A 66-year-old Hong Kong retiree lost 6.6 million Hong Kong dollars (roughly $840,000) in a string of three related crypto investment scams after repeatedly trusting self-proclaimed “virtual currency experts” who reached out via WhatsApp, according to Hong Kong police’s CyberDefender unit.
In a March 20 Facebook post, police said the victim was first approached in September 2025 by a scammer who contacted him unsolicited via WhatsApp, claiming to be a “virtual currency investment expert” and promising steady gains if he followed his advice.
The victim transferred $180,000 and deposited crypto into a wallet controlled by the scammer, who then disappeared, prompting a police report.
The case shows how fraudsters can recycle the same victim through successive schemes that start with “guaranteed profit” pitches and escalate into offers to recover funds that have already been stolen.
“Life has no take two; but scams can have take three,” the CyberDefender team wrote, warning that genuine professionals do not rely on random outreach and that phrases such as “guaranteed returns” and “inside information” are classic red flags.
**Related: **__How US investigators traced $61M in crypto tied to romance scams across wallets
_Hong Kong retiree loses $840,000 in triple crypto scam. Source: _CyberDefender
Triple “crypto expert” scam drains retiree’s savings
The victim later searched online for another “crypto expert” who claimed he could help recover the missing funds but demanded $75,000 as a security deposit.
_Related: _OpenClaw devs targeted by phishing scam promising free ‘CLAW’ tokens
In January, a third supposed specialist messaged the retiree on WhatsApp offering to reclaim both prior losses if the victim bought $585,000 in crypto and sent it to a specified address. Once the victim complied, that scammer disappeared as well, bringing the total losses over roughly six months to approximately $840,000.
Incident falls amid rising Web3 fraud
The case lands against a broader backdrop of mounting crypto-related crime. Web3 platforms saw about $3.95 billion in losses in 2025, with state-linked hackers and weak key security driving much of the damage, according to security firm Hacken.
Authorities worldwide have also flagged new waves of phishing and investment fraud, from the FBI’s recent warning over fake FBI tokens on Tron to India’s GainBitcoin probe and US efforts to forfeit $3.4 million in Tether tied to a multi-state investment scam.
Magazine: Influencers shilling memecoin scams face severe legal consequences
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy
- #Cryptocurrencies
- #Fraud
- #Hong Kong
- #Scams
- #Social Engineering
- #Scams & Cybercrime
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
eth.limo domain hijacked; EasyDNS admits first social engineering attack in 28 years
The eth.limo domain was subject to DNS hijacking on April 17. The attacker, posing as a team member, successfully tricked the domain registrar EasyDNS into executing account recovery for the domain. Although this incident did not affect users, because the attacker did not obtain the DNSSEC key material, they were unable to bypass the trust chain. This incident highlighted the risks of social engineering in the crypto space and prompted eth.limo to switch to the Domainsure service, which does not support account recovery, to enhance security.
MarketWhisper7m ago
Curve Finance 預防性暫停 LayerZero 跨鏈,CRV 及 crvUSD 橋接受限
Curve Finance has been attacked over LayerZero infrastructure related to rsETH, and has temporarily suspended cross-chain functionality to prevent risk, impacting CRV cross-chain bridging and the fast bridging of crvUSD. Founder Egorov said the incident demonstrates the risk of “non-isolated lending,” and proposed a fully isolated mode as an alternative. Kelp DAO also suffered losses of about $292 million due to the attack, affecting lending activity on the Aave platform.
MarketWhisper24m ago
A Kelp bridge hack spreads and affects Aave, as TVL plunges and bad debt surges to 196 million
Liquidity re-staking protocol Kelp’s cross-chain bridge was attacked, stealing 116,500 rsETH and depositing it into Aave V3, resulting in roughly $196 million in bad debt. Aave’s contracts were not affected, but the incident revealed the systemic risk of LRT collateral, prompting DeFi protocols to re-evaluate their risk models, which could lead to losses for stkAAVE holders.
MarketWhisper29m ago
Third-party AI breaches Vercel; Orca urgently rotates the key and confirms the agreement is secure
Decentralized exchange Orca announced that it has completed key rotation and confirmed that users’ funds are safe. This was done because the cloud platform Vercel was attacked. The attack method used a third-party AI tool’s OAuth integration to enter the Vercel system. A supply-chain vulnerability made it difficult for traditional security measures to be detected. Vercel reminded users to review environment variables to strengthen security protections, and noted that encryption projects’ reliance on cloud infrastructure creates a new security risk.
MarketWhisper59m ago
Pause the Reserve agreement for eUSD and USD3 minting; the redemption function remains fully enabled
The Reserve agreement was paused on April 20 for the minting of eUSD and USD3 and the RSR redemption and withdrawal operations due to the Kelp DAO rsETH attack event, but the redemption function remains operational. The attack caused a liquidity crisis at Aave, deposits dropped significantly, and the price of AAVE tokens fell.
MarketWhisper1h ago
Orca Responds to Vercel Security Incident: Frontend Credentials Rotated, On-Chain Funds Unaffected
Orca, the Solana liquidity protocol, addressed a security incident at its hosting provider, Vercel, by rotating compromised keys. They confirmed that user funds were unaffected and will provide updates as the situation evolves.
GateNews2h ago
