Cryptscam Abuse Explorer

Stay safe, check if wallets are scam!

Support us with a donation

search by:

Wallet address
0xBeE32483957f116c5830133188dca45B80b94Fe6
Report number
3
Wallet balance
 ETH → 
Total received
 ETH → 
Transaction number
date
06 December 2023 Wednesday. 08:55:56 UTC
type
scamsite
scammer/abuser
cryptofbi007 - Olgareva - icryptofbi
country
Russia
description
Crypto users, please be cautious and aware of the fraudulent activities carried out by an russian individual named "cryptofbi007" & "icryptofbi" (🇷🇺). This evil person has created multiple fake crypto QR code generator websites, including "xmr-qr-code.com", "xmr-qr-code-generator.com", and "xmrqrcode.com". These websites generate QR codes that only direct funds to the scammer's Monero (XMR) address: 84gHdF7rArqU6e9cbmfPi9iJR2QUU7CoX1XJEvAmQWXmSUkj3C3LVLW3ioHiqNc8iwGPcxCv5Fk13ZY k9fxQFLKuKEW54r6 Please note that a saved archive of the phishing website containing the fraudster's Monero address can be found here: https://web.archive.org/web/20231122120748/https://xmr-qr-code.com/8.php This phishing scam involves tricking users into sending their cryptocurrency to the scammer's wallet through a QR code, resulting in significant financial losses. The scam operator, known by the pseudonym "cryptofbi007" on websites like GitHub, manipulates and social engineers hosting and domain teams to avoid suspension of these phishing websites. They consistently alter the websites' functionality upon receiving reports and even spam repositories to unblock their malicious domains in order to exploit innocent individuals. To protect our community, it is crucial to exercise extreme caution and avoid engaging with any QR code generator websites associated with "cryptofbi007". If you come across any instances or suspicious activities related to these scams, please report them immediately. The scam involving crypto QR code phishing works as follows: The victim enters the crypto address for which they need a QR code. Then, when they generate the QR code on one of the fraudulent crypto QR code websites, it always displays the same QR code on the final page, containing the fraudster's crypto address. Regardless of which crypto address the victim initially entered, the QR code will always belong to the fraudster, and the victim remains unaware. If someone sends cryptocurrency to the victim's "QR code", the funds will actually go to the fraudster, as the QR code belongs to them and displays their crypto address. His email accounts: The operator is known to use the following email addresses: "[email protected]" and "[email protected]". Due to this abuse, Proton Team has already banned the account "[email protected]", while the account "[email protected]" remains active. His YouTube profile: The YouTube account "https://www.youtube.com/@gabrielenesto", named Gabriel Enesto (as of 11/25/2023) with Channel-ID: "UCO5q0rVGQs4F4IKnNUbRERg" belongs to the notorious individual known as "cryptofbi007". His Trustpilot profile: Additionally, the Trustpilot account "https://www.trustpilot.com/users/63c0b6a16503ee0012e7c049" also belongs to this despicable character. He utilizes these platforms to defame legitimate companies due to the banning of some of his phishing domains and to sabotage his competitors, driven solely by his insatiable greed. Also, "Cryptofbi007" and "iCryptofbi", who is named Gabriel Enesto on Trustpilot, changed his country to France in the settings, which is why it shows FR on his clearly fake reviews; however, he is originally from Russia, using this method to manipulate both people and law enforcement agencies. His Reddit profile: The fraudster known as "cryptofbi007" went to the extent of creating a public and restricted Reddit group called "qr_code_" to bolster his deceptive crypto QR phishing scam websites in search engine rankings. This group can be seen at "https://www.reddit.com/r/qr_code_/". To further his illicit activities, the fraudster operates under the Reddit username "Itchy-Attention8905". More information about his activities and profile can be found at "https://www.reddit.com/user/Itchy-Attention8905/". His Medium Profile: The Medium profile "@cryptofbi007", which can be visited at "https://medium.com/@cryptofbi007" (banned), also belongs to the Russian cybercriminal who goes by "icryptofbi" on BitcoinTalk. His GitHub profile: Additionally, they