how a Moroccan tricked an American out of half a million dollars

A Moroccan man has been charged by U.S. prosecutors with allegedly stealing four non-fungible tokens (NFTs) and $450,000 worth of cryptocurrency from a Manhattan resident in 2021. Soufianz Oulaha, who is currently under arrest in Morocco, is accused of creating a fake OpenSea site and obtaining the victim’s secret phrase through spoofing.

According to a press release from the US Attorney’s Office for the Southern District of New York, Oulaha used a paid ad on a popular search engine to lure the victim to the fake OpenSea site. When the victim entered their passphrase on the site, Oulaha received it via email and used it to access the victim’s wallet. He then transferred the NFT and cryptocurrency to his own wallet.

The Oulahei NFTs stolen included one each of the Bored Ape Yacht Club, Meebit, Bored Ape Kennel Club, and Crypto Dad series. The victim paid approximately $448,923 to purchase these digital assets. Which cryptocurrencies were stolen by Oulahey is not specified in the indictment.

“Allegedly, Soufian Oulakhyan used a common cybercriminal method to steal the victim’s cryptocurrency and NFT. ‘Spoofing’ is one of the oldest tricks in the criminal arsenal. Oulakhyan has adapted this old tool for use in a new and growing area – the crypto space,” said Attorney Damian Williams.

The case is being investigated by the US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI). Oulakhyan is charged with one count of telecommunication fraud, which carries a maximum penalty of 20 years in prison.

The accusation comes amid a surge in cyberattacks targeting the NFT space and cryptocurrencies. In April 2022, the owner of Bored Ape Yacht Club was scammed into three NFTs worth $570k on the Swap Kiwi exchange platform, which used fake checkmarks to create counterfeit BAYC NFTs. But these were nothing more than Jpeg files edited in Photoshop.

In October 2022, BNB Chain suffered a security breach and lost millions of dollars worth of cryptocurrencies. While the freeze, restore, and normalization processes were in progress, a new spoofing attack caused 60 ETH damage to the network.