04.10.2022 - The number of reports received by the NCSC declined last week. Investment fraud is one of the crimes that causes the greatest losses. There has recently been an increase in reports of fraudsters posing as client advisers and using remote access software to "help" victims to "invest" their money. By allowing this remote access, victims expose themselves to additional risks aside from financial loss.
Fraudsters posing as investment advisers lure victims into a trap
Investment fraud is one of the crimes that causes the greatest losses. In this period of rising inflation and low interest rates, such investment offers are booming. With the prospect of big profits, it is increasingly worthwhile for the fraudsters to go to greater lengths to reel in their victims. This is especially true considering that many potential victims are put off by the terms bitcoin and cryptowallets.
In a case reported to the NCSC last week, two supposed client advisers approached the victim. The first one opened an account on a fictitious trading portal by providing the credit card number and initial deposit of EUR 200. The second one, an alleged broker, explained how the platform worked. The victim had to download the remote access software AnyDesk and give the fraudster full access to the computer for this purpose. Using this, an account was then created on the cryptocurrency exchange Kraken, which is necessary for cryptocurrency trading.
Whenever the victim wanted to invest and had transferred the money to the Kraken account, the "broker" would call, connect to the computer using the remote access software and help transfer the money to the supposed trading platform. In actual fact, he transferred the money to his own account and then fictitiously upped the corresponding amount on the fake trading platform – invariably, of course, with an additional "profit".
The regular personal contact increased the victim's level of trust and he ended up investing much more money than he originally wanted to, with the alleged broker asking him very nicely but also very firmly to invest more during each conversation. As a result of the personal attention, the fraudsters also detected when the victim was sceptical and reacted accordingly by coaxing him and promising higher fictitious profits.
This worked fine until the victim wanted to withdraw the money. That is when the fraudsters ceased all contact. They have since been unreachable and the money invested is unfortunately lost.
Another danger lies in the fact that, aside from the fraud, the attackers had full access to the computer once the remote access software was installed. Consequently, there is the possibility of further offences taking place in the background unbeknown to the victim. For example, the installation of e-banking malware or data theft is conceivable, which would cause even more damage for the victim.
Recommendations:
- Do not give anyone remote access to your computer. If you granted remote access, there is a possibility that your computer has been infected. The first step is to uninstall the remote access program. If you suspect an infection, have your computer examined immediately by a specialist and cleaned if necessary.
- Generally, the greater the promised return, the higher the risk.
- Information on authorised financial service providers in Switzerland can be found on the FINMA website:
https://www.finma.ch/en/finma-public/authorised-institutions-individuals-and-products.
- Particular caution is required if the financial service provider is not authorised. Check out the financial service provider using online experience reports. FINMA also maintains a non-exhaustive warning list:
https://www.finma.ch/en/finma-public/warning-list
- Be careful if lawyers suddenly contact you promising to retrieve the money but require a fee for doing so.
Current statistics
Last week's reports by category:
Last modification 04.10.2022