The Tinder Swindler & Blockchain Security — They Have More in Common than You Think

Netflix subscribers will no doubt be familiar with the recent release of the documentary, The Tinder Swindler. Following the stories of multiple women scammed out of millions of dollars by a fraudster, the film shows the viewer the methods which the conman used to woo his way into his victim’s lives, and then slowly began draining them of their funds.

From the comfort of home, it may be easy to watch with disbelief at how “easy” the victims were tricked. But such thinking can be dangerous, as no one ever thinks that such things can happen to them, until it does. It is estimated that the Swindler has stolen north of $10 million USD in his scams — a sizable amount for any individual. However, a more sobering fact is that this is just a drop in the bucket when compared to the overall amount stolen in romance-oriented scams. In the United States alone, the FBI estimates that over $1 billion USD was stolen from individuals in similar type scams in just 2021 alone. Factoring in other countries and parts of the world, and one can imagine just how quickly this number can increase.

But how can such scams happen with such frequency and with relative ease? Everyone may think that they are well aware of these types of activities, but the numbers speak for themselves. In a world where it can be impossible to truly know who is on the other side of the screen, it is more important than ever to know how these types of activities work, and how to be alert on if they may be happening to you.

In a previous article, we covered the types of crypto scams that new and existing participants should always be on alert for. One of these scams described, based around the concept of social engineering, contained similar tactics that Simon Leviev used in real-life to bait his victims and to build trust over a brief period of time.

What is Social Engineering, and How to Protect Against It?

At its core, social engineering is an attempt to trick someone into revealing information (e.g. passwords, seed phrases, etc..) that can be used to attack or gain access to systems or networks. This attempt can be relatively simplistic (e.g. a fraudster impersonating as someone from a legitimate company/organization), or can become incredibly complicated (as was seen in the case of The Tinder Swindler).

In these types of attacks, the attacker will use various means to initially gain the confidence of the victim. Via social media channels like Discord or Telegram, users may receive Direct Messages (DMs) from attackers looking to take advantage of a victim. These attackers, pretending to be someone else, may initially appear to look for nothing but someone to talk to about a particular interest. However, given time, a fraudster’s aim is to slowly build “trust” with the victim. Once the trust is earned, the scammer begins to attack the victim. This attack can come in various ways, most common of them being a request to send confidential information or money (a significantly less complicated form of what the Tinder Swindler did towards his victims).

As described in the prior article, users should be extremely wary of receiving unsolicited messages from other users on a public platform. Unfortunately, the likelihood that the sender does not have an ulterior motive is very low.

Tracking the Funds & How the Inherent Features of Blockchain Can Help

The scariest moments for Tinder Swindler victims came when Leviev continued to rack up credit card bills and expenses in the victim’s name. One of the victims was regularly pressured to call American Express to increase the limit on her card held by the fraudster, to cover expenses for “emergencies” which he had fabricated. Viewers of the documentary will learn that those expenses were likely used to fund other lavish expenses that he used to go from one place to the next — and it is likely that he also combined various sources of stolen funds, making it difficult to easily trace how one victim’s money was spent versus another’s.

While the same can happen whether or not a fraudster is holding a victim’s credit card or their ETH, at least in the latter scenario there can be clearer means to track funds as they move from wallet to wallet, to exchanges, and to eventual off-ramps. Here, the value of being able to track the movement of funds becomes ever so important, as victims who eventually realize they have been swindled will be able to check public ledgers and work with blockchain monitoring companies and authorities regarding how the transactions may have flowed.

In this way, it becomes increasingly important that among one of the protective measures that crypto users should take is to implement a blockchain monitoring solution for their crypto wallets. Blockchain monitoring not only allows individuals to be alerted when there is activity on their wallets, but also allows users to have the support of the blockchain monitoring company if and when their crypto becomes compromised. With sufficient time, a strong blockchain monitoring solutions company will be able to work directly with exchanges to freeze funds so that the attackers cannot off-board them into the fiat world.

While this timeliness may potentially rely on the victims to realize that they are being taken advantage of, other forms of swindling can occur where a blockchain monitor will help detect unauthorized movement of funds. As an example, in the event that a victim has given up their password or seed phrase, and the attacker has taken over the user’s wallet, the attacker may begin moving funds out of the wallet without informing the victim. In such instances, where it is not the victim that is pushing funds to the fraudster, but rather the attacker pulling the funds from the wallet, a blockchain monitoring tool will be invaluable for victims to realize what is happening, and to take the necessary steps to freeze the transaction.

Staying Vigilant

Blockchain monitoring aside, education of how scams work is the best line of defence to protect oneself. With more and more transactions now being done online, and with a greater number of discussions occurring over the internet versus in the real world, it is easy for attackers to hide behind false identities and false pretenses. In both the Web2 and Web3 worlds, users would best serve themselves by questioning all interactions which were not initiated by them, and to be careful about who they let into their social circle. “Trust” is a very powerful tool for attackers to leverage, and such things should not be given so easily, especially towards individuals who users may not ultimately know that well.

While this education is the most important, it is always possible to fall victim, no matter how careful one is. In these situations, having secondary lines of defence, like a blockchain monitoring solution, becomes increasingly important. Blockchain monitoring gives potential victims an entity to immediately turn to when an issue arises — reducing the time needed to identify for help and to provide necessary data and information. With this in mind, such a setup should be seriously explored when one becomes immersed in the crypto industry.

Crypto is an exciting and transformative space to be a part of. However, the industry is still in its infancy stages and when money is involved, emotions can run high. Factoring in the added challenges of criminals playing on human emotions and working through sophisticated scams, it is of utmost importance that users educate themselves on these topics, and identify all available secondary solutions to protect their hard earned assets.