22000 USD SCAM because of Phishing and Bank Transfer Chargeback

[jimmy2k]

Hello Everyone,

I was scammed last week for a fiat amount of 22k USD! I sold BTC on a p2p exchange accepting german bank transfer and it  took not long time for getting the first offer of a smaller number of around 30 BTC. As I know that fraud is a big topic by trading on #bitcoin-otc I tried to get as much informations I could get from the buyer! He told me that he is buying BTC for his german clients from whom he provided the phone numbers so that I could talk to them to be sure, which I did immediately! After I felt more comfortable with the trade I agreed and received the amount for the first 30 BTC very quickly on even the same day! I released the escrow and was looking forward to the next deal with him! This time he wanted to buy around 80 BTC. After calling the number of his client I agreed to make the trade and the day after I received the amount on my bank account. This time to be even safer I phoned the bank to authorize the transfer to be safe because of potential chargebacks! The employee told me that I can be safe and that no chargebacks are possible after I see the money on my bank account. ( I even have a proof of this statement, because I recorded the phone call). After this I was even more comfortable and was ready for the next trade with around the same volume of 80 BTC. I asked him then to please provide me a proof of payment, so that I can be sure that I will receive the money on the next day! After that a really strange thing happened! He sent me the login data for his clients online banking account and told me I should just log in and check for a proof! This was completely suspicious to me and I immediately decided to go to the police the next day... Then everything changed...

Next morning I woke up and received directly a phone call from my bank that my account was frozen because I am accused of phishing! The buyer of the first trade accused me and claimed the money back, which was then charged back immediately without my agreement!

After that I immediately accused the internet user for phishing to save me for upcoming accusations because of the other two trades, which were from separate accounts each!

To make the story short... Yesterday my concerns were confirmed that every bank transaction was made from phished bank accounts and I now have to send the whole money back that I ever received from trading with this user... The problem for me is now, that the bitcoins except for the first trade are already released and it will be very difficult for me to get them back! The german police is taking care of this case and their cybercrime specialists are trying their best to get the BTC back. The officer himself said that they have had BTC crimes more and more often in the last times and knows therefore a bit about the technical details of btc and theory.

There are some informations we could already gather from the user like ip addresses and mail account, but I think maybe the most valuable information so far are are btc transactions of my the stolen BTC.
They are
https://blockchain.info/tx/d707d1eb7e97a9132314d895f0f80116f70085e6c4e2b2be34d09fadb20da07c
and
https://blockchain.info/tx/b42c6075bdba2dc6f3f05e14fb9d454672e4931c5c3eff40ca6b59a6756f9735

When you check this, you can immediately see that the two amounts of 28 BTC and 86 BTC lead both to this address: https://blockchain.info/address/1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM

I thought about doing some network monitoring and analyse the graph afterwards like it has been done already on this blog article:
http://anonymity-in-bitcoin.blogspot.de/2011/07/bitcoin-is-not-anonymous.html

Maybe there can be some important information extracted from this kind of perspective. Also I thought about asking the exchanges for checking their btc address databases whether they have a registered user using this btc addy!

Since 22k of USD is much money for me I will do everything to get them back and I am willing to give 1 BTC to everyone providing me any concrete information about the identity behind any of the BTC addresses given above!

Thank you for reading this and eventually trying to help me in this case!

Note: I did not provide the nick name of the user because he was registered new on the p2p exchange and is not known here! I also did not provide the name of the p2p exchange to not harm them in any case! If you are interested in a proof of the accusation documents or any more concrete details, just let me know! I cant provide these informations in public because its sensible data! Thanks for understanding this!


Greetings,
jimmy2k

[1715648587]

1715648587

[1715648587]

1715648587

[1715648587]

1715648587

[1715648587]

1715648587

[1715648587]

1715648587

[DiamondCardz]

providing me any concrete information about the identity behind any of the BTC addresses given above!

Alright, I'll try my best to help.

We can see that today, a transaction from address https://blockchain.info/address/1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM was sent.

The transaction hash of this being https://blockchain.info/tx/b862db08c3de4dd86ffdafa74cee00c2db6412ed76826f219928bc4d509e2929

There were 3 input addresses, so it's incredibly likely that these 3 input addresses are all owned by the same person. So we have:

https://blockchain.info/address/1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM
https://blockchain.info/address/18AUfktKwRV1rKDLXvZJnHmF2uurreU6u2
https://blockchain.info/address/1EHPZVsQvHxb65o9CepWdPHEuVnWthSuGK

https://coinbase.com/network/addresses/1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM
https://coinbase.com/network/addresses/18AUfktKwRV1rKDLXvZJnHmF2uurreU6u2
https://coinbase.com/network/addresses/1EHPZVsQvHxb65o9CepWdPHEuVnWthSuGK

We need to turn some stones. Find any services that have encountered these addresses. And more importantly, if they have any good contact info.

I will contact a few services and respond with their replies.

Hope I helped.

[escrow.ms]

Don't accept Germany and some other countries online bank transfer,most banks their don't have 2factor authentication.

[DiamondCardz]

I've PM'd the following people:

Owner of BTC.sx
Owner of inputs.io
Owner of BTCJam
Owner of PicoStocks

...about the given addresses.

I'm trying to do what I can to help.

[jimmy2k]

thank you DiamondCardz for putting so much effort on this! As I said, If there is one specific detail telling us anything about his real identity I wont hesitate sending you 1 BTC!