can be found on GitHub under the account: https://github.com/cryptofbi007 (banned) , attempting to unblock their phishing domains from phishing warning systems. Here are the relevant repositories and issues: https://github.com/MetaMask/eth-phishing-detect/issues/13139 https://github.com/MetaMask/eth-phishing-detect/issues/13080 While "cryptofbi007" attempted to unblock his phishing domains, the request got declined. Additionally, he changed the titles of the requests on GitHub, making it difficult for potential victims to find the specific request related to unblocking his phishing websites. I obtained some of his social media accounts by reporting the phishing websites to domain registrars and hosting providers. The Russian individual behind these fraudulent activities went by the names "icryptofbi" or "cryptofbi007". Consequently, I received delayed messages that contained pertinent information from this fraudster. Furthermore, it is worth noting that the operator behind this phishing scam is believed to be Russian and has previously operated fake Bitcoin, Litecoin, and Ethereum QR code generator websites such as "Crypto-qr-code.com", "btc-qr-code.se", and "crypto-qr-code.su". These websites generate the scammer's Bitcoin address: 18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W The phishing websites "usdt-qr.com" and "ltc-qr-code.su" are also owned by the same individual using the pseudonym "cryptofbi007", indicating a coordinated phishing scheme. Both websites generate the domain holder's (cryptofbi007) USDT address 0xBeE32483957f116c5830133188dca45B80b94Fe6 (https://etherscan.io/address/0xBeE32483957f116c5830133188dca45B80b94Fe6) and Litecoin address LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ (https://blockchair.com/litecoin/address/LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ), further solidifying their association and intention to defraud unsuspecting victims. It is of utmost importance to raise awareness about these fraudulent activities to protect potential targets from falling prey to these scams. To aid in identification, please find below a list of all known phishing crypto addresses and domains associated with "cryptofbi007": Phishing Crypto Addresses by "cryptofbi007": 1. Monero (XMR): 84gHdF7rArqU6e9cbmfPi9iJR2QUU7CoX1XJEvAmQWXmSUkj3C3LVLW3ioHiqNc8iwGPcxCv5Fk13ZY k9fxQFLKuKEW54r6 2. Bitcoin (BTC): 18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W 3. Litecoin (LTC): LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ 4. Litecoin (LTC): LLRS6eiY2cvywst3Sr97HTUsu6ba2gqmgG 5. Ethereum (ETH): 0x2C46fB8Aa65Bbcb184fBfa1E485B9BCE0371D893 6. Tether (USDT): 0xBeE32483957f116c5830133188dca45B80b94Fe6 7. Dogecoin (DOGE): DSVScF3HyMWZV5V9h38S9iDM3vKPpSU7Ey 8. Dogecoin (DOGE): DQjhCr7YPj15H8PLVz5CHFmNSgyrX8WUQk 9. Bitcoin Cash (BCH): qzyzw2m3vjvpku709vjt9jg4y03ylrs6kq9c0yhea3 USDT Tether ETH Stolen by "cryptofbi007" Transferred to FixedFloat: The cybercriminal from Russia, known as "cryptofbi007", has been involved in transferring stolen USDT Tether / ETH from his phishing fake crypto QR code scam websites to FixedFloat cryptocurrency exchange. (1) Initially, he receives the stolen funds from his phishing victims in his primary USDT Tether ETH address: https://etherscan.io/address/0xbee32483957f116c5830133188dca45b80b94fe6 (2) These ill-gotten gains are then transferred to another address: https://etherscan.io/address/0x2709fd4c61531473b77c5794a723ea49e48bdef4 (3) Lastly, the stolen funds are moved to FixedFloat, using this address: https://etherscan.io/address/0x2bd1ecf9545410b32ddc4f7a873811fd94963e2b You can find further details regarding the transactions in the following Transaction Hash, where the stolen funds (over $3.000!) were transferred to FixedFloat: https://etherscan.io/tx/0x19d8571add80245295b2ce870c4f26739447e6f00a836b4f309b9c8a3701a998 (Date: 10/28/2023) FixedFloat can be contacted regarding this matter here: [email protected] https://fixedfloat.com/en/support FixedFloat: To process your request for server log and order data, we kindly ask that you provide an official request from your regional police or other representative, sent from their official email address, as per our policy. Once received, our technical specialists will be more than happy to assist you with the requested information. When reporting them to the police, whether online through email or