A Guide to Detecting Investment Scams

It was a bright and sunny morning, Mike had just woken up from sleep. As was his usual custom for some months, he turned on his mobile internet connection to check the status of his investments. Something was off; the mobile app of the investment firm was not working. Soon after, he received a message from Jerry who was one of his friends he had convinced to invest in the platform.

Jerry wrote “Mike, there is fire on the mountain, the website of that company you convinced me to invest in has disappeared. They have deleted their social media handles. I read somewhere on the internet that they have crashed! Mike, you know it’s the money I was saving for my house rent I used to invest, what am I going to do?”

Why Do People Fall For These Scams?

Stories like these are common once an investment scheme goes burst (the latest being Pennywise Wealth Management). Why do people fall for these scams? Below are five factors we think that makes people susceptible to investment scams.

  1. Perceived Scarcity of Such Opportunities

People are drawn to investment opportunities that tell them that there is nothing like it. Looking around and seeing very few investment opportunities that proclaim the same benefits, people are enticed to throw their hats in.

2. Fear of Missing Out (FOMO)

This is pressure brought on by the urgency of the offer. When the offer is communicated in such a way that implies a time restriction, people are more inclined to act. Another variant of this is when a lot of people have already invested and are being paid “profits.” This would make anyone who was initially skeptical of investing feel like they are missing out.

3. Affinity

The is when people judge an offer not on the merits of the offer itself but on the personality of the individual recommending the offer. The perpetrators of investment scams know how to leverage social bonds through relationships such as alumni groups, religious groups, civil groups or any group where there are pre-existing relationships of trust and respect. Fraudsters know people are less likely to be suspicious when an offer is being presented by a respectable member of their religious group or association.

4. Greed

All investment scams are set up to feed the inordinate desire to get so much out of little. As such, scammers use the allure of an easy financial windfall to hoodwink their victims.

5. Gullibility

Most people that fall for investment scams are too quick to believe and lack a healthy dose of skepticism.

Having considered why people fall for investment scams, the next important step is to consider particular traits of investment scams so as to aid their identification. The following are five traits of investment scams. If you notice any of these, we advise that you do not proceed with investing.

Common Traits of Investment Scams

  1. The presence of low or no risk and high returns

There is no such thing as a guaranteed return on investment. All investments contain risk. Hence, any investment offer that claims there are no risk or low risk while promising high returns is a scam. Keep this in mind, high returns are associated with high risk and low returns are associated with low risk.

2. The presence of complexity or secrecy

When asked how the scheme works or how they generate the income to pay dividends, investment scammers might use jargon or give an explanation that is incomprehensible due to its complexity. Don’t put money into something you don’t understand.

3. No physical address

Any investment firm worth their salt will have a physical office space where they transact their business. If there is no physical address listed on their website or you verify and realise that the address given is wrong, you’re dealing with a scam.

4. Unknown owners/management team

You should be able to tell those behind a scheme. They should be well known and a way to contact them should be available. An investment scheme where the owners or management team are not known is a huge red flag.

5. It should be registered

Most fraudulent schemes involve unregistered firms. A legitimate investment firm should be registered with the Securities and Exchange Commission (SEC) in the country where they operate. For instance, if the firm is operating in Nigeria, it should be registered with SEC Nigeria. Note that registration with the Corporate Affairs Commission (CAC), while good is not sufficient as they are not the organization tasked with regulating investment firms.

To reiterate, if one or more of these five traits are present, then we advise you to not go ahead with investing (especially No. 5). Abiding by this should keep you safe from most investment scams but like some things in life, there are no guarantees.

In conclusion, here’s a quote you should always keep in mind when the disciples of the latest investment scheme in town approach you. It is from Oluwatosin Olaseinde, Financial Literacy Expert and Founder, Money Africa:

“They paid me isn’t due diligence”

NCDC SMiShing Attack

The average Nigerian phone user received at least 65 spam text messages per month in 2019. The situation might likely be worse this year as we are witnessing a surge in scams that use SMS as their method of delivery. The latest iteration of these fraudulent text messages is claiming to be from the Nigeria Centre for Disease Control (NCDC).


Sample Fraudulent Text Messages

Below are two fraudulent text messages purporting to be from the NCDC. We’ll examine them with a view to understanding how scammers have evolved their tactics.

In this instance, the text message tries to mimic a credit alert from a bank. It then provides a phone number to call to receive a similar sum into your account. Such a message will without doubt elicit a desire in the recipient or at least some interest. The scammer hopes that will be enough for the recipient to call which will then launch the second stage of the scam.

In this text message, the fraudster claims that the sum of 45,000 naira is being shared and provides a number for you to call in order to participate in the giveaway.

