Cryptocurrency: Part I/II; Scams & How To Avoid Them

How to Avoid Cryptocurrency Scams article image.

In recent years, we’ve experienced a sharp rise in demand for a) cryptocurrency fraud investigations and, separately, b) their identification in asset searches and tracing for criminal, civil and regulatory cases. In our two-part series on cryptocurrency scams and asset identification, we begin today with a look into cryptocurrency scams; how they work and how to avoid being a victim of this type fraud/theft.

Three of the top cyrptocurrency scams from our friends at Coinsutra:

1. Fraudulent ICOs

The most common way to pull off a scam is to fabricate a fake ICO (Initial Coin Offering), create marketing hype and persuade people to buy.

That is because ICOs are a great and innovative way to kickstart a company and that is the aspect that is misused.

Ethereum has become the breeding ground for these fraudulent ICOs but Ethereum is not directly responsible for it as it is an open-source project.

Instead, it is the ignorance of newbie investors who dream of 100x gains in a matter of weeks by just HODLing worthless ICO tokens.

Usual signs of fraud ICOs or Token Sales:

Copied whitepaper

Half team anonymous

Unusual hurry in execution

Mismatch of written & said words

Ignoring hard questions

No strong reasons for the token economy

No roadmap

2. Shady Exchanges

The second most common form of scam that you will come across would be a ‘shady exchange’. The exchanges that sprang up over-night and started bragging. One needs to be very careful with such exchanges because once you trust them and deposit your coins there, you have no way to get it back if the intentions of that exchange are not right.

Also, some exchanges that start well can run away with your money any time because they fail to scale and innovate to stay relevant in the market.

Some of these platforms as reported by are:

01crypto, Btc-cap, Capital-coins, Coinquick, Cryptavenir, Crypto-banque, Crypto-infos,, Cryptos-currency, Ether-invest, Eurocryptopro, Finance-mag, Gme-crypto, Gmtcrypto, Good-crypto, Mycrypto24, Nettocrypto, Patrimoinecrypto, and Ydconsultant.

3. Fake Wallets

With the launch of Bitcoin, many fake android wallets have also been launched on the Play store. That’s why it is a big NO from us to pick any wallet randomly from the Play store because there are chances that it will be fraudulent and you may end up losing your money. And, even though Apple app store is touted as secure, there are many fake apps out there.  

Reporting CryptoCrime:

If you’ve fallen victim to a cryptocurrency scam, you can report it to the FTCCommodity Futures Trading Commission (CFTC) and U.S. Securities and Exchange Commission (SEC).

You may also want to report the scam to the cryptocurrency platform used in the scheme. If you’re approached on a messaging or social media platform, you may also report the person to a group administrator who can ban the user or warn others about the scam.

The bottom line in dealing with cryptocurrency is to do your due diligence. Crooks often have an initial advantage as crime is a proactive action, especially in digital fraud- given the ability to now transfer large financial assets in a matter of seconds/minutes.

Look to next week’s Beacon Bulletin for Part II of this series: Cryptocurrency Asset Investigations.

BNI Operatives: Situationally aware; in the real and digital worlds

As always, stay safe.

The IRS will soon make you use facial recognition to access your taxes online

Beginning this June (2022), the Internal Revenue Service will require people who pay their taxes online to enroll in a third-party facial recognition company , Virginia-based Even those who have already registered on with a username and password will have to provide a government ID, a copy of a utility bill, and a selfie to You’ll have to provide a video selfie to this private corporation.

Let’s think this through.

I find ceding identity verification to a private company particularly problematic in that is indemnified by the United States federal government for any negative situations arising from misidentification and data breaches. I also see significant privacy issues in that the public has not been provided information regarding:

1. the accuracy – and corroborating data – of’s facial recognition software and capabilities,

2. their security protocols in preventing identity theft and,

3. their intended full range of known or potential use of this extremely personal data. Will our video selfies be shared with law enforcement and intell agencies? The latter is highly likely and something I do not have an issue with unless it turns into a Carter Page type situation wherein the rights of the individual are abused by unauthorized law enforcement/intell agencies claiming “security” concerns.

Once facial recognition inevitably becomes the accepted and preferred method of personal identification, its use will undoubtedly spread to the majority of government agencies, private industries (banking, medical, transportation) and credit reporting agencies, to name several, which also seems likely to cause problems for people with older hardware or who don’t have access to one.