a form, or offline, please do not forget to mention their Tether address "0xBeE32483957f116c5830133188dca45B80b94Fe6" and to contact FixedFloat under their email "[email protected]" or website. This will make it easier to track down the cybercriminal. There are both older and newer reports available regarding the phishing scheme conducted by "cryptofbi007" at this address: https://www.chainabuse.com/address/18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W?chain=BTC https://cryptscam.com/en/detail/18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W Phishing Domains by "cryptofbi007": 1. xmr-qr-code.com 2. xmr-qr-code-generator.com 3. xmrqrcode.com 4. usdt-qr.com 5. usdt-qr-code.com 6. crypto-qr-code.com 7. crypto-qr-code.ru 8. btcqrcode.ru 9. btc-qr-code.su 10. btc-qr-code.se 11. qr-btc.com 12. ltc-qr-code.com 13. ltc-qr-code.su 14. ltc-qr-code.ru 15. eth-qr-code.su 16. doge-qr-code.su In addition, please be aware that the following BitcoinTalk accounts are also associated with "cryptofbi007": 1. https://bitcointalk.org/index.php?action=profile;u=3535761 (Olgareva) 2. https://bitcointalk.org/index.php?action=profile;u=3531091 (icryptofbi) I have noticed that the users "cryptofbi007", "Olgareva", and "icryptofbi" have been involved in QR phishing scams, where they copy complaints from other people and change the domains and sites belonging to their competitors. This behavior reveals their malicious intent. Warning: Please be cautious of a fake crypto QR code generator scam conducted by users with pseudonyms "cryptofbi007", "icryptofbi", and "Olgareva". As the operator of this scam scheme resides in Russia, I recommend reporting the scammer on the following platforms, providing detailed information from this BitcoinTalk topic: Email: [email protected] - Russian Police Email: [email protected] - Russian FBI Email: [email protected] - Russian FBI Email: [email protected] Email: [email protected] IMPORTANT: If you are not Russian or do not have a Russian email address, I recommend creating a ".ru" email address on websites such as "https://rambler.ru". For example, you can send a detailed report, similar to my complaint, to them from a Russian email address. This is necessary because other email providers, such as Google, may have blocked sending emails to ".ru" addresses due to the ongoing war. IMPORTANT²: In the police complaint, please remember to include the individual "icryptofbi" or also referred to as "cryptofbi007". This person utilized the Tether USDT address "0xbee32483957f116c5830133188dca45b80b94fe6" to receive the stolen funds and defraud numerous unsuspecting victims, resulting in the loss of several thousand dollars. He then transferred the stolen funds to his second address and then to FixedFloat. Don't forget to mention the contact methods for your police complaint report, stating that one can contact FixedFloat through email at "[email protected]" or visit their website at "https://fixedfloat.com/en/support". They can provide server logs and IPs of the Russian cybercriminal who laundered the stolen cryptocurrency money there. This evidence can be presented to the police to ensure justice is served and victims are refunded. Report Cybercrime in Russia online: http://services.government.ru/en/letters/form/ Report Cybercrime in Russia online²: https://cert.gov.ru/en/abuse.html _ Other Russian government contacts are available for residents in Russia: Quote Russian Ministry of Internal Affairs: Website: http://www.mvd.ru/ Phone: 8 (800) 350-75-28 Russian Ministry of Internal Affairs Cybercrime Division (Department "K"): Website: http://www.mvd.ru/OVD/min/rukov_mvd/17/2012/258 The Ministry of Internal Affairs of the Russian Federation: Phone: 02, 112 The Ministry of Internal Affairs Public Relations Office: Phone: +7 (495) 667-72-64 Address: 11 Sadovaya-Sukharevskaya st., 120090, Moscow, Russia Website: http://government.ru/en/department/86/events/ Economic Security and Anti-Corruption Department: +7 (495) 983-62-24 The Economic Security and Anti-Corruption Department of the Ministry of Internal Affairs of the Russian Federation deals with cybercrime and economic fraud. Stay vigilant and spread awareness within the crypto community. Let us work together to protect one another and create a safer environment for crypto enthusiasts worldwide. Please avoid falling victim to these malicious schemes.
