Whitebittrades.com: “WhiteBIT” Clone That Lured a California Investor with Fake Profits

--

Press enter or click to view image in full size

A Clone Built on a Stolen Name

When a 62‑year‑old retired software engineer from San Jose, California, saw an ad for Whitebittrades.com, he thought he was dealing with a trusted brand. The platform’s name was a deliberate misspