Scam URL: mobile.ttecy.com
Amount Lost: $7,335 USD
Cryptocurrency Addresses Used:

• 0x8062d4ad164dd226eb173fa5793cf8f8569cfed8
• 0xdac17f958d2ee523a2206206994597c13d831ec7
• 0xb9a64ac5ef65f2f531d445c46ad74aab1fab15fb

Domain Information:
Domain Name: ttecy.com
Registrar: GoDaddy.com, LLC
Registered On: 2024-02-19
Expires On: 2025-02-19
Updated On: 2024-06-02
Status: clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited
Name Servers: ns1.thednscloud.com
ns2.thednscloud.com

Scam Overview:
The victim lost $7,335 USD due to a cryptocurrency scam involving mobile.ttecy.com. The scam operated on a platform that falsely presented itself as a legitimate trading service for ERC20 tokens. The victim purchased $4,000 worth of ERC20 tokens using a credit card cash advance on December 16, 2022, with the intention of trading on the platform.

After depositing the funds, the victim encountered issues withdrawing their money. The platform placed multiple barriers, including requesting additional funds or fees, preventing the victim from accessing their investment. This is a typical behavior in scams that rely on persuading victims to invest more before allowing withdrawals.

Key Red Flags:
Domain Registration & Status:

ttecy.com was only registered in February 2024, which is very recent. Scammers often use newly registered domains to quickly set up fraudulent platforms and abandon them after a short period. The registration status includes several prohibitive measures such as clientDeleteProhibited, which restricts actions like transferring or updating the domain. This is a tactic used to prevent immediate shutdown by authorities.

Use of Unknown Hosting Providers:

The domain is hosted by thednscloud.com—a less known hosting provider. Scammers often use obscure or lesser-known hosting services to avoid detection and reduce the chance of being flagged or taken down.

Prohibitive Domain Status:

The clientDeleteProhibited and clientTransferProhibited statuses indicate that the domain is under certain restrictions, which may prevent others from transferring or deleting it easily. These restrictions are commonly applied to prevent malicious actions, but they also suggest that the scammers are attempting to protect the domain from being taken down quickly.

Victim’s Experience:
The victim was tricked into investing $4,000 USD by purchasing ERC20 tokens and depositing them into their trading account on mobile.ttecy.com. After depositing the funds, the victim encountered issues when attempting to withdraw. The platform placed multiple barriers to accessing the funds, requesting additional fees and payments to proceed with the withdrawal process.

It appears the scam involved a common tactic of “asking for more funds” or “imposing false conditions” for withdrawals after a deposit has been made. Scammers often use such tactics to ensure that victims continue to invest more money without ever allowing them to withdraw their original investment.

Cryptocurrency Wallets Involved:
The following wallet addresses were used in the scam:

0x8062d4ad164dd226eb173fa5793cf8f8569cfed8 (likely the victim’s deposit address)
0xdac17f958d2ee523a2206206994597c13d831ec7 (possibly the address where funds are pooled by scammers)
0xb9a64ac5ef65f2f531d445c46ad74aab1fab15fb (another wallet related to the scam transactions)
Tracking these wallet addresses can provide valuable information about the movement of the stolen funds. Blockchain explorers like Etherscan or Blockchair can help trace transactions and potentially flag suspicious activity related to these wallets.

Domain Analysis:
Domain Registration:
The domain was registered in February 2024, making it a very new website. This is common for scams, as fraudsters tend to use new domains to avoid detection before quickly abandoning them. A short domain lifespan allows scammers to avoid investigation before the site is flagged.
Status of Domain:
The domain has clientHold and clientUpdateProhibited statuses, indicating attempts to lock it down from being transferred or shut down. These measures suggest that the scammers may be trying to prevent any action by authorities to seize or close the website.
Name Servers:
The use of thednscloud.com name servers is another indicator that the domain may be a part of a larger network of scam websites, often used to maintain control over fraudulent operations.

Recommendations:
Report the Scam:

The victim should immediately report the scam to FBI Internet Crime Complaint Center (IC3), Federal Trade Commission (FTC), and cryptocurrency exchanges. Cryptocurrency exchanges may be able to flag or freeze the wallets involved in the scam, preventing further withdrawals.
Track Blockchain Transactions:

The victim can track the wallet addresses used in the scam through blockchain explorers like Etherscan. This could provide insight into the movement of the funds and possibly help trace the identity of the perpetrators if they attempt to cash out the funds.
Consult Legal Professionals:

It is recommended that the victim consult with legal professionals who specialize in cryptocurrency scams. Depending on the jurisdiction, some legal avenues may be available to attempt to recover the funds or pursue further action.
Security Improvements:

Going forward, the victim should ensure they use secure wallets with two-factor authentication enabled. Scams like these often target people who are new to cryptocurrency, so learning more about security best practices is critical in preventing future losses.

Conclusion:
The victim lost $7,335 USD in a cryptocurrency scam involving mobile.ttecy.com, which posed as a legitimate ERC20 token trading platform. The victim deposited funds, but the platform placed various barriers to prevent them from withdrawing, including requests for additional payments.

To minimize future risks, the victim should report the scam to the relevant authorities, track the cryptocurrency wallets used in the scam, and work with legal professionals to explore recovery options. Additionally, improving their understanding of cryptocurrency security practices will help protect against future scams.