The Impact of Cybercrime: Indian Man’s $20 Million Crypto Scam Exposed

An Indian man named Chirag Tomar, aged 31, has been sentenced to 60 months in prison for stealing over $20 million worth of cryptocurrency from Coinbase users. A judge in North Carolina gave the sentence on Thursday after Tomar admitted to his crimes in May. He had used a trick called “spoofing” to make people believe they were using the real Coinbase website, which helped him steal their login information and crypto.

What is Spoofing?

Spoofing is a cybercrime where a hacker makes a fake website or email look like it is from a trusted company. In this case, Tomar made a fake version of the Coinbase website. He used a web address that was almost the same as the real one: “Coinbasepro.com” instead of the correct “Pro.Coinbase.com.” When people entered their username and password into the fake site, it sent the information to Tomar and his team.

How the Scam Worked

The scam started in June 2021. Tomar and his team used several tricks to steal people’s crypto. They sometimes pretended to be Coinbase customer service agents and asked for people’s login details and two-factor authentication codes over the phone. In other cases, they convinced people to download software that let the scammers control their computers. Once they had access, they quickly transferred the victims’ crypto into wallets controlled by Tomar.

Stealing and Spending the Money

After getting the stolen cryptocurrency, Tomar changed it into other types of crypto to hide the tracks. He then moved the money into his different wallets, converted it to cash, and gave some of it to his partners.

For example, in February 2022, Tomar stole $240,000 worth of crypto from a person in North Carolina. The victim tried to log in to Coinbase through the fake website, but saw a message saying their account was locked. The victim was told to call a fake customer service number, and during the call, they gave Tomar the code to fully access their account.

Some people blame companies like Google for showing fake websites in Google Ads. These websites appear at the top of search results and trick people into thinking they are real.

Tomar’s Lavish Lifestyle

Tomar used the stolen crypto to buy luxury items like Lamborghinis, Porsches, and expensive watches. He also spent money on trips to Dubai, Thailand, and other places.

In late 2023, Tomar was arrested when he arrived at Atlanta airport in the United States. He was charged with wire fraud and money laundering, leading to his 60-month prison sentence.

The Investigation and Arrest

After several complaints from victims who lost their cryptocurrency, law enforcement began investigating the scam. The authorities worked hard to trace the stolen funds and identify the people behind the operation. They found that many victims were from different parts of the United States, all targeted by the same scam methods.

The investigation revealed that Tomar was not acting alone. He had a team that helped him run the fake website and communicate with victims. Once law enforcement gathered enough evidence, they were able to track Tomar down.

When he arrived at Atlanta airport in December 2023, he was arrested. The authorities had been watching him closely, and they were ready to take action as soon as he entered the United States.

The Impact on Victims

The impact of Tomar’s scam was significant. Many victims not only lost their money but also faced emotional distress and anxiety due to the theft. Losing money in such a manner can be devastating, especially for individuals who had saved up to invest in cryptocurrency.

Some victims reported feeling ashamed and embarrassed that they had fallen for the scam. They had trusted what they believed was the real Coinbase website, which made it even more challenging to come to terms with their losses.

The Role of Education in Preventing Scams

This case highlights the importance of education when it comes to online safety and cybersecurity. Knowing how to recognize fake websites and scams can help people protect themselves from becoming victims.

 Here are a few tips for staying safe online:

1. Check the URL: Always ensure that the web address starts with “https” and is spelled correctly. Look for small differences in the URL that might indicate it is a fake site.

2. Use Official Apps: Download apps directly from official app stores, such as Google Play or the Apple App Store. Avoid clicking on links in emails or messages.

3. Enable Two-Factor Authentication: Always use two-factor authentication (2FA) on accounts that offer it. This provides an extra layer of security.

4. Educate Others: Share information about online scams with family and friends. The more people know about these risks, the safer everyone will be.