Type of Scam: Investment
Scam URL: nrgbit.com
Amount Lost (As reported by Client): $30,000.00

Description:
The victim was scammed through an investment platform at nrgbit.com, where they transferred funds using their credit/debit card. The victim made the payment more than a week ago but within the last two months. Despite receiving initial returns, the victim was eventually unable to access their funds. The platform appears to have used high-pressure tactics to encourage further investments, making the victim believe their money was being used for profitable ventures. However, after several transfers, the funds were seized by the scammers, and the victim was cut off from the platform.

Method of Payment: Credit/Debit Card

Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with nrgbit.com

Current Website:
The website nrgbit.com presents itself as a platform for cryptocurrency investment or trading, but it is associated with fraudulent activities. Victims report that the platform entices users to invest substantial sums of money, which are then locked in the system with no means of withdrawal. The scammers often present the site as an opportunity for high returns, using persuasive tactics to convince individuals to keep investing until their funds are fully seized.

Domain and Hosting Information:

Registrar: NameCheap, Inc.
Registered On: December 17, 2005
Expires On: January 2, 2026
Updated On: June 18, 2024
Status: client Transfer Prohibited
Nameservers:eugene.ns.cloudflare.com, gail.ns.cloudflare.com

Technical Analysis:

Frameworks: The website employs standard web design frameworks that make it appear professional and legitimate.
DNS Hosting: The use of Cloudflare nameservers (eugene.ns.cloudflare.com, gail.ns.cloudflare.com) suggests that the scammers are utilizing Cloudflare’s services for DNS management, which is often used to obscure the actual location of the servers and increase the anonymity of the website’s operations.
Document Standards: The website utilizes HTML5 and UTF-8 encoding to ensure compatibility across all modern browsers, giving the site a polished and legitimate appearance.

Key Observations:
The use of NameCheap as the registrar and Cloudflare for DNS management indicates that the website may be intentionally hiding its real location and ownership details, a common tactic used by scammers. The long history of the domain, dating back to 2005, may help build a false sense of trustworthiness for victims. The “clientTransferProhibited” status also suggests that the domain has been deliberately locked to prevent any changes or transfers, possibly to protect the fraudulent operation from detection.

Recommendations:
NameCheap, Inc.: A subpoena should be issued to gather more information about the domain’s registration, including the identity of the domain owner.
Cloudflare: Investigate Cloudflare’s involvement in hosting the site to trace the origin of the traffic and uncover any other suspicious domains or IPs connected to the scam.
Blockchain Forensics: Use blockchain tools to trace the wallet addresses and transactions associated with the scam to identify other possible victims or link the perpetrators to previous scams.

Conclusion:
nrgbit.com is an investment scam that misleads victims into transferring significant sums of money with the promise of profitable returns. The use of professional web design, Cloudflare for DNS management, and the long-standing history of the domain gives the platform a veneer of legitimacy that deceives individuals into trusting it. Victims should immediately report their losses and cease all interactions with the platform. Further investigation into the domain registrar and hosting provider, along with blockchain tracing, is essential to track down the perpetrators and prevent further losses.