Cryptocurrency is the fastest-growing method of financial transactions on the planet. Consumers, investors, and users continue to adopt digital currencies at a massive rate, making cryptocurrency thefts, hacks, and frauds more common than ever.
According to a CipherTrace report, crypto crimes totalled $1.36 billion in the first five months of 2020. 98% of that 1.36 billion was the result of fraud and misappropriation.
And crypto crime is not just growing fast, it moves fast. So, in the event of a crime, an immediate investigation is critical.
Time is of the essence
Sophisticated fraud takes months of set up. To fight the public’s growing awareness of digital fraud, whether that is phishing scams or ransomware attacks, fraudsters create elaborate digital asset networks as smokescreens to disguise their true intentions.
Complex fraud requires the creation of websites, email addresses, phone numbers, and even fake companies, all designed with a single purpose. But once the fraud is complete, it takes time to dismantle those assets. It is during this critical window that vital intelligence and evidence can be gathered.
As with any asset tracing activity, the sooner you can start following the funds, the better. In a crime involving cryptocurrency, funds could be sent from one wallet to another, and another. With effective tracing, investigators can follow the flow of funds and identify any obfuscation techniques such as using 'mixing services' or ''peeling methods'. Once funds are located in a wallet that is controlled by the suspect, investigators are able to flag the wallet that will inform them of any movement within this wallet.
Challenges to tracing
Proceeds of crime in the form of cryptocurrency are often passed through complex mixing and layering processes to conceal their digital trail.
One method is to use blockchain transaction mixers. These services attempt to confuse the trail of blockchain transactions. In most cases funds are divided into smaller parts and put together with similarly sized funds from other uses.
The pool of funds is then "mixed" and redistributed amongst the original contributors. But they might not be the exact funds they started with. As a result, a fraudster may get funds with a much lower ‘taint’ ratio (low traceability to perpetrator’s initial blockchain addresses).
Sophisticated fraud operations will typically pass funds through chains of hundreds or thousands of layering transactions – like traditional money laundering methods.
The ultimate destinations of these funds include, but are not limited to:
- Cryptocurrency exchanges
- Blockchain marketplaces
- Decentralized financial applications
- Gaming and gambling sites
These endpoints allow criminals to cash out their cryptocurrencies while further hindering the trail of funds by exchanging them through several such services.
However, this is not a perfect solution. There are analytical techniques that allow investigators to overcome complex obfuscation. By analysing the destination and sources of funds, as well as activity on suspect accounts, it is possible to put together a trail that links funds with a specific crime.
Once identified, steps can be taken to freeze a wallet or account, securing the stolen funds. But to do that, you need to put together a strong case for the courts quickly before the funds are lost.
Building a solid case
Given the speed at which cryptocurrencies can move, getting an effective case together is a challenge. By acting quickly, not only do you potentially preserve evidence, but you give yourself more time to undertake a thorough investigation.
Alongside modern tracking and tracing exercises, successfully proving a crypto crime requires traditional investigative methods, too. Witness statements and documentary material are still essential parts of building a case that satisfies the court.
When undertaking an investigation, it is easy to overlook signs of cryptocurrency use. Digital carriers preserved during the investigation, such as servers and personal computers, can hide evidence of cryptocurrency use. This could include bookmarks to crypto wallets, as well as desktop applications such as Electrum, Jaxx, and Coinbase etc., all of which can reinforce a case.
Pocket litter can also be critical to connecting an individual to fraudulent activity. A scrap of paper or ledger note containing lists of random words (typically 12) could be evidence that a person has a crypto wallet. This is because random lists of words or “seed phrases” are used to unlock digital wallets.
Putting together a strong case for crypto crime requires insight into this new technology as well as a proven ability to undertake investigations professionally and in line with best practice.
To find out how we can assist your fraud and cybercrime investigations, get in touch.