I’m also curious as to why these selfies must be video versions rather than the usual 2-d photographs currently in use on government identification documents. Perhaps to align with public video surveillance that now incorporates facial recognition software currently in use in airports, train stations, federal building and sites, etc.? Tangentially but relatedly, soft mask facial recognition technology is already here and in use.

While laws are almost always reactive, since we can foresee many scenarios in which facial recognition as a form of identification can be abused or misused, we should strive to be ahead of these potential negative impacts by ensuring absolute transparency by the administering verification entities and, concise, easily accessible and understandable terms of service for the participating registrants for this service as well as opt-out options that still allow the process in which identification is necessary to continue unhindered.

BNI Operatives: situationally aware.

As always, stay safe.

Microsoft’s Woke Auto Correct

Microsoft has added a new auto correct feature to its word software that functions as an “inclusiveness checker.”

Microsoft has incorporated a feature that looks through a user’s work and determines whether the words used may offend someone. It suggests “politically correct” alternatives to benign language that allegedly offends people in the world. The feature displays a purple line beneath potentially trigger words or phrases. Fortunately, it can be switched on and off in word’s settings.

Neil Armstrong’s famous quote, upon becoming the first person in the world to step on the moon, is that he took, “One small step for man, one giant leap for mankind”. Now, according to Microsoft’s woke word suggestion, Armstrong took a giant leap forward for “humankind” or “humanity”. These perhaps seemingly innocuous changes are a) unnecessary as current formal and colloquial language is not inherently offensive and already allows for uniform communication and, b) these “suggestions” are overreaching impositions – as if, somehow, we cannot phrase words correctly and must be in line with subjectively selected politically correct terminology.

Microsoft Word has traditionally offered tools for spelling, punctuation and grammar, an editing feature that we have come to love, and expect to help us out. No additives are necessary. Let the individual think and express themselves without WokeWord interference. We can mind our own Ps and Qs and every other letter of the alphabet and the words they form.

BNI Operatives; situationally aware.

As always, stay safe.

Interviewing A Sexual Harassment Complaintant

When interviewing a potential sexual harassment complaint client, understand that this is an emotionally trying situation for her. Approaching your client with compassion and without judgment is helpful in obtaining the necessary information to determine the truthfulness (versus perception) of the allegations and viability of the case from the outset.

Once you’re potential client is comfortable and focused enough to describe the incidents that may lead to a sexual harassment complaint, we suggest you follow a prepared allegations checklist, such as the one below.

Questions to ask the complainant in a sexual harassment investigation

  1. What has happened that you perceive to be sexual harassment?
  2. To the best of your recollection, using his/her words, what did she/he say to you that
    made you uncomfortable?
  3. Did she/he touch you? In what way did she/he touch you? Where did she/he touch you
    on your body?
  4. What was said between you two immediately before the incident?
  5. Where did this occur? If in the workplace, specifically where? Did it occur at a work-related function?
  6. At what time of the day or night did this occur?
  7. What was the context of the behavior? Did she/he treat it like a joke? What about his/her
    behavior or words made you believe that she/he was serious?
  8. How would you describe your past relationship with him/her? How do you think she/he
    would describe it? If there is a difference, why is there such a difference?
  9. Did you ever socialize (e.g., have dinner or lunch) with him/her alone or in a group?
  10. Did you participate in the same company-sponsored extracurricular activities?
  11. Did you ever date this person? If so, what was the outcome, and why?
  12. How long have you known each other? Who else would know of your relationship?
  13. Did you ever say or do anything in the past that made it clear to him/her that you might
    object to this behavior?
  14. How would she/he know you object to it now? What did you say or do that would have
    told him/her that? Did she/he seem surprised at your response?
  15. What is the atmosphere like in the workplace? Is there a lot of joking or teasing with
    sexual innuendo? Are there any sexually explicit materials on the walls or desks?
  16. Are there many close relationships between the employees in your work group? Did your
    manager know about this closeness? How would she/he have known?
  17. How has the behavior affected you? Have you had a problem with your raises,
    performance appraisals, and opportunities for promotions, job assignments or other
    aspect of work?
  18. Have you ever raised a complaint with management? When was that, and what were the
    circumstances? What ultimately happened? Did you feel comfortable with the outcome?
  19. Did you wait for any period of time before reporting the incident? If so, why? What
    made you decide to come forward now?
  20. Are there any witnesses to the incident?
  21. Did you tell anyone about the incident at the time or since? If so, who, and what did you
  22. Are you aware of anyone else in the workplace that may have had a similar experience
    with the same person? Who is that and how did you discover that she/he had a similar
  23. What do you want to get out of this investigation? If it were up to you, what would the
    ideal solution be?
  24. Do you understand what will happen next and how the investigation will continue?
  25. Do you feel comfortable returning to your work group, or would you like us to look into
    alternatives for you?

