Articles Posted in Cryptocurrency

Stoltmann Law Offices is a Chicago-based securities and investor rights law firm dedicated to a nationwide practice to recover money lost by investors as a result of the misconduct of financial advisors and their brokerage and investment firms. We have prosecuted at least one hundred cases over the years against Morgan Stanley and were not surprised to learn about David Todd Levine and his being barred by FINRA, the State of Colorado, and the Securities and Exchange Commission. These bars were “by consent” meaning none of the allegations made against Mr. Levine were proven. It just means instead of fighting them, Mr. Levine will instead never be able to legally provide investment advice to anyone for the rest of his life.

According to an Order Instituting Administrative Proceedings (OIP) filed by the SEC, which parroted claims made by the Colorado Securities Commissioner, Mr. Levine recommended that clients invest in a Bitcoin investment being run by his brother. In so doing, Mr. Levine allegedly failed to disclose that his brother was a fugitive from the law in the United States, living abroad. The Commission further alleged that Mr. Levine failed to disclose this criminal history to any of his clients and further failed to verify the legitimacy and ownership of the Bitcoin that was apparently part of this investment scheme. The SEC also alleged that Mr. Levine failed to develop a method for ensuring the transfer of funds and Bitcoin, which allowed his brother to steal $1.5 million. Levine also allegedly failed to disclose the high risk nature of this investment scheme.  If you are a victim of Mr. Levine’s alleged Bitcoin scam, and you were a client of his and Morgan Stanley, you could have a viable claim to pursue against Morgan Stanley.

Although it is alleged that Levine failed to disclose this investment and his involvement in it to Morgan Stanley, that does not automatically release Morgan Stanley from potential liability.  Whether Morgan Stanley can be found liable by FINRA arbitrators depends on two issues regardless of disclosure by Levine.  1) Were there sufficient red flags that Levine was soliciting his clients to invest in this Bitcoin investment so has to put Morgan Stanley on constructive notice of it? 2) Were clients reasonable to believe that Levine was acting within the course and scope of his employment with Morgan Stanley in recommending an investment in a Bitcoin related deal? Typically, advisors leave enough of a paper trail behind them that reasonable supervision and compliance should discovery this sort of outside activity. Levine was offering it to Morgan Stanley clients after all, so a few phone calls by Morgan Stanley and they would have uncovered what was happening. Moreover, investors would certainly be reasonable in assuming what Levine was doing was legitimate and was through or at least tacitly approved by Morgan Stanley.  This “apparent agency” issue could make Morgan Stanley liable for your losses. Courts agree. See McGraw v. Wachovia Securities, 856 F. Supp. 2d 1053 (N.D. Iowa 2010).

Stoltmann Law Offices has previously alerted consumers that their brokerage firms can be held responsible for theft in their brokerage, bank, or cryptocurrency accounts as a result of hacking. We have been successful in recovering these losses from brokerage firms for our clients. That is because the regulations are very clear on the supervision and compliance procedures that these firms must execute to protect their clients and their hard-earned savings.

FINRA Rule 3110 requires brokerage firms to establish and maintain a supervisory system to achieve compliance with applicable securities laws and regulations. Included in this supervisory system is the requirement to safeguard customer funds and securities and to inspect the “transmittals of funds (e.g., wires or checks, etc.) or securities from customers to third party accounts; from customer accounts to outside entities (e.g. banks, investment companies, etc.)…” (FINRA Rule 3110(c)(2)(A)).

Firms are further required to comply with the Gramm-Leach-Bliley Act Safeguards Rule (Regulation S-P) and the Identity Theft Red Flags Rule (Regulation S-ID). Pursuant to Regulation S-ID, this includes having an Identity Theft Prevention Program with procedures to identify, detect, and respond to red flags of identity theft. 17 CFR §248.201(d).

