced by blockchain experts hired by the startup. They discovered that the scammers transferred the assets in small amounts to multiple wallets and liquidated them on exchanges like Binance and Bitget.

The startup also hired a law firm to pursue remedies but was advised that recovery of funds was virtually impossible on account of fake identities and multiple jurisdictions involved.

Video Recordings

The startup’s CEO had the foresight to secretly record Zoom calls with the scammers, including the critical moments where wallet inspection and token transaction requests were made. These recordings offer a rare detailed look at the scammers’ tactics, from their confident demeanor to the technical instructions that facilitated the theft.

Confession of the Fake Investment Scam Crime

Immediately after realizing the theft, the startup’s CEO confronted “Rudolf Bouvier” via WhatsApp. At first, Bouvier tried to manipulate the CEO into staying silent, warning that public disclosure could harm future investment opportunities and that the startup’s shareholders would be angry. When the CEO refused to back down, Bouvier admitted to the theft in writing.

Nathan Lambert, the QR code generator, continued to deny involvement despite clear blockchain evidence showing the transaction. Screenshots of WhatsApp messages revealed Bouvier’s attempts to justify the theft as a “misunderstanding,” while Lambert falsely claimed the amount sent was only $0.05. These admissions and denials highlight the brazenness of the scammers and their reliance on exploiting victims’ trust and confusion.

A Global Fake Investment Scam Pandemic

Cases like this are becoming increasingly common. In February 2023, Webaverse, another tech firm, lost $4 million in a similar scam. In both cases, scammers leveraged:

1. Professional-looking websites, legal documents, and fake identities.
2. The trust founders place in individuals pretending to be wealthy investors.
3. Sophisticated tactics involving cryptocurrency transactions.

As Dr. Veidlinger noted, startups desperate for investment are easy targets for fraudsters promising millions. Similar scams have targeted startups across the globe, preying on their eagerness to secure funding. These fake investment scam involve firms, falsified biographies, and calculated emotional manipulation, such as invoking urgency or familial connections. Each step builds credibility, ultimately leading victims to let their guard down.

How to Protect Yourself

1. Verify Investors:
   • Use financial regulatory databases to check the legitimacy of investment firms.
   • Look for public warnings or fraud alerts posted anywhere on the web.
   • Ask investors for verifiable IDs, investment references, and proof of funds.
2. Scrutinize Wallet Requests:
   • Avoid using personal or company funds to set up wallets as proof of funds.
   • Understand the features and vulnerabilities of cryptocurrency wallets.
   • Make sure wallets clearly warn users when amounts are changed.
3. Analyze QR Codes:
   • Always double-check transaction details after scanning a QR code.
   • Use wallets that do not allow QR codes to overwrite manually entered amounts.
   • Test transactions with minimal funds and confirm all details before hitting Send.
4. Understand Blockchain Transactions:
   • Learn how to use tools like Etherscan to verify wallet balances.
   • Use custodial wallets for high-value assets until investors prove legitimacy.
5. Stay Alert During Calls:
   • Refuse to open wallet or share screen with investors, including over Zoom call.
   • Never rush into transactions under time pressure from investors.
6. Educate Your Team:
   • Train all employees on the risks of fake investor crypto scams.
   • Share resources on fraud detection and prevention.

Read SmartOptions Guide on Recovering Stolen Crypto Assets From Crypto Thieves.

Conclusion

The sophisticated fake investment scam described by Dr. Veidlinger serves as a powerful reminder of the vulnerabilities startups face. By exploiting trust, urgency, and gaps in cryptocurrency security, fraudsters can devastate businesses. Understanding the methods used by scammers can help startups and investors avoid falling into similar traps. This case highlights several key lessons:

1. Even seasoned tech professionals can be victims of sophisticated fraud.
2. Scammers can exploit weaknesses in crypto wallets, such as the QR code flaw in Atomic Wallet.
3. Public warnings from financial regulators are vital but often come too late.

For startups and investors, the stakes are high. Vigilance, thorough due diligence, and a solid understanding of cryptocurrency transactions are essential to avoid falling prey to similar schemes. The most important lesson may be the simplest: if something appears too good to be true (as in an unknown individual out of the blue offering millions in investment), it probably is a scam. By sharing these stories, we can help protect others from such devastating losses from fake investment scams.

Stay informed, stay cautious, and help others by spreading awareness of these scams.