Witness Interviews

After interviewing the complainant, move to speak to employee witnesses.

Cover the “who, what, where, when and how” questions first to establish a clear sequence of events. Ask for specific details of location, time, and conversations.

Then, ask for any other information they can provide that might help you find out what happened.

  • Did you see [the complainant] immediately after the alleged incident? What was their expression?
  • Did [the complainant] tell you about this incident or did you see/hear it first-hand? What did they tell you, when, and where?
  • Do you know if this was a singular incident or recurring?
  • Is there anyone else who might have information about this incident?

Request any documentation that is relevant to the investigation, such as emails and time sheets. These can help you piece together the employee’s whereabouts during the time of the incident, their behavior towards the complainant, and more.

Next week’s Beacon Bulletin will cover Part II- Keeping The Sexual Harassment Investigation On Track and Evidence Gathering and Preservation.

BNI Operatives: Situationally aware.

As always, Stay safe.

Bullies, Scammers and Predators; Monitoring Your Child’s Cell Phone

Vulnerable children, social media influence

It is rare that we release information on monitoring people but our concern over the sharp rise of child suicides – often due to bullying and now, the isolation caused by COVID restrictions –  has caused us to take this unusual step in  informing those who need to know: how to monitor their child’s cell phone. 

The two most effective and popular apps dedicated to child safety via cell phone monitoring are:

mSpy (for IOS and Android)

mSpy is very easy to use. All you have to do is install the mSpy app on the target phone and then activate it using your license code. Once that’s done, you’ll be able to monitor the phone’s activity remotely through the mSpy online portal.

Once mSpy is activated, you can log in to the online portal to access information collected from the target phone such as messages (Messenger, Telegram, WhatsApp and other messaging apps), phone calls, browsing history, and GPS location. mSpy is easy to use but also has many advanced features including social media monitoring, keylogger, no-jailbreak version, parental controls and more.

  • Social Media Monitoring: mSpy tracks your child’s activity on Facebook, Snapchat, Hangouts, WhatsApp, and Skype.
  • Keylogger: It records every keystroke made by the user. If your child uses an instant messaging app that mSpy can’t track directly, you can still see every keystroke typed.
  • No Jailbreak Solution: For iPhones only: The mSpy iPhone spy software allows you to spy on your child’s iPhone without jailbreaking it. This technique works by pulling data from iCloud backups. You will need to know your child’s Apple ID and password.
  • Parental Controls: mSpy can be used as a parental control software for a mobile phone. It allows parents to block inappropriate websites and incoming calls. In addition, you can control which apps can be used and when on your child’s phone.


Highster Mobile (for IOS and Android)

Highster Mobile is also simple to install and use.  Just download and install it onto the target phone, enter your license key, and you are good to go.  There are no settings or options to configure. After installation, you can log into your account and start tracking.

While Highster doesn’t have as many features as mSpy, but it’s a great app for those who want to spy on an Android phone without rooting or unlocking the phone. It has most of the features you’ll likely need.

  • Real-time GPS Tracking: Know where they are at all times and know where they are going. Track their cell phone location history & current location. Locations are displayed on a map on the company’s website.
  • Text Message Monitoring: Read their text messages, even those that have been deleted. Keeps a running record of all text messages sent and received.
  • View Call Logs: View the phone’s call history, including calls made, calls received, calls missed, phone numbers, and the date, time, and duration of the calls.
  • View Photos: All of the photos on their phone will be uploaded to your account.
  • View Browsing History: Track which websites they’ve visited and what they’ve searched for.
  • View Contacts, Calendar & Apps: View their contacts, calendar entries and installed apps.
  • Social Media Monitoring: Monitor different social media apps they use and who they talk to, including Facebook, WhatsApp, and even Snapchat messages. This feature, however, is only available on rooted devices.

There are other high-end cell phone spy apps that have many more features: such as recording phone calls and even recording the user’s surroundings but we suggest taking this step first as these escalated features are extremely intrusive. 

