The Bitcoin Purchase Scam

bitcoin purchase scam

The Bitcoin Purchase Scam is rather common right now, and I’d recommend you become familiar with it. It is just another Thank-You-For-Your-Purchase scam, and there is no truth to what’s in the message.

In short, this scam’s email announces a charge for a Bitcoin purchase you didn’t make. That’s because there was no purchase, but the scammers are hoping that you don’t know that. They want their victims to react quickly and reach out. Anyone calling the stated phone number will speak to a cybercriminal who is all too ready to lie lie lie and steal your money.

But here’s a longer, Too Many Words version, from a fresh incident that I just helped a client recover from:

From a Recent Service Call:

Today’s caller asked me to check over his computer, because he’d had some unauthorized transfers on his bank account. His bank couldn’t explain it to him, so they recommended he have his PC checked. I asked him a few questions about possible scams, but nothing rung a bell. So I dug in and eventually picked out the history and whole story of the scam.

About a month ago, he’d received this email, became concerned, and called who he thought was Paypal. It was not Paypal, it was instead some crook in Scamdinavia.

bitcoin purchase scam
Don’t ever call the numbers in these emails. No good can come of it!

The scammer on the phone told my client some convoluted story, in order to convince him to install Anydesk and DWAgent (remote control software) on the machine.

I don’t know the in and outs of the scammer’s claims, but browser history from the PC showed that they’d visited the Paypal website, as well as Western Union. Perhaps they attempted some money transfers, but I don’t think they succeeded. And then things went quiet for a few weeks. But the scammer was playing The Long Game. He retained his remote-access to the computer and bided his time….

And more sketchy activity began a couple of weeks later: New remote control software (Supremo & RealVNC) was added to the system last week. And then someone installed a covert keylogger as a Chrome extension. My client didn’t recall any new phone calls, so I had to conclude that they were accessing the computer without his knowledge. They were adding these programs and attempting more bank transactions using his computer, while he was away or asleep.

For my part, I removed all of these control apps and crimeware. The Supremo was a challenge, as they’d put a password on it, but I persevered. In less than an hour, we had answers and a safe-to-use computer again. But the client still has plenty of work to do. Following up with the bank, changing passwords, chasing after money to see what, if anything, can be clawed back… I wouldn’t wish this stress on anyone.


Please, if you’ve read this far, understand that these crooks will go to great lengths to steal your money. Be suspicious of anything unexpected that arrives on your computer or phone. Try to verify things independently from any call or email that has you worried. And if it gets too complicated or overwhelming, just shut everything down and go talk to a friend. Sunlight is the best disinfectant.

If you’ve received an email you are concerned about, feel free to forward it to me! I will write you back with my professional opinion as to if it is fake or legitimate. And if you’ve been had, you may call me and hire me to clean your computer. But call your bank first, prioritize your financials over your technology!

Leave a Comment