Greetings,
jimmy2k

[ninjaboon]

thank you DiamondCardz for putting so much effort on this! As I said, If there is one specific detail telling us anything about his real identity I wont hesitate sending you 1 BTC!

Greetings,
jimmy2k

@jimmy2k - sorry about your loss. I have also lost about USD600++ this week to a scammer : https://bitcointalk.org/index.php?topic=85430.msg2650185#msg2650185

Did the scammers email you ?
If yes, then there will be an originating IP address in those emails.

[redtwitz]

Did the scammers email you ?
If yes, then there will be an originating IP address in those emails.

Sometimes. It depends entirely on the server the email was sent from.

[CurbsideProphet]

How did you lose $22,000?  The amount of Bitcoin lost doesn't come close to that figure at current rates.  Did they pay you significantly higher than the current spot rate?  Are you counting the rest of your cash that was frozen in the account?

[DiamondCardz]

thank you DiamondCardz for putting so much effort on this! As I said, If there is one specific detail telling us anything about his real identity I wont hesitate sending you 1 BTC!

Greetings,
jimmy2k

I'm awaiting a PM reply from the 4 people I PM'd. Will post if any info comes up, if no info comes up, then we need to go deeper. (no pun intended)

[DiamondCardz]

thank you DiamondCardz for putting so much effort on this! As I said, If there is one specific detail telling us anything about his real identity I wont hesitate sending you 1 BTC!

Greetings,
jimmy2k

@jimmy2k - sorry about your loss. I have also lost about USD600++ this week to a scammer : https://bitcointalk.org/index.php?topic=85430.msg2650185#msg2650185

Did the scammers email you ?
If yes, then there will be an originating IP address in those emails.

If you do have an email from the scammers, please give us access to the email or post their IP ASAP so we can look it up and attempt to dox the scammer.

[DiamondCardz]

These addresses seem to have never touched PicoStocks.

https://picostocks.com/users/find/?query=1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM

However, we know the critical address is 1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM - we just need to find out who owns it.

[Rawted]

Transactions were relayed by IP 88.198.111.188

https://www.google.com/search?q=1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM&rlz=1C1AVSI_enUS460US460&oq=1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM&aqs=chrome.0.57.688477j0&sourceid=chrome&ie=UTF-8#q=1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM&safe=off&rlz=1C1AVSI_enUS460US460&ei=81rZUZG9DYfy9gSS84CoDA&start=170&sa=N&filter=0&bav=on.2,or.r_cp.r_qf.&bvm=bv.48705608,d.eWU&fp=2d51c5bfc01f1cdf&biw=1920&bih=961

http://blockchain.info/ip-address/88.198.111.188

http://bgp.he.net/ip/88.198.111.188

You should try contacting the host/ISP

person:         Hetzner Online AG - Virtualisierung
address:        Hetzner Online AG - Virtualisierung
address:        Stuttgarter Str. 1
address:        91710 Gunzenhausen
address:        GERMANY
phone:          +499831610061
fax-no:         +499831610062

[worldinacoin]

I think your bank should not just give false accusations against you but instead try to help you recover the money, try to talk to their senior management or at least the VP of the branch you are using.

[DiamondCardz]

Transactions were relayed by IP 88.198.111.188

Omfg.

When will wanna-be scripties understand that the IP that relayed a transaction can have NO CONNECTION to the transaction at all?

[BitcoinBarrel]

If I read correctly, he lost cash payments for 30 btc + 80 btc + 80 btc = ~190 btc

[escrow.ms]

I agreed and received the amount for the first 30 BTC very quickly on even the same day! I released the escrow

The problem for me is now, that the bitcoins except for the first trade are already released

When you check this, you can immediately see that the two amounts of 28 BTC and 86 BTC lead both to this address: https://blockchain.info/address/1NrrEnKJ5tsgBgSQcPjLKXXo6Q9EGrh4zM

So exactly how much did you lose here?  30 BTC, 28 BTC, 86 BTC?

Since you did not release the other escrows you should get all that BTC back, right?

So it appears your total loss is less than $3,000 USD, right?  A lot or money but not $22,000.

Looks like you didn't read thread properly, He said 30, then 80 then 80.
and escrow was released. He lost 22k because his bank account got freezed.

[BurtW]

Looks like you didn't read thread properly, He said 30, then 80 then 80.
and escrow was released. He lost 22k because his bank account got freezed.

You are right I did not read this thread carefully enough.  Yes, he is out whatever BTC he released from escrow and should get back whatever BTC he has not released from escrow.  Carry on.
 

[BurtW]

The employee told me that I can be safe and that no chargebacks are possible after I see the money on my bank account.

I can clear this up for you.  What the employee meant was:

The employee told me that I can be safe and that no chargebacks are possible after I see the money on my bank account except in cases of fraud.

He just left that last part out.

[Rawted]

Transactions were relayed by IP 88.198.111.188

Omfg.

When will wanna-be scripties understand that the IP that relayed a transaction can have NO CONNECTION to the transaction at all?

Hence why i showed the route to that particular ISP, and suggested he contact them.

[DiamondCardz]

Transactions were relayed by IP 88.198.111.188

Omfg.

When will wanna-be scripties understand that the IP that relayed a transaction can have NO CONNECTION to the transaction at all?

Hence why i showed the route to that particular ISP, and suggested he contact them.

And what are they going to do about it? They have no connection to the transaction, they could be different countries, THEY CAN'T HELP HIM.