The FBI tracked part of the stolen cryptocurrencies through blockchain analysis and recovered over $40,000 with the help of Tether.
A scammer located in Nigeria impersonated a senior official of the Trump-Vance Inaugural Committee and deceived a donor, stealing $250,000 (R$ 1.3 million) in cryptocurrencies by exploiting a nearly imperceptible typo, U.S. prosecutors said on Wednesday (2).
Pretending to be Steve Witkoff, co-chairman of the Trump-Vance Inaugural Committee, the scammer allegedly sent an email to the victim on December 24, 2024, from the address "@t47lnaugural.com", replacing the lowercase "i" in the legitimate domain "@t47inaugural.com" with a lowercase "l" — a character almost identical depending on the font used.
Convinced that the message was legitimate, the victim transferred 250,300 USDT.ETH, a stablecoin pegged to the dollar and issued on the Ethereum blockchain, to a cryptocurrency wallet controlled by the scammer on December 26, according to a statement from the U.S. Department of Justice for the District of Columbia.
The FBI was able to trace the transactions on the blockchain and recovered 40,300 USDT.ETH from the stolen funds, which are now subject to a civil forfeiture process to compensate the victim.
Tether, the issuer of the USDT stablecoin, assisted authorities in freezing the stolen cryptocurrencies — a role similar to what it played in another case last month, when it helped seize $225 million in USDT linked to large-scale investment scams of the "pig butchering" type, following a joint investigation by the DOJ, the U.S. Secret Service, and the cryptocurrency exchange OKX.
Saravanan Pandian, CEO and founder of the cryptocurrency exchange KoinBX, described the scheme as "a true minefield," in which malicious actors exploit political figures and real-world events to deceive victims.
He told Decrypt that "it's pure opportunism, taking undue advantage of public trust, political sentiment, and the irreversible nature of cryptocurrencies, all at the same time."
The fraud took advantage of the Trump administration's receptiveness to donations in cryptocurrencies — something experts consider "more cunning than sophisticated."
"As political winds blow in favor of cryptocurrencies, requests for crypto donations become more plausible," said Chengyi Ong, head of APAC policy at Chainalysis, to Decrypt.
"But it is important to recognize that this type of scam is independent of the medium — values could have been transferred equally in fiat currency through a payment app or bank transfer to a shadow account."
The effect of AI
ONG warned that artificial intelligence and deepfake technology will "amplify the scale and sophistication of fraudulent activities," adding that effective prevention will require an "intersectoral approach" among authorities, regulators, tech companies, financial institutions, and the crypto sector.
Karan Pujara, founder of the security analysis company Scam Buzzer, stated that the case exposes fundamental security gaps among cryptocurrency donors.
"Since the early days of the internet, phishing has remained the oldest scam in the book — and users continue to fall for it, whether in crypto, online shopping, or banking services," said Pujara. "If you look closely at the various types of online and cryptocurrency scams, you'll see that scammers often manipulate the human mind by provoking fear, greed, and FOMO, rather than hacking systems."
"With AI, the speed, execution, and scale to replicate cryptocurrency scams multiply," he said, noting that automated bots can monitor wallets with large balances and execute transactions with poisoned addresses instantly.
Although many blame cryptocurrencies themselves, Pujara highlighted that old tools, such as suspicious links and spoofed domains, are still the foundation of most scams.
"In legacy technologies like domain URLs and VOIP, where identity verification (KYC) is difficult, scammers have exploited these vulnerabilities for over 25 years to carry out data leaks, cryptocurrency scams, and even fraud in the traditional financial system," it concluded.