Both messages claim to be from the NCDC and use the sum of 45,000 naira as bait to entice the recipients.

Protecting yourself from SMiShing

  • Do not post your number publicly, especially in online forums.
  • Never click on links in text messages.
  • Do not be in a hurry to act. If a text message is urging you to act or respond quickly, remember this is one of the ways cybercriminals get their targets to take the wrong action.
  • Even if the text message seems to be coming from a high profile company, do not immediately believe it.
  • Never call a phone number provided in an SMS. If the message claims to be from a company, go to their website and find their customer service number and call that number to confirm.
  • Keep your phone software updated and use a mobile antimalware.

Are You Protecting Your Parents From Cyber Fraud?

Internet access has become ubiquitous in Nigeria. As of June 2019, figures from Statista showed that Nigeria had 123.49 million internet users. Out of this figure, 74 percent of web traffic was generated via smartphones, and only 24 percent via PC devices. This state of affairs was brought about due to the availability of cheap android phones which resulted in more people including seniors going online.

Today, it is common to see seniors have Facebook and/or WhatsApp accounts to communicate and stay in touch with family members and friends. Also, many open personal email addresses to send messages and sign-up for services. However, this good indulgence has put many of them at risk as they may be taken advantage of because of their limited knowledge about technology.

Unfortunately, seniors are increasingly becoming a target of cybercriminals. The following are tips on how to keep them safe from cyber fraud.

Tip 1 – Keep an open line of communication

It is important to have a cordial relationship with your parents built on trust. This will enable them to be transparent about their activities online. This will also make it possible for them to reach out to you whenever they have a technology-related concern.

Tip 2 – Do not use jargon when communicating with them

Remember to keep it simple. Do not use technical terms when conversing with them. For instance, use simple words to highlight how digital assets (bank account, personal information, etc) are as important as physical assets (car, house, wallet, etc).

Tip 3 – Educate with examples

Educate them about various online threats by showing them what has happened to other people who clicked a malicious link or downloaded an attachment that turned out to be ransomware.

Tip 4 – Be their Human Firewall

Advise them never to download anything suspicious and to contact you before installing any new software. Also, set up a regular schedule to check up on them to make sure their devices are receiving patches and updates.

Tip 5 – Be one step ahead

Always keeps tabs on the latest cybersecurity news and scams, then pass along the information to your parents.

Here is a short video highlighting some of the tips above and always remember that it is our responsibility to keep our parents safe.

Bank of Tron: The Menace of Crypto Ponzi

Ponzi schemes have a perennial appeal; each time we see new iterations of the same old scheme: they promise high returns to investors and use money from previous investors to pay new investors.

Recently, our intelligence team came across a few of these schemes in the cryptocurrency space. The first is called Bank of Tron [bank-of-tron.com]. It claims to be a platform for investing in the cryptocurrency TRON and is designed as a blockchain smart contract. The first thing that indicates this is a Ponzi scheme is the incredibly high profit it promises. Bank of Tron claims to be able to pay daily profits of 3.7% to 6.7%, which translates to 1,350.5% to 2,445.5% in a year!

Another sign that this is a Ponzi scheme besides the high profit is that Bank of Tron does not offer any product or service, so where does it generate the revenue to pay investors? ‘Dominus’ an Admin in their Telegram group provided the answer below:

The Admin stated that Bank of Tron redistributes money back to its investors. This is just a round-about way of saying profits are paid from other people’s investment. This admission clearly shows that Bank of Tron is a Ponzi scheme.

Apart from being a Ponzi scheme, there are other dangers that could be lurking that most investors may not be aware of. To illustrate, last year there was a similar website called Tron Bank which also promised to pay high dividends.

After Tron Bank operated for some months, it disappeared with all the funds of its investors. There have been accusations and counter-accusations on how this happened but a popular explanation posits that a backdoor was placed in the code of the contract which allowed all the funds to be moved.

The above incident highlights the added risk of investing in such schemes as very few investors have the technical knowledge to review the code of a blockchain smart contract to verify if they contain any backdoors.

Digging further, we notice that some other actors were cashing in on the popularity of Bank of Tron by setting up a clone of the site. Websites such as tron-bank[.]io and tron-bank[.]com are an exact copy of Bank of Tron but with a different smart contract address.


The latter domain; tron-bank[.]com redirects to another domain 250tron[.]com after taking the investor’s funds.

A final point worthy of note concerning scams is that the creators like to remain anonymous. All the websites listed in this report do not have a contact address neither do they list the owners or operators. Poking around, we were able to find an email address listed on the Bank of Tron Facebook page.

