Bitcoin Give and Take

Wednesday, February 9th, 2022

Recently, I encountered a fun little swindle involving cryptocurrency. It started with this piece of spam I spotted in my email quarantine:

Hi Rob Hoffman,
As requested, we have now deposited 19 BTC which amount to ($789,431.38 USD) into your bitcoin portfolio at http://www.bitcount.net/signin
Customer Id: 43789495
Customer Password: TGG3423TG

Now, while I am not Rob Hoffman, I would be glad to be in possession of almost a million dollars’ worth of bitcoins. Sadly, rather than a misdirected email, this was undoubtedly a scam. I decided to poke around, in an effort to determine the nature of the scheme. To being, I visited bitcount.net (using a virtual environment):


Bitcount.net, as it appeared in early February, 2022

Overall, the site looked legitimate enough.1 Further, when I tried to sign in with completely fake credentials, I was denied access. Using the information received via email, however, I was able to log in. At that point, I was prompted to change my password. My initial thought was that they may be attempting to catch folks who are reusing passwords, but this seems like a lot of work for that. In this case, I entered a never-before-used dummy password

Once in the account, I could indeed see a supposed balance of 19 BTC. Since the time of the email, BTC was up enough to put the value at well over $800,000. Not bad! If only it actually existed.

My next move was to see what I could do with this supposed windfall. The system offered to let me withdraw, so I attempted to take out a single bitcoin. Hey, I’m not greedy. To do this, I set up a brand-new bitcoin wallet, and gave the system that dummy information. It immediately rejected my request, informing me my first withdrawal was limited to 0.0001 BTC, for “security reasons”. Sure, Jan.

I modified my request down to 0.0001 BTC, and that did show success, though the site informed me that it could take up up to 30 minutes to appear. I was more than a little skeptical, but eventually, there it was!


A whole 1/10,000 of a bitcoin

This minute fraction of a bitcoin was now fully in my possession, and as far as I could see, I had traded a dummy password and dummy bitcoin wallet address for about $5. I’d take that deal any day, but what I really wanted was to understand the nature of the ruse here. Thus, I returned to the site, and again attempted to withdraw an entire bitcoin. Hey, I’m still not greedy.

With this request, the curtain fell, and the scam was revealed. The system wouldn’t allow me to take out 1 BTC, as you can see:

A fairly nonsensical alert, indicating I needed to withdraw a minimum of 19.007 BTC, when the account only held 18.9999 BTC
This is right on the cusp of making sense, but, nope, utter nonsense.

Instead, I was told that I was being limited by the portfolio’s “savePro™” functionality.2 That “feature” meant the minimum withdrawal amount was 19.007 BTC.

At this point, you can hopefully see where this is going. The system was indicating that if I deposited 0.0071 BTC (worth about $315), it would then allow the full 19.007 BTC to be withdrawn back out. Of course, in actuality it would definitely disappear with that 0.0071 BTC entirely. Cryptocurrency is the Wild West, and there are no sheriffs.

Ultimately, in an effort to rope me in, this scam site gave me about five bucks. Some basic math indicates that if they get more than 1 out of 63 people to fall for this bizarre “minimum withdrawal limit”, they’ll come out ahead. Further, once someone does make a deposit, they’ll have identified themselves as a real mark to be soaked. It’s possible the site would then work to bilk the sucker out of even more, say with some of that deposit being lost to “fees”, necessitating another deposit.

At this point, however, I’m satisfied that I’ve figured out their trickery. It’s a good thing, too, because my continued poking around and experimenting eventually led the site to log me out and stop responding to my credentials. Alas, it seems I’ll never manage to retrieve that other 18.9999 BTC which doesn’t actually exist.


Footnotes:

  1. This “Sign Up” page might make one at least a little suspicious.

    As well, if you actually read the text throughout the site, it lacks the ring of authenticity. ↩︎

  2. I’m ever so tickled that “savePro” is a trademark (™), but not a registered (®) one. You wouldn’t want this whole thing to crumble when someone checks the USPTO database for savePro, only to find it missing. ↩︎


If you enjoyed this post, get updates via Twitter, Facebook, or RSS.