Stoltmann Law Offices, P.C has represented SIM-Swap hacking victims and continues to investigate ongoing claims related to this sordid scam impacting many people.  A story reported by CNN last week went into detail about a specific victim in San Francisco. According to the story, Robert Ross had over $2 million stolen from him when his phone was hacked through a process called “SIM-Swapping” or “SIM-Jacking.” Like so many of these victims, Mr. Ross was a crypto-currency investor and those were the funds that were stolen from him.  Mr. Ross is suing his cellular provider, AT&T, for its role in enabling the fraudsters who stolen millions from him. The outcome of that lawsuit is far from certain. However, Stoltmann Law Offices continues to monitor updates on these SIM-Swapping scams and are fully engaged in prosecuting cases on behalf of victims against their cellular providers.

These cases are not highly technical or difficult to grasp once you understand some of the basics. First, its important to understand one bit of technical jargon.  What is a “SIM” card? A “SIM Card” is a memory chip contained inside a mobile phone which carries a unique identification number specific to the owner, stores the owner’s personal data, and disables the mobile phone if removed. SIM Swapping is a means of infiltrating someone’s cellular world by taking control of the user’s SIM Card and have it activated in a phone controlled by the scammer, without stealing the phone or breaking it open to actually remove the SIM card. Here, the infiltration is virtual and once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to emails, brokerage accounts, bank accounts, and cryptocurrency virtual wallets.

The scheme is so incendiary because it takes advantage of two-step authentication – something we’ve all been told for years to have set up to PROTECT us from hackers.  Here’s how it works: The crook convinces AT&T (or Verizon, Sprint, or T-Mobile) that he is the account owner. The crook accomplishes this typically by making up a story why the phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet. The CNN story about what happened to Mr. Ross – noticing his cell phone had no service, or “zero bars” for no apparent reason – is the first indication your SIM has been compromised.

Crypto related currencies have been called a lot of things. The next big thing. A bright, shiny object.  When top financial regulators say they aren’t comfortable that they haven’t learned about the full dangers of crypto, you’re wise to be wary too. Investment promoters often try to convince hungry investors they can turn hot topics of the day from oil and gas fracking to self-driving cars into wealth.

But often the only wealth that surfaces from their drumbeat is an abundant pile of victims.  Crypto crooks stole over $4 billion from investors this year, the blockchain consulting firm CipherTrace warned in a new study.  Even the sophisticated are vulnerable and increasingly so.

“Exchanges and users are facing a greater sophistication in the tactics, techniques and procedures (TTPs) cybercriminals are using to target the cryptocurrency space. In the case of exchange robberies, hackers have developed advanced methods to overcome even the current “best practice” security in place at the more vigilant exchanges,” CipherTrace cautioned.

Stoltmann Law Offices, P.C is currently representing an AT&T customer whose cell phone was hacked by a crook who then gained access to this virtual wallet and stole cryptocurrency.  Unfortunately, what happened to our client is not an isolated incident. AT&T customers nationwide have been falling victim to a scam known as “SIM Swapping”. This hacking scam is not a sophisticated attack and AT&T has legal obligations to protect its customers’ personal and private information from unauthorized exposure.

SIM Swapping is a fraudulent scheme where a scammer impersonates an AT&T customer to gain access to the customer’s SIM Card and have it activated in a phone controlled by the scammer. Once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to a frightful number of internet accounts, including email providers. Here’s how it works in the simplest terms: The imposter convinces AT&T that he is in fact the customer, and makes up a story why his phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet.

These hackers are obviously breaking the law. One such hacker, Joel Ortiz, was arrested and charged with over a dozen counts of wire fraud and other related charge in July 2018. It was alleged he hacked at least forty phone numbers and stole more than $5 million in cryptocurrency. On January 25, 2019, Ortiz accepted a plea deal and was sentenced to ten years in prison.

CNBC
FOX Business
The Wall Street Journal
Bloomberg
CBS
FOX News Channel
USA Today
abc NEWS
DATELINE
npr
Contact Information