At first, this was good for a laugh. Someone actually believed they were being contacted by Selena Gomez for help. How gullible can someone be! Here is the first part of the report that the victim filed with the Better Business Bureau.
At this point you’d still have to wonder how the victim is falling for this obvious scam. Doesn’t this person have any doubts? Well, yeah, they do, but they’re overwhelmed by the slim chance of really meeting Selena.
Time goes by but the victim is still entertaining hopes that this really is Selena and continues to hang on to the chance of meeting her. It is then we find out why he is living in this delusion. He writes, “Selena claimed that her frozen bank account is held at the following website: accounts-rothdechild.com . She allowed me to log onto her account. The net worth in this account looked similar to Selena’s publicized net worth. Also, the transfers into this account looked believable. This is partly what caused me to fall for Selena’s stories.”
This is a different twist to an old scam. But you’d think the person would ask: Who on Earth would ever give the login information to their bank account? The scammers may have realized they had a wealthy phish on the line. They needed to keep the victim’s confidence so they could exploit them futher. Why not show them Selena’s bank account? And it worked. The victim now believed there was a fair chance it really was Selena they were talking to.
So I went to the purported banking site and took a look at the login.
The victim has the login credentials but, if you didn’t have them, you would have to enroll. However, if you try to enroll, you will be sent here.
You would probably notice that there is some confusion as to what bank you are actually enrolling in. Tricadia Savings appears above the download button, but the message is signed by Rothdechild Savings. In the end, it doesn’t matter since the download button leads to a dead link. If you try to find Tricadia Savings, the best you will do is be directed to a scam investment site. However, the scammers use this name in other places on the website. My guess is that they had used this scam in the past and had a spoofed banking site called, Tricadia Savings. They simply didn’t have the time to change all the references in their new site.
I have also discovered that a lot of the information on this site is taken from the Wesray Capital Savings site. Other fake sites the scammers may be using are Beulah Savings, Wintrest Union Bank, where you actually can ‘enroll’ and give up lots of personal information, Mid Premier Savings where, if you go here and click, ‘read more’, you’ll read about making compost, (this also occurs at the Defence Einancial Banking site). The Turkey Offshore Banking site is also suspect. In other words, these scammers have been around for a while and have been pulling in a lot of money, but more on that later.
The scammers must have had the victim’s mobile number by this point and used it to send him/her the OTP, either that or they received the OTP and sent it on to the victim. This would stop the victim from scamming the scammers by transferring money into his/her account. I could not log into this account using normal trickery. They had clearly targeted this person and must have had access to some of their social media accounts as well, especially their Instagram account. I should note that I was able to set up a fake account with Wesray Capital Savings using a temporary email address and fake information. The scammers could have done the same and even made some fake transactions to fool the victim. Keep in mind these scammers had enough money to do this. If what the victim says is true; that the account had money equal to Selena’s net worth, then these scammers must have made a lot of money. Selena Gomez’s net worth is listed at $90 million. Anyway, here is my fake account. The email is no longer valid.
With the victim’s renewed trust, the scamming continued.
My guess is the scammers got hold of the victim’s Instagram account and could see where messages were being sent as well as read them. I assume the victim saw videos of her speaking but maybe they were with subtitles. There are several actual photos online of Selena holding notes. These could have been used on the victim. But it’s also possible that the message mentioned here could have been Photoshopped on to one of these photos to make it look personal. The victim reports chatting to Selena and multiple people associated with her, but anyone can pretend to be anyone when chatting. And what about her license? Well, take a look at this from Twitter. It’s a passport, but it would work.
To the victim’s credit, he or she made several phone calls in an attempt to validate that this was the real Selena. The victim called the real Rothschild Bank as well as the Secret Service and both disavowed any connection to Selena Gomez. You would think this would have confirmed the victim’s suspicions, but it did not.
Apparently, the victim did much of the monetary transactions through cryptocurrency; mainly bitcoins. After painstakingly investigating each bitcoin account listed by the victim, I found that these accounts received a total of $566,926 worth of bitcoins at the current rate. It should be noted that the total could be even double this amount if the current decline in bitcoin value in terms of dollars is taken into account. In addition, one bitcoin address was invalid and may have been typed in wrong. This all seems to imply that the scammers probably succeeded in tricking other victims and may have made off with up to a million dollars with this or similar scams. They also may have other bitcoin accounts.
Here are a few other points to note that may stop others from being scammed. The banking site will appear valid. A URL check will result in the site being declared legitimate. It will have a valid SSL certificate. It took a little investigating, but I finally found that the site was using an R3 certificate which was previously known as Let’s Encrypt. Let’s Encrypt gives free, valid certificates for 3 months. Here is the domain information.
Keep in mind that this site will probably only exist until July. It’s important to emphasize what a recent study found. Almost all good phishing scams, 93%, use valid SSL certificates, so the site showing up as valid when it is checked for its legitimacy is no guarantee that you won’t be scammed.
After all of the scamming, here is what the victim concludes. Remember that they posted this as a scam on the BBB and other sites so they clearly believe they were scammed. However, note the denial in this conclusion. “To reiterate: If these requests came from an impersonator of Selena Gomez, I would like to be reimbursed in full. If these requests came from THE REAL SELENA GOMEZ, I would like confirmation of whether Selena’s stories are true. I would also like to meet her in-person.”
At this point all you can do is shake your head. Denial is a form of hope and I suppose this is why hope fuels all the other evils in Pandora’s box of evils. Good luck with meeting Selena.