BNI Operatives: Situationally aware.

As always, stay safe.

Facebook Quizzes: Cute, And A Useful Tool For Identity Thieves.

Just about everyone on Facebook has been drawn to taking one of those “Share with your friends” quizzes – the last widely spread lure being “What Is Your Elf On A Shelf Name?”.  Full disclosure: I was halfway through that one myself when I realized what I do for a living. <facepalm>  In my defense, who doesn’t love a good quiz?

Quite a few police departments have issued a Facebook quiz scam alert, warning that those “harmless” quizzes may not actually be all that harmless after all.

Think about the security questions we have to answer to just about every one of our online accounts – banking, credit reporting agencies, even Expedia, etc.   Who was your first-grade teacher? What was your favorite pet’s name? What’s the first name of your childhood best friend?  By providing this information in a social media quiz, you may be handing hackers the keys to your identity.  Hackers then build a profile of you through several different data sources.

An example of how quiz scamming works:

This quiz uses the first letter of your first name and your birth month to determine your “Elf” name. So, when you post your response, online hackers can figure out your birth month and then click through to your profile page to get more information.

facebook quiz scam alert

A nugget of information in isolation may not seem like a big deal, but combining that with other data that may be out there can result in a greater threat,” says Rachel Rothman, Chief Technologist for the Good Housekeeping Institute. “Be mindful of photos or posts that could give away information about your location or self (like your birthday) and consider if you are posting something that could be used to locate you offline or make it easier for someone to figure out any of your passwords.”

While the person posting and sharing these quizzes usually has innocent intentions, your response puts the information out there for all to see. That can be scammers or, as the Better Business Bureau points out, data mining companies who sell your information to other businesses.

With the year-end holidays and commemorations coming up, please resist the urge to respond to “What Will Your Sweetheart Gift You This Year?” or “Who Will Surprise You This New Year’s Eve?”.  I can answer those two questions for you right now: 1. If you’re smart, s/he has already intuited your gift desire from your numerous overt hints, so you already know.” and “No one if you avoid the in-person or Zoom office holiday party.”   There you go: informed, safe and sound.

BNI Operatives: Situationally aware.

As always, stay safe.

Happy Thanksgiving!

Subheader: The Various Webs and Law Enforcement

Happy Thanksgiving 2021!


The Three Webs Defined As Related to L.E. Monitoring

Holiday reading: Subsequent to last week’s post regarding the use of geo-fencing and keyword logging warrants by law enforcement agencies, several readers asked me to define the various webs, i.e., the surface, deep and dark webs, as well as how they relate to l.e. monitoring of potential suspects and high-level security threats.

The Webs


Surface Web: The majority of people employ Google, Bing, Firefox, Safari and like browsers. That area of the internet is called the surface or open web. It is the tip of internet that is visible to all, if you liken the internet to an iceberg. The surface web comprises only 4% of the entire Internet.

Deep web: The deep web is the portion of the Internet that is hidden and not shown from conventional search engines. IOW, it cannot be accessed by search engines; harboring sensitive and private information such as government data, bank data, cloud data (think the content of your personal email and social media accounts) etc. To access deep web data, you must go to the website, log in and locate the information within the site. Journalists and politically oppressed people internationally are common inhabitants of this space. The NYT has a permanent lockbox on this web.

Dark Web: The dark web, a subset of the deep web, refers to heavily encrypted online content that is not indexed by conventional search engines. Access requires a password, encryption, or specialty software to surf the anonymous environment as well as as a multi-layered encryption browser, i.e., TOR. This is where law enforcement concentrates its focus in that this is the area of the web in which criminals and nefarious routes reside (e.g. the Silk Road black market). 

The above provides a glimpse into the enormous scope of the internet that domestic and foreign enforcement agencies must monitor. By its sheer size, unless one is labeled a probable master criminal or terrorist, law enforcement is mostly reactive in monitoring people. One would have to commit extremely egregious acts over a prolonged period of time for deep, sustained monitoring. 

I say this knowing that AI tools specifically to monitor long-term have been developed and are being refined as I type. Lots to keep an eye on here.

BNI Operatives: Situationally aware.

As always, stay safe. and enjoy the holiday,

Geofencing And Keyword Logging; The New Warrants

Geofencing and keyword searches

Privacy experts are now contesting law enforcement’s two newest tools- geofencing and keyword logging. These technologies are used, respectively, to track activity within a specific geographical area (from a single home to a large neighborhood) and, to monitor specific keyword input. Combined, these two activities provide law enforcement with access to the location and personal written communication of millions of innocent people.

