Money transfer, virtual currency, or money service -- Fraud or scam -- Complaint #5155000

Complaint Overview

Complaint ID: 5155000

Company: Payward Ventures INC. DBA Kraken

Product: Money transfer, virtual currency, or money service

Sub-Product: Virtual currency

Issue: Fraud or scam

State: Florida

ZIP Code: 32258

Date Received: 2022-01-26T12:00:00-05:00

Date Sent to Company: 2022-01-26T12:00:00-05:00

Company Response: Closed with explanation

Timely Response: Yes

Consumer Disputed: N/A

Submitted Via: Web

Tags: Servicemember

Consumer Narrative

To whom it may concern : On XX/XX/2021, approximately $ XXXXworth of cryptocurrency stolen from my account at Kraken. While Kraken ultimately held custody and control of the funds, the exchange did not compensate me for the theft nor provide a sufficient explanation as to how the funds were depleted from my account. Id opened my account at Kraken on/in XX/XX/2021 and had been adding funds to it on a regular basis. I added Kraken pro to my account on XX/XX/2021 to give me higher funding limits. I also set up a number of security features to ensure that my account could not be easily hacked such as a 2FA, a very strong password and a computer with a dedicated anti-virus software. Immediately preceding the incident, I had over {$70000.00} worth of Bitcoin, XXXX, XXXX, Bitcoin Cash, and Ethereum in my Kraken account. On XX/XX/2021, I was locked out of my account. After several days of lock-out, on XX/XX/2021, I was able to access my account and ascertain that my entire portfolio had been converted into Bitcoin and transferred out of Kraken. Between the time of the withdrawals and the time I regained access to my account, Kraken did not notify me of any activity on the account. Prior to this theft, for every trade or withdrawal made, I received an email, but on XX/XX/XXXXor anytime thereafter, I did not receive any emails confirming a withdrawal. When I notified Kraken that all my funds had been withdrawn by an unauthorized user, Kraken informed that I had been phished and offered the following explanation : 1 ) According to Kraken, I had clicked on a malicious link that appeared as if it were Krakens platform, but was in fact an impostor exchange. ( My response : I am very careful of this and always double check my information ) 2 ) According to Kraken, I clicked on an email that redirected me to a malicious website that was designed to appear like Krakens exchange platform and that someone was able to get into my third party authenticator. ( My response : I never click on any email links or open emails from unknows addresses, instead I go to the company website directly if I know I have an account with the sender and enter through the secured site ) In addition, Kraken informed me that the e-mails were sent to me confirming the trades and cash out, however I never received those emails. I checked my email settings and they were not tampered with or changed in any way. I asked Kraken to resend me the confirmation emails of withdrawal and they never did. To the best of my knowledge I was not phished, and I do not know how Kraken determined that I had been phished. I am very well versed in different phishing schemes due to my employment as I have worked hundreds of cases involving fraud and phishing. I was never solicited to " go to a Kraken Crypto Exchange site, nor did I go to any site that was not Kraken. Furtherm ore, I use a computer that is very closely monitored, and I do not surf the web on the computer I use for my cryptocurrency investments. After the incident, I ran a number of diagnostics on my computer and did not find any malware, viruses, or other suspicious software. I also checked my email settings as stated above, and there were no traces of suspicious activity such as hiding, deleting, or removing information/emails. My third-party authenticator was on my phone, not my computer. I never conducted any trades from my phone, and I use a dedicated computer for investing in cryptocurrencies. On XX/XX/2021, I filed a complaint with IC3.gov. See attached While Kraken claims that I was a victim of a phishing scam, there are several discrepancies in Krakens account of the incident : Kraken claims and wrote that I was sent an email ( s ) that reference that fraudulent transactions. However, I never received these e-mails, and when I requested proof that these e-mails were sent to me, Kraken failed to provide it. Kraken sent the IP Address from which my account was logged into. The IP is a well-known Spam IP Address ( See XXXX : XXXX XXXX XXXX XXXX XXXX : XXXX ). These logins occurred two hours after my own attempts to log in to my account. At this point, I was already locked out of my account. It follows that while I was locked out of my own account, Kraken had somehow allowed the hackers to log in and withdraw my funds. ( My IP home address is XXXX Florida not XXXX XXXX - See Below spam IP address per Kraken ). Below you will find emails between myself and from Kraken. Attached you will find all transaction history for my account with Kraken to include the theft. I appreciate in advance any assistance you can provide in this matter. Respectfully, XXXX XXXX XXXX ( Kraken Support ) XX/XX/2021, XXXX PDT Hello XXXX, Important security alert, read carefully : Our security system has flagged your account and temporarily disabled it for some additional checks. You must complete the following steps and reply with the requested response before we can fully unlock your account. Prior to regaining access to your account, it is critical that you immediately secure your Kraken account password, your email accounts and your devices. The following general steps may assist you with this process : 1. Scan your computer and all devices for malware and keyloggers and take the necessary steps to ensure your devices are malware free. 2. Change your email account passwords. They should be unique, randomly generated and longer than 15 characters. Do not share passwords between services ( e.g. same password used for both your Kraken account and your email account ). Use a password manager such as KeePassXC to generate random passwords and to keep your passwords safe from theft or forgetfulness. 