URL of Scam: bitcloud@tobitcloud.com

Type of Scam: Investment
Calculated Amount Loss: $700,000.00

Victim Description:
The victim, an investor in cryptocurrency, deposited a large sum of money into a platform associated with the email address bitcloud@tobitcloud.com, expecting to see returns on their investment. However, when the victim attempted to withdraw their funds, their account was frozen, preventing them from accessing the money. Despite several attempts to recover the funds, the victim’s account remains inaccessible, suggesting that the platform is engaging in fraudulent activity by trapping funds and blocking withdrawals.

Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with tobitcloud.com

Current Website:

The scam appears to be linked to the domain tobitcloud.com, which promotes cryptocurrency investments and promises returns to users. The victim was lured into the platform by the promise of returns on their investment but has since found their account frozen and unable to access their funds. This is a common tactic used by fraudulent cryptocurrency platforms to entice investors, only to later block withdrawals once the funds are deposited.

Domain and Hosting Information:

Registrar: Amazon Registrar, Inc.
Registered On: October 31, 2022
Expires On: October 31, 2025
Updated On: September 26, 2024
Status: ok (indicating no current restrictions on the domain)
Nameservers:ns-1246.awsdns-27.org, ns-1760.awsdns-28.co.uk, ns-214.awsdns-26.com, ns-855.awsdns-42.net

Technical Analysis:

Hosting: The domain is registered with Amazon Registrar, Inc., which provides reliable domain services, often used by both legitimate businesses and fraudulent actors alike. The use of AWS (Amazon Web Services) for hosting through the nameservers indicates a professional level of hosting, which scammers often use to enhance the site’s credibility and mask their true intent.
Nameservers: The nameservers (ns-1246.awsdns-27.org, ns-1760.awsdns-28.co.uk, ns-214.awsdns-26.com, ns-855.awsdns-42.net) are all part of AWS’s globally distributed infrastructure, which is often used to host both legitimate and fraudulent sites due to its scalability and anonymity.

Key Observations:
The use of AWS nameservers and hosting infrastructure gives the site a more legitimate appearance, which is typical for scams looking to create the illusion of a trusted platform. The fact that the victim’s account was frozen upon attempting to withdraw funds, coupled with the lack of a working withdrawal mechanism, is a strong indication of a scam designed to trap users’ investments.

Recommendations:
Amazon Registrar, Inc.: A subpoena should be issued to gather information on the domain registration details, as well as any associated ownership data for further investigation.
Blockchain Forensics: If any cryptocurrency transactions can be traced to or from this platform, it is crucial to follow the transactions through blockchain analytics to identify potential victims and trace the funds.
AWS Infrastructure Investigation: Investigate the AWS infrastructure used for hosting the domain to determine if it is linked to other fraudulent platforms or individuals involved in scams.

Conclusion:
The platform associated with bitcloud@tobitcloud.com and the domain tobitcloud.com is a fraudulent investment scheme targeting cryptocurrency investors. The victim’s account was frozen after they deposited funds and attempted to withdraw, a common tactic in scams to prevent victims from accessing their money. The professional-looking infrastructure, hosted by Amazon Web Services, is part of the scam’s effort to appear legitimate and trustworthy.

It is recommended to subpoena the registrar for ownership information, investigate the AWS hosting setup, and perform blockchain analysis to track the funds. Immediate action is necessary to prevent further victims from falling prey to this scam.