source
cryptscam
Site url
usdt-qr-code.com
date
25 November 2023 Saturday. 14:27:22 UTC
type
scamsite
scammer/abuser
Cryptofbi007 - usdt-qr.com - usdt-qr-code.com
country
Russia
description
USDT Tether ETH Stolen from "cryptofbi007" Transferred to FixedFloat: The cybercriminal from Russia, known as "cryptofbi007", has been involved in transferring stolen USDT Tether / ETH from his phishing fake crypto QR code scam websites to FixedFloat cryptocurrency exchange. (1) Initially, he receives the stolen funds from his phishing victims in his primary USDT Tether ETH address: https://etherscan.io/address/0xbee32483957f116c5830133188dca45b80b94fe6 (2) These ill-gotten gains are then transferred to another address: https://etherscan.io/address/0x2709fd4c61531473b77c5794a723ea49e48bdef4 (3) Lastly, the stolen funds are moved to FixedFloat, using this address: https://etherscan.io/address/0x2bd1ecf9545410b32ddc4f7a873811fd94963e2b You can find further details regarding the transactions in the following Transaction Hash, where the stolen funds (over $3.000!) were transferred to FixedFloat: https://etherscan.io/tx/0x19d8571add80245295b2ce870c4f26739447e6f00a836b4f309b9c8a3701a998 (Date: 10/28/2023) More detail about this scammer on BitcoinTalk forum here: https://bitcointalk.org/index.php?topic=5475430.0
source
cryptscam
Site url
date
25 November 2023 Saturday. 08:46:05 UTC
type
Phishing
scammer/abuser
cryptofbi007 - Olgareva - icryptofbi
country
Russia
description
Crypto users, please be cautious and aware of the fraudulent activities carried out by an individual named "cryptofbi007". This person has created multiple fake crypto QR code generator websites, including "xmr-qr-code.com", "xmr-qr-code-generator.com", and "xmrqrcode.com". These websites generate QR codes that only direct funds to the scammer's Monero (XMR) address: 84gHdF7rArqU6e9cbmfPi9iJR2QUU7CoX1XJEvAmQWXmSUkj3C3LVLW3ioHiqNc8iwGPcxCv5Fk13ZY k9fxQFLKuKEW54r6. Please note that a saved archive of the phishing website containing the fraudster's Monero address can be found here: https://web.archive.org/web/20231122120748/https://xmr-qr-code.com/8.php This phishing scam involves tricking users into sending their cryptocurrency to the scammer's wallet through a QR code, resulting in significant financial losses. The scam operator, known by the pseudonym "cryptofbi007" on websites like GitHub, manipulates and social engineers hosting and domain teams to avoid suspension of these phishing websites. They consistently alter the websites' functionality upon receiving reports and even spam repositories to unblock their malicious domains in order to exploit innocent individuals. To protect our community, it is crucial to exercise extreme caution and avoid engaging with any QR code generator websites associated with "cryptofbi007". If you come across any instances or suspicious activities related to these scams, please report them immediately. The operator is known to use the following email addresses: "[email protected]" and "[email protected]" Additionally, they can be found on GitHub under the account: https://github.com/cryptofbi007 , attempting to unblock their phishing domains from phishing warning systems. Here are the relevant repositories and issues: https://github.com/MetaMask/eth-phishing-detect/issues/13139 https://github.com/MetaMask/eth-phishing-detect/issues/13080 While "cryptofbi007" attempted to unblock his phishing domains, the request got declined. Additionally, he changed the titles of the requests on GitHub, making it difficult for potential victims to find the specific request related to unblocking his phishing websites. Furthermore, it is worth noting that the operator behind this phishing scam is believed to be Russian and has previously operated fake Bitcoin, Litecoin, and