3. **Reset your Kraken account password by navigating to : https : //www.kraken.com/en-us/forgot-password. Please follow the same recommendations outlined in point two. Note : You will still not be able to sign in after your password is reset. 4. Add ( or change ) the Two-factor Authentication method on your email account and secure the account as indicated in this support article. 5. Remove any unofficial Kraken Apps from your mobile devices as soon as possible. Our official mobile apps, published by XXXX XXXX XXXX, are listed in our Support Center. Other apps claiming to be official Kraken apps are not ours and are likely to be scams. 6. If you have downloaded a fake Kraken or cryptocurrency app to your device, we advise to backup any required data and factory reset the device. Once you have secured your Kraken Account password, your email accounts and your devices, copy and paste the following line into a reply to this email : " I hereby confirm that I have followed the above instructions and secured my **Kraken account password, my email accounts and my devices. '' **if you lost access to the email address associated with your Kraken account ignore this step but proceed to secure your devices and the email address you are currently using. We won't be able to offer anything beyond general advice regarding your case until the above steps and security procedures have been completed. We look forward to your reply. Kind regards, XXXX XXXX Client Engagement Keep your Kraken account secure with these tips : Add an Authenticator App or Yubikey for Login : https : //support.kraken.com/hc/en-us/articles/360000426923 Beware of Phishing Scams : https : //support.kraken.com/hc/en-us/articles/115012482687-Beware-of-Phishing-Scams Protect your account using a strong and unique login password that you do not use for anything else. We recommend you change your password regularly. If you would like to reply to this message, please reply directly or access the Help Center from https : //support.kraken.com/hc/requests/5390066. XXXX ( Kraken Support ) XX/XX/2021, XXXX PDT Hello, Thank you for contacting Kraken Support. Your request ( XXXX ) has been received. Please read the following steps carefully and reply to this email once you have completed them. We kindly ask you to perform the following steps : - Attempt to sign into your account from a device and/or IP address which you have previously used. - If you have access to your authenticator codes please make sure that the time on your device is set to automatic and that you are using the correct 2FA code for Sign-in ( Kraken Sign-in 2FA ). -If you no longer have access to the Sign-in 2FA code for your Kraken account, enter a random code into the Sign-in Two-Factor Authentication. ( This attempt will likely be unsuccessful, but will provide us with information needed to assist you further. ) - ONCE YOU HAVE COMPLETED THIS SIGN-IN ATTEMPT, REPLY TO THIS EMAIL TO LET US KNOW XXXX When we receive your email, further instructions will be emailed directly to the address on your Kraken account. If you have successfully accessed your account, reply to this email to let us know. Thank you for your cooperation. Regards, XXXX XXXX Client Engagement Increase account security with two-factor authentication : https : //support.kraken.com/hc/articles/360000426923 XXXX ( Kraken Support ) XX/XX/2021, XXXX PDT Hello XXXX, Thanks for your patience. Your Kraken account has been unlocked, but trading and withdrawals will remain temporarily locked until you complete the following steps. We kindly ask you to sign into the account and complete the following : Generate a new Sign-in 2FA using an Authenticator App or XXXX. Delete any unfamiliar withdrawal addresses. To delete a withdrawal address : click 'Funding " > click 'Show all assets ' > select 'Withdraw ' next to a specific cryptocurrency > Select 'Manage ' > click X in the red box to delete the withdrawal address. Please take note of any unfamiliar withdrawal addresses before replying to this email as they may be removed by our system before your account is restored. We highly recommend you delete any API keys on the account and regenerate new ones. We highly recommend removing any Active Sessions or Devices that you do not recognize. Please take note of any unfamiliar IP addresses before removal, as they will not be visible for review later. Once you've completed the steps above, let us know in a reply to this email so we will unlock trading and withdrawals on your account. Kind regards, XXXX XXXX Client Engagement Keep your Kraken account secure with these tips : Add an Authenticator App or Yubikey for Login : https : //support.kraken.com/hc/en-us/articles/360000426923 Beware of Phishing Scams : https : //support.kraken.com/hc/en-us/articles/115012482687-Beware-of-Phishing-Scams