By sending an email to the address provided on their Facebook page and reviewing the chat logs on the Bank of Tron Telegram group, we were able to confirm that the Admin “Dominus” on their telegram group is the same individual that owns the email address listed on their Facebook page.

Mr. Charles A.K.A Dominus claims not to be the Founder of Bank of Tron. This may be true as the social media accounts connected to Bank Of Tron are just a few months old. However, he cannot possibly claim to not know those behind the scheme. Who hired him to be an admin on Bank of Tron Telegram group? Who made him the person to contact on the Bank of Tron Facebook page? The most likely options are he owns the scheme or he is among the owners or he knows the owners.

In conclusion, we advise you to not invest in Bank of Tron as there is a high probability of you losing your money.

Pennywise Wealth Management: An Investigation

Our community members recently drew our attention to a so-called Investment Management firm called Pennywise Wealth Management. The following is a summary of what our intelligence team discovered upon visiting their site (pennywisewealthmanagement[.]com).

We observed that they promised to pay as much as 3% of a depositors investment daily.

Upon noticing the high interest rates promised and intrigued to know how this was being achieved, we went to their “How it works” page on their website. There they made numerous claims such as:

“Through trading desks in Calgary, Houston, London and Singapore, We have access to round-the-clock coverage of a broad array of physical and financial commodity products.”

“Located across four continents, our equity specialists can help you access more than 90 markets around the world. Our equity specialists have access to both cash equities and derivatives, letting us implement tailored strategies through a single point of contact. As well as our market-leading execution capabilities, we are able to provide margin finance secured by our equity portfolios which gives us a very high returns.”

These are quite lofty claims. A company with such global reach and presence should at least have an office address in places where they operate. We find no address on their contact page. Also, there is no list of company employeers or a management team. From what the company says about itself it wouldn’t be a streach to expect such information as company address and management to be readily available . The absence of these two important details was indicative of something sinister.

Next, we looked at the domain records and discovered that the domain is two years old.

The above pictured domain details are important because of the claims made on their website. See below.

“At Penny Wise there are no outside owners, and therefore, no conflicting loyalties. The company is owned by its funds, which in turn are owned by their shareholders—including you, if you’re a Penny Wise investor. Our unique client-owned structure allows us to return profits to our investors in the form of lower expenses. Low costs helps our clients keep more of their returns, which can help them earn more money over time investing with Pennywise Wealth Management.”

Since they have no outside owners and operate a client-owned structure, how were they able to build a global reach in just 2 years? Investigating further, we noticed they had a privacy policy on the footer of their website.

Clicking the link took takes one to their Privacy Policy Page, there it had contact information for Owner and Data Controller.

Looking up this address on Google, it shows that it belongs to Standard Chartered Bank, United Kingdom.

The red flags thus discovered prompted a study of the structural make up of the website and source code. From this, we were able to connect the pennywise website to several others on the web. One of such was acrofundinvestment[.]com and even the text used in both sites were similar, the only difference was the company names. See below.

Acro Fund Investment
Pennywise Wealth Management

Here are other domain names we found connected with the two above:

  • bluechipbond.com
  • gwwcooperation.com
  • pennywiseweallthmanagement.com
  • pennywisewealthmanagement.website
  • bitclubcapital.com
  • postcovid19investment.com
  • bitmainglobal.com
  • goldpalminvestment.com

From the foregoing, we can deduce that this is a carefully orchestrated fraud scheme. Furthermore, it appears that probably some (if not all) of the perpetrators reside in the city of Portharcourt as several lines of evidence point to this.

First, aside the Instagram handle listed on the Pennywise Wealth Management website, we were able to unearth their Facebook page. Below is a screenshot showing their Ad account with both handles

The Ad account had only two ads deployed. See below.

Searching google for the phone number “08035216067” listed on the above ad led to a service run by a “Wealth Producer” in Port Harcourt. See below.

The second line of evidence pointing to Port Harcourt is what appears to be a name found in the source code of bitmainglobal[.]com which is one of the domains listed above.

A google search of this name led to a Post UME list from the Rivers State University of Science and Technology which is also located in Port-Harcourt

The third line of evidence is from bluechipbond[.]com, one of the domains listed above. Looking at the domain record, it shows that it is just over a month old

Upon searching on social media, only one Facebook group was promoting this website. Looking at the group members, it had only one admin whose residence is listed as Port Harcourt.

In conclusion, we advise the general public to not conduct any form of business with the above-listed domains. Furthermore, anyone who has funds to invest should always make sure that the entity they are going to hand over their funds to is duly registered with the appropriate authorities in their country of operation.