I had the opportunity to examine a contemporary crypto Fraud phishing scam on the BSC Network over the past two weeks, and am pleased to post the results of the study. To be able to 'as close to bust as possible' a crypto Fraud phishing scam will require blockchain user sophistication, an understanding of smart contracts and their limitations, and some confidence in law and the extent of your rights if you had all the money in the World to instigate a civil action in some jurisdiction against a pseudo-anonymous perpetrator over a decentralized network. It seems unlikely the perpetrator will have registered their identity with any network wallet or exchange, although such a situation did transpire in a UK crypto Extortion case.
Should you come across or be sent, by some method, a suspicious phishing link or website, the first step will be to take screenshots of every webpage and separately document the links to those webpages. It will be important to step through, and document, the phishing process up to some point where the perpetrator requests something absurd such as your private key phrase or even some amount of some crypto to be in your wallet. This is the point where the average crypto user would stop and say something like "Stupid!" At this point, the reporter should share their documentation over social media and raise awareness quickly. If the Fraud is perpetrated at the expense of a wallet, crypto, or defi which has a public presence and seeks market share, one should copy the documentation to any of those entities' social media and demand action, as they should be interested in the incident.
Unfortunately, it will likely take evidence of a crime in order to shut anything down. So for those who are not faint of heart, are confident, and get that angry, they could consider actually going through the entire ordeal to document what transpires. This will not be prudent except for developers with the necessary skills to control and mitigate potential losses; regardless, the process will explain the crime in sufficient detail. Although one should, of course, never reveal one's private key or the seed which generates that private key, the wallet will likely still have security features, such as a password or PIN, which provide that the victim actually retains exclusive control of their wallet through the entire ordeal. Compromising one's wallet will amount to the equivalent act of pressing 'approve' for a transaction, but one in which the approver is not aware, via deceit, of all the conditions of the transaction. Regardless; the result of participating to the end of the phishing process will be to identify an address or contract which will, undoubtedly, receive Fraudulently acquired crypto from whatever wallet is compromised. The account or contract may also be shared on social media, and to get to as close as bust as possible, one will have to use all the screenshots and links and any identified account or contract involved in Fraudulently acquired crypto in order to have that account or contract reported and flagged on the network where the account or contract exists.
And get a lot of people really mad about it.