Protect your account using a strong and unique login password that you do not use for anything else. We recommend you change your password regularly. Your request ( number XXXX ) is currently marked in our system as Pending, which usually means we are waiting for additional information from you before we can solve your issue. XXXX ( Kraken Support ) XX/XX/2021, XXXX : Hello XXXX, Thanks for your patience. Your Kraken account has been unlocked and your Sign-in 2FA has been removed but trading and withdrawals will remain temporarily locked. Important, please read through this email in full detail. Before proceeding with the next steps, we recommend you review your recent browsing history and provide us with any Kraken URL that differs from http : //kraken.com/ so we can report them and have them taken down. Please do not navigate to the page and never enter your credentials anywhere other than http : //kraken.com/ You must complete the following steps and reply with the requested response before we can unlock trading and withdrawals on your account. After further review of your account security we would like to advise you on the following : Do not use search engines to navigate to https : //www.kraken.com - even the most reliable search engines can lead you to a phishing website ( especially the most used ones! ). Do not use links suggested in your browser 's URL bar to navigate to https : //www.kraken.com - this practice can still lead you to a phishing website. Avoid clicking on suspicious links prompting you to enter your credentials. Only enter your credentials if the URL is https : //www.kraken.com/sign-in Bookmark the Kraken sign-in page on your browser or device to avoid the use of search engines or other means to find links to Kraken. Beware of phishing scams. See this support article for more information. Delete your browsers ' history and cookies to avoid automated suggestions of phishing links you may have navigated to in the past. We kindly ask you to sign into the account and complete the following steps : Generate a new Sign-in 2FA using an Authenticator App or XXXX. Delete any unfamiliar withdrawal addresses. To delete a withdrawal address : click 'Funding " > click 'Show all assets ' > select 'Withdraw ' next to a specific cryptocurrency > Select 'Manage ' > click X in the red box to delete the withdrawal address. Please take note of any unfamiliar withdrawal addresses before replying to this email as they may be removed by our system before your account is restored. We highly recommend you delete any API keys on the account and regenerate new ones. We highly recommend removing any Active Sessions or Devices that you do not recognize. Please take note of any unfamiliar IP addresses before removal, as they will not be visible for review later. Ensure that your account is secured to your satisfaction. We highly recommend enabling a Master Key using a different device or a different method than the one used for your Sign-in 2FA. Review this support article for further information on securing your Kraken account and digital life. Once you have completed the steps above, please copy and paste the following line into a reply to this email and we will unlock trading and withdrawals on your account : " I hereby confirm that I have secured my Kraken account and I would like to unlock withdrawals and trading. I also confirm that I have read and understood the information given on avoiding phishing scams. '' We look forward to your reply. Kind regards, XXXX XXXX Client Engagement To the best of my knowledge I was not phished. I take phishing classes every year to keep my qualification up in my employment for both the XXXX XXXX and XXXX XXXX. I was never solicited to go to a Kraken Crypto Exchange site. Nor did I go to any site that was not Kraken.Com. I have antivirus and when I ran it on my computer I had zero viruses or malware. My third-party authenticator was on my phone, not my computer, equaling two separate devices. I never conducted any trades from my phone or signed into the Kraken Exchange. A complaint with IC3.Gov with negative results on any replies. I am respectfully requesting Proof from Kraken that they sent me emails of the transactions and to reverse the exact coins that were stolen from their Exchange. Another Clue as to why I think this was done on the backend of the Kraken Exchange was because I was locked out of the account just prior to the theft. Once I tried to log in, its my opinion it alerted the suspects Trojan Horse in the backend of the Krakens Exchange that had logged in earlier from the spam IP Address. This gives the appearance that I led the suspect in or was doing the transactions myself. But was never able to get in, See Browser History : My Activity on XX/XX/2021 : XXXX Browser XXXX XXXX XXXX XXXXXXXX & XXXX & XXXX https : //www.kraken.com/en-us/prices? quote=USD XXXX XXXX Web Search clicked on a Kraken.Com Sight ( See highlighted link that was clicked ) https : //www.kraken.com/reset-password XXXX XXXX Kraken.com website to create a new password https : XXXX? XXXX XXXX XXXX XXXX Web Search clicked on a Kraken.Com Sight ( See highlighted link that was clicked ) https : //www.kraken.com/reset-password XXXX XXXX Kraken.com website to create a new password https : //www.kraken.com/sign-in XXXX XXXX sign in page to Kraken.com https : //www.kraken.com/reset-password XXXX XXXX- Kraken.com website to create a new password https : //www.kraken.com/sign-in XXXX XXXX