Investment & Crypto Scams: Spotting Unregulated Brokers and Rug Pulls

Investment fraud has become the highest-loss category of consumer scam in nearly every developed economy. Action Fraud in the UK, the FBI's IC3 in the United States, ASIC in Australia, and BaFin in Germany all report record annual losses driven by unregulated offshore brokers, fake contracts-for-difference (CFD) platforms, fraudulent foreign-exchange schemes, and an expanding universe of cryptocurrency scams. The unifying feature is regulatory arbitrage: operators incorporate in jurisdictions with weak enforcement, use a rotating fleet of look-alike domains, and target retail investors through paid social ads, deepfake celebrity endorsements, and inbound "investment manager" cold calls.

Crypto-specific schemes add a layer of technical opacity that legacy fraud lacks. Rug pulls — where developers drain liquidity from a freshly launched token — exploit the permissionless nature of decentralised exchanges. Pig-butchering (sha zhu pan) operations cultivate the victim emotionally over weeks before steering them to a counterfeit trading dashboard that displays fabricated gains until withdrawal is attempted. Honeypot smart contracts permit purchases but block sales at the bytecode level. Verifying the legitimacy of a token issuer, exchange, or wallet provider now requires reviewing on-chain contract behaviour, the operator's corporate filings, regulator warning lists, and the digital footprint of any individuals named on the platform.

A disciplined verification routine for any investment platform begins with five questions. Is the entity authorised by the relevant financial regulator in the jurisdiction where it solicits clients? Does the company name and registration number resolve to a real, active filing in the national business registry? Was the domain registered recently — particularly within the last twelve months — and does its WHOIS record use privacy protection? Does the regulator publish a clone-firm warning naming the entity? And does the platform appear on any global sanctions list or unsafe-website feed? A failure on any single question is sufficient grounds to refuse funding.

Scam AI compresses that five-question workflow into a single search. The platform queries global business registries, regulator blacklists including the FCA Warning List, SEC Investor Alerts, and ESMA notices, the OpenSanctions corpus, Google Safe Browsing, and live WHOIS data, then applies an AI reasoning layer to produce a legitimacy score, recommendation, and the underlying evidence trail in seconds. For prospective investors evaluating a broker, exchange, or token project, running the URL and corporate name through scamai.org before transferring funds is the fastest available form of pre-investment due diligence — and it is free of charge, with no account required.