We want to warn you about an ongoing cryptocurrency scam involving the fraudulent website swire.top, which was later rebranded as gdswire.com and now operates under swire.cyou. This scam has already caused significant financial losses, with one of the victims reporting a loss of $2,500.

The fraudulent receiving address associated with this scam is TQaB9nmvkHWcMstXVGk8vopwqiiQo6BiBF, and the transaction hash linked to this fraud is b81e9f7e0107abe1fecb903dd28ef07f11270fd1d2963b373af0362e3ecb0d51.

Receiving Address: TQaB9nmvkHWcMstXVGk8vopwqiiQo6BiBF

The receiving address TQaB9nmvkHWcMstXVGk8vopwqiiQo6BiBF has been flagged in connection with a fraudulent operation involving the website swire.top, now rebranded as gdswire.com and currently operating under swire.cyou.

This address has received substantial USDT, totaling over 33,478 USDT, indicating active and ongoing fraudulent activity. The transactions show consistent receipt of funds in various amounts, including significant sums such as 2,000 USDT in a single transaction.

This suggests that this address is heavily involved in scamming unsuspecting victims. The balance and transaction history are clear red flags, pointing to this address as part of a more extensive scam operation. Anyone interacting with this address should be extremely cautious and avoid any transactions to prevent potential financial losses.

Domain Analysis

The fraudulent operation we are investigating involves multiple domains, each showing signs of deceptive practices. The primary domain, swire.cyou, was registered very recently on August 18, 2024, through Gname.com Pte. Ltd., and it is already raising alarms. The quick turnaround from registration to usage suggests a deliberate strategy to evade detection. The registrant is located in Hong Kong, a common jurisdiction for websites intending to obscure their true identity and avoid stringent regulatory scrutiny. The domain is hosted by Cloudflare, Inc., a hosting provider known for shielding sites from prying eyes, which can include those engaged in fraudulent activities.

Swire.cyou is just the latest in a series of rebranded domains used by this operation. Before swire.cyou, the scam was active under swire.top, a domain registered in April 2024. Traffic analysis for swire.top reveals a steep decline in engagement, with visits dropping by over 45% in recent months. The domain had a very low authority score of 2, indicating it failed to establish any real credibility. This domain also had a poor backlink profile, with only a handful of referring domains, many of which are low-quality or associated with other questionable sites. The decline in traffic and lack of SEO credibility indicate a site that users quickly identified as fraudulent or that search engines began to penalize.

Gdswire.com

Another associated domain, gdswire.com, registered in 2008, appears to have been reactivated recently for similar purposes. Although this domain is older, it shares many red flags with the other domains in this network. It is also hosted by Cloudflare and registered through Gname.com, with the registrant again based in Hong Kong. Like swire.top, gdswire.com has a very low authority score and lacks meaningful organic traffic or reputable backlinks, further solidifying its role in this fraudulent scheme. The pattern of quickly rebranding and rotating through these domains is a common tactic in online scams, allowing the perpetrators to stay ahead of enforcement and continue defrauding victims.

Swire.cyou Review

The website swire.cyou exhibits numerous characteristics that are highly indicative of a scam. Notably, none of the three domains associated with this operation—swire.cyou, swire.top, and gdswire.com—are currently indexed in Google, which is a significant red flag. The fact that two of these domains are no longer online further raises concerns about the legitimacy and long-term intentions of the operators behind them.

Swire.cyou, as well as the earlier iterations swire.top and gdswire.com, appear to be part of a rebranding strategy to avoid detection and prolong fraudulent activities. The contact information listed across these sites includes an address in China: No. 2, Gangqian Road, Huangpu District, Guangzhou, and the postal code 510700.

Additionally, multiple phone numbers are provided, including (8620) 82298520 and (8620) 82292265, and an email address sales@gdswire.com. This contact information is suspect, as the same address and contact details were previously associated with a legitimate cold chain logistics company, but the current content and the rebranding suggest that the site has been hijacked or is falsely representing itself under a once-legitimate guise.

Further concerning is the heavy use of buzzwords and promotional offers across the swire.cyou site and a complex, overly legalistic terms and conditions section. This section is filled with detailed policies and affiliate systems, which could be designed to give a veneer of legitimacy while obscuring the true nature of the site’s operations. The presence of promotional images such as “Bertrand Cesvet promo” seems random and out of place, potentially aiming to distract or confuse users.

All these factors, combined with the lack of transparency and inconsistent site history, strongly indicate that swire.cyou and its associated domains are part of a sophisticated scam operation, possibly involving the identity theft of a previously legitimate business.

Swire Reviews

The reviews and user feedback regarding swire.top highlight the fraudulent nature of this platform, with multiple individuals sharing their unfortunate experiences. One exceptionally detailed account comes from a user named Vasyl, who documented his interaction with the site. Vasyl was initially contacted by someone named “Lina” through Tandem, who then moved the conversation to WhatsApp. Lina, claiming to be from Shanghai, convinced Vasyl to join the swire.top platform, presenting it as a legitimate online trading platform.

Vasyl registered and received an initial order for $104, which he successfully withdrew after paying for the order in cryptocurrency. Encouraged by this, he paid for four more orders, only to be faced with a significant $1,200 order for an iPhone. Vasyl became suspicious and decided to wait until his first orders were delivered before proceeding. However, the platform claimed that his store would be frozen if he did not continue paying for new orders. Eventually, the funds in his wallet were “frozen,” he was told to pay for the next order to access them. This tactic of freezing funds and demanding further payments is a common scam technique designed to trap victims into sending more money with the false promise of releasing their funds.

The entire process was facilitated through WhatsApp, and Vasyl was provided with a TRC20 wallet address, TBnUDBXSF7RL3cu6RRa6R4o1VUYCUKsPmm, to which he was instructed to send payments. His experience is a stark warning about the deceptive practices of swire.top. The reviews reveal a pattern of manipulation and exploitation, with scammers using sophisticated methods to gain trust and extract money, leaving victims without any recourse.

Receiving Address: TBnUDBXSF7RL3cu6RRa6R4o1VUYCUKsPmm

The receiving address TBnUDBXSF7RL3cu6RRa6R4o1VUYCUKsPmm is associated with fraudulent activities on platforms such as swire.top. This address shows significant transactions, including the transfer of over 20,001 USDT, indicating large-scale operations. The transaction history reflects typical scam behavior, where funds are quickly moved or withdrawn after being received, likely to avoid detection and complicate tracing efforts. The presence of multiple small transactions could be attempts to mask larger fraudulent transfers or to test the address before committing more significant sums. This address is clearly tied to deceptive schemes, and any involvement with it should be considered highly risky. If you have sent funds to this address, it is crucial to take immediate action to try and recover your assets and report the incident to the appropriate authorities.

The Bottom Line Regarding Swire.top, Swire.cyou, and Gdswire.com

After a thorough review of Swire.top, Swire.cyou, and Gdswire.com, it is evident that all three domains are part of a coordinated scam operation. Each domain exhibits the same deceptive behavior: enticing users with promises of profits only to trap them with frozen funds and demands for additional payments. The rebranding from one domain to another suggests a deliberate attempt to avoid detection and prolong fraudulent activities. The transaction history associated with the receiving addresses further supports this, showing large amounts of money being moved in a manner consistent with scam operations. Given these findings, it is clear that these domains are fraudulent, and any involvement with them poses a significant financial risk. Avoid these sites at all costs to protect yourself from falling victim to their schemes.