sign in page to Kraken.com The suspect also knows Krakens protocols to delete browser history. I was given instructions to delete evidence needing to investigate this case ( delete Browser History ). See Below : XXXX : XXXX XXXX XXXX XXXX XXXX Tue, XX/XX/XXXX, XXXX PM to me # # - Please type your reply above this line - # # Thanks for contacting Kraken Support. Your request ( XXXX ) has been received. We'll reply to your ticket as soon as possible, but in some cases it can take several days if we experience a heavy volume of requests. We have site content that answers many of the most common support questions. Please take a moment to visit the pages below and see if your question is answered there. https : //support.kraken.com/hc/categories/200119723-Kraken-Help-Center https : //support.kraken.com/hc/categories/200187143-Kraken-Trading-Guide https : //www.kraken.com/help/api If you're able to solve your request before we reply, we'd be grateful if you let us know by replying to this email. Thanks for your patience. Youll be hearing from us soon. The Kraken Support Team XXXX ( Kraken Support ) XX/XX/2021, XXXX PDT Hello XXXX, Thank you for your patience. According to our review, on XXXX XXXX XXXX a successful sign in was made on your account from XXXX XXXX using your valid credentials including a valid 2FA codes. If you do not recognize the IP above then you may ha ve been a victim of a Phishing attack where a user 's credentials ( username, password, 2FA codes, etc. ) have been captured in some way - usually through a phishing website, email or similar. After a successful sign in, a withdrawal address ( XXXX ) was added and approved on your account on XXXX XXXX XXXX from XXXX XXXX. The assets on your account was then converted into XXXX and was withdrawn to the above address. It's important to note that whenever a new cryptocurrency withdrawal address is added on a XXXXaken account, an email notification is always sent to the registered email address. Our system data confirms that you have received an email notification for this address and the withdrawal address was subsequently approved via your email account. Unfortunately, we are unable to assist with the recovery of any disputed funds due to the irreversible nature of cryptocurrency transactions. For Compliance reasons, a detailed discussion on this matter can only be conducted with a verified law enforcement official. We advise that you file a police report and ask that law enforcement officials responsible for this investigation contact us by submitting the Compliance and Legal Support Request Be sure to provide them with your public account ID and/or this ticket number ( XXXX ) for referencing. Important : To expedite the process, please reply to this message stating that you authorize us to share company data regarding your account with law enforcement. Also, please ensure that the law enforcement agency include a statement in their request to Kraken that you ( our client ) authorize the company to provide data directly to the law enforcement agency without a court order. You must do both. If you omit either step - you providing consent directly to us or the law enforcement agency informing us about that consent - then we may be delayed in providing your account information. In the meantime, we are pleased to inform you that your Kraken account is once again fully operational. We appreciate your patience and understanding during this process. XXXX ( Kraken Support ) XX/XX/2021, XXXX PDT XXXX XXXX - Given your position and the positive relationship we have with law enforcement, we have done an additional review of your account. Unfortunately, every indication in our logs and records suggests that you either have malware on your computer that captured your credentials or that you entered your credentials- including your 2FA - into a phishing site. Those credentials were then used to access your account. The attacker then added and confirmed a new withdrawal address and removed funds. Given that the withdrawal address was confirmed through your e-mail, it is highly likely that you either entered your e-mail credentials into a phishing site or that you have malware on your computer. Unfortunately, given that your credentials and e-mail account were used for the withdrawals, we are not in a position to reimburse you for any funds lost. If you require additional logs or records on this matter, we are happy to provide them. Best Regards, XXXX XXXX Client Engagement https : //www.kraken.com Beware of crypto investment scams and other types of fraud. We advise you to read our blog post for more information. https : XXXX Be informed of your Privacy rights here : https : //www.kraken.com/legal/privacy Follow us on XXXXXXXX XXXX XXXX Your request ( number XXXX ) is currently marked in our system as Solved, which means we think your issue has already been resolved. If it has not yet been resolved, let us know by replying to this email. To protect your personal information, we ask that you delete this email thread. This email is a service from Kraken Support. Delivered by XXXX.

Frequently Asked Questions

Disclaimer

This analysis is AI-generated based on publicly available CFPB complaint data. It does not constitute financial or legal advice.

Related Pages

• Payward Ventures INC. DBA Kraken Company Profile
• Money transfer, virtual currency, or money service Complaints
• Fraud or scam Complaints
• Florida Complaints
• Company Rankings
• Company Directory
• Search Complaints