Ethereum QR code generator websites such as "Crypto-qr-code.com", "btc-qr-code.se", and "crypto-qr-code.su". These websites generate the scammer's Bitcoin address: 18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W. The phishing websites "usdt-qr.com" and "ltc-qr-code.su" are also owned by the same individual using the pseudonym "cryptofbi007", indicating a coordinated phishing scheme. Both websites generate the domain holder's (cryptofbi007) USDT address 0xBeE32483957f116c5830133188dca45B80b94Fe6 (https://etherscan.io/address/0xBeE32483957f116c5830133188dca45B80b94Fe6) and Litecoin address LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ (https://blockchair.com/litecoin/address/LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ), further solidifying their association and intention to defraud unsuspecting victims. It is of utmost importance to raise awareness about these fraudulent activities to protect potential targets from falling prey to these scams. To aid in identification, please find below a list of all known phishing crypto addresses and domains associated with "cryptofbi007": Phishing Crypto Addresses by "cryptofbi007": 1. Monero (XMR): 84gHdF7rArqU6e9cbmfPi9iJR2QUU7CoX1XJEvAmQWXmSUkj3C3LVLW3ioHiqNc8iwGPcxCv5Fk13ZY k9fxQFLKuKEW54r6 2. Bitcoin (BTC): 18gcvrjDju719nQNXhJxRAaw25Vj6M6i4W 3. Litecoin (LTC): LNWTRts3HQeuWnbjjr3Ndg4NARuWQSTApZ 4. Litecoin (LTC): LLRS6eiY2cvywst3Sr97HTUsu6ba2gqmgG 5. Ethereum (ETH): 0x2C46fB8Aa65Bbcb184fBfa1E485B9BCE0371D893 6. Tether (USDT): 0xBeE32483957f116c5830133188dca45B80b94Fe6 7. Dogecoin (DOGE): DSVScF3HyMWZV5V9h38S9iDM3vKPpSU7Ey 9. Bitcoin Cash (BCH): qzyzw2m3vjvpku709vjt9jg4y03ylrs6kq9c0yhea3 The cybercriminal from Russia, known as "cryptofbi007," has been involved in transferring stolen USDT / ETH from his phishing fake crypto QR code scam websites to FixedFloat cryptocurrency exchange. Initially, he receives the stolen funds from his phishing victims in his primary USDT ETH address: https://etherscan.io/address/0xbee32483957f116c5830133188dca45b80b94fe6 , these ill-gotten gains are then transferred to another address: https://etherscan.io/address/0x2709fd4c61531473b77c5794a723ea49e48bdef4 , lastly, the stolen funds are moved to FixedFloat, using this address: https://etherscan.io/address/0x2bd1ecf9545410b32ddc4f7a873811fd94963e2b You can find further details regarding the transactions in the following Transaction Hash, where the stolen funds were transferred to FixedFloat: https://etherscan.io/tx/0x19d8571add80245295b2ce870c4f26739447e6f00a836b4f309b9c8a3701a998. Phishing Domains by "cryptofbi007": 1. xmr-qr-code.com 2. xmr-qr-code-generator.com 3. xmrqrcode.com 4. usdt-qr.com 5. usdt-qr-code.com 6. ltc-qr-code.su 7. crypto-qr-code.com 8. crypto-qr-code.ru 9. btcqrcode.ru 10. btc-qr-code.se 11. qr-btc.com 12. ltc-qr-code.com In addition, please be aware that the following BitcoinTalk accounts are also associated with "cryptofbi007": 1. https://bitcointalk.org/index.php?action=profile;u=3535761 (Olgareva) 2. https://bitcointalk.org/index.php?action=profile;u=3531091 (icryptofbi) I have noticed that the users "cryptofbi007", "Olgareva", and "icryptofbi" have been involved in QR phishing scams, where they copy complaints from other people and change the domains and sites belonging to their competitors. This behavior reveals their malicious intent. Warning: Please be cautious of a fake crypto QR code generator scam conducted by users with pseudonyms "cryptofbi007", "icryptofbi", and "Olgareva". Stay vigilant and spread awareness within the crypto community. Let us work together to protect one another and create a safer environment for crypto enthusiasts worldwide. Please avoid falling victim to these malicious schemes.
source
cryptscam
Site url
https://crypto-qr-code.com