The chairman of the Senate Banking Committee, Sen. Sherrod Brown, has written letters to Tim Cook of Apple and Sundar Pichai of Google about the proliferation of fake crypto apps in their app stores.
In recent years, apps that enable cryptocurrency fraud have popped up on Apple’s App Store and on Google Play. In some cases, they’re meant to spoof legitimate apps and trick users into giving up their login credentials, while others provide a medium to false exchange platforms. In either case, real people are getting their crypto stolen.
On Thursday, the chairman of the Senate Banking Committee sent nearly identical letters to Apple and Google, seeking explanations as to how these tech giants are evaluating and ultimately allowing these types of trading apps that seemingly enable cryptocurrency fraud. The letters came hours before the committee held a hearing on “scams and risks in crypto and securities markets.”
Neither Apple nor Google immediately responded to a request for comment, but both companies do not allow apps to impersonate bona fide apps or to engage in illegal or fraudulent activity.
However, last month, Apple said it stopped nearly $1.5 billion in fraudulent transactions in 2021, and noted that its App Store is the “safest place to find and download apps.”
Chairman Sen. Sherrod Brown (D-Ohio), who authored the letters, noted that it is “imperative” that app stores have “proper safeguards” to mitigate fraud. The companies have until August 10 to respond.
Often, a scammer will begin to lure a victim through an unsolicited text message or a message on LinkedIn. Sometimes they start messaging a victim on a dating app.
After engaging the person in conversation for a time, the scammer will usually direct their victim to buy cryptocurrency from a legitimate company, like Coinbase, and then instruct the victim to send it to a purported exchange mediated through an app like Metatrader. There, the attacker can lure the victim into believing that they have made profits. However, when the victim tries to withdraw their money, they will ultimately find that they cannot do so.
One California-based victim, whose identity Forbes is withholding at his request, said that after he lost $1.2 million late last year via a scam and purported trades made on Metatrader, he had suicidal thoughts.
“On my way to my parents’ house in San Francisco, I had this thought of ramming the car into a barrier and just let that be and let God decide whether I would live through this or I would die,” he told Forbes.
Metatrader’s website lists no phone number for any of its offices around the globe. Forbes left a message on what appears to be its Cypriot headquarters voicemail and sent emails to multiple email addresses linked to the company. The company did not immediately respond.
Earlier this month, the FBI issued a formal warning to the public, noting that at least 244 victims had collectively lost $42.7 million through such fake apps.
According to the Federal Trade Commission, related losses from romance scams, many carried out using online dating sites, have “skyrocketed” recently. Last year, reported losses reached an all-time high of $547 million. A subset of these romance scams involve cryptocurrency, and are sometimes known as “pig butchering” scams, in which victims are enticed to put in more and more money into a fraudulent crypto app—fattening them up—before the scammers abscond with vast sums of cryptocurrency.
The FTC also reported that in 2021, crypto payments to scammers jumped five-fold—reaching $139 million—between 2020 and 2021.
“I’ve talked to 50 people in the last six months,” said Arlo Kipfer, a Seattle attorney who has also consulted with scam victims on how to move forward.
“The most heartbreaking thing is they bleed the victims dry—the odds of recovery are still low.”