Lawyers and privacy experts contend that geofence and keyword logging warrants are akin to a general warrant, which is illegal under the Fourth Amendment protection of the right against unreasonable searches and seizures. These new warrant tools don’t have a specific person in mind, they simply target groups of unnamed people. Where is the probable cause against specific suspects in such random warrants?

Keyword logging warrants are potentially more far-reaching than geofence warrants because keyword search warrants are not necessarily geographically or otherwise tangibly tied to a specific crime and could make suspects out of innocent people around the nation and the world.

It’s not just the large tech companies such as Google and Facebook who are providing this personal information to law enforcement, many other smaller data providers and even apps (such as fitness app, FitBit) are fulfilling these geofence and keyword search warrants.

There’s also always the very real concern that this information will be used under pretext to target private citizens or causes. Companies like Hawk Analytics are hosting seminars, training people in the private sector as well as law enforcement on how to put together these type warrants. But no one is monitoring the use of this information. There is current legislation wending its way through Congress to protect general personal information, there is no legislative effort addressing geofencing.

A case on record now clearly illustrates the danger of unregulated geofencing warrants wherein an innocent bicyclist had to hire an attorney to clear himself as the prime suspect in a burglary case- simply for riding by the burglared house- along a route he took often while biking. Read here.

Very concerning to lawyers should be the worry that in researching cases, general keyword search warrants may be in place for anyone and everyone’s IP addresses and communication should they use certain phrases. Real case example.

We’ll update our readers on congressional action on these warrants as developments occur.

BNI Operatives: Situationally aware.

As always, stay safe.

How To Minimize Your Digital Footprint

Managing your digital footprint

(At all times in this review, we are referring to U.S. digital presence. The European GDPR law and rules – the right to be forgotten, aka the right to erasure – will be covered in a future post.)

Every day we see articles and advertisements claiming to help you “delete your digital footprint”. We’re not here to sell you anything – we provide you with the facts and, thoroughly tested, solutions. To this end:

Fact 1 – You cannot entirely delete your digital footprint, albeit, you can have certain information redacted. (See Step 6 below.)

Fact 2 – You can modify, minimize and moderate your digital footprint.

Addressing Fact 2, we include several common sense recommendations to minimize (in some cases, remove) your unwanted or irrelevant digital references and, very definitive actions you can take up directly with the data providers to better manage your public profile.

1. Go through your email, especially the Spam folder. Identify old, nuisance or trial accounts by using keywords such as “welcome”, “verify your email” and “free trial”. Delete these accounts on the company sites.

2. Delete old emails that you no longer use. Under the Electronic Communications Privacy Act of 1986, servers such as Gmail, consider email unused for 180+ days abandoned. Furthermore, the government can access these “abandoned” emails without a warrant.

3. Go to and find out if your email addresses, phone numbers or passwords are in hacked/leaked databases available to criminals. (This information on this site is a small representation of the personal data criminals can access.)

4. Search your user names and delete the ones you no longer use. (If you can conduct this search, so can others- and potentially learn private things about you – where you shop, your political supports, affiliated organizations, etc.)

5. Change your social media privacy settings to control who can see your posts and while you are conducting this task, delete your old social media posts. Facebook was founded in 2004. By now, that college student is in her mid-30s; the associate lawyer is now a partner or a sole practitioner and surely, many original users have their own families, so perhaps it’s time to archive the night-out w/friends pics.

6. Opt out of data provider websites. These people finder sites collect tons of personal information such as names, addresses, ages, birthdays, phone numbers, tangible assets (homes, cars) and even court records and, these records are not always inaccurate. There are hundreds of these sites in the list we’ve compiled during the course of work (and we’ve successfully petitioned the majority of these sites for client information redacted/removed or corrected).

7. Text with Telegram (read our recent article on this ultra-secure and secret messaging app), search with DuckDuckGo (it doesn’t track your searches) and avail yourself of a ProtonMail free email account (end to end encrypted email that contains zero knowledge -IOW, not even the provider can read the contents of your ProtonMail email, unlike Google and the majority of email providers.)

We’ll update this list as new viable developments in digital privacy occur, so check back often.

BNI operatives; situationally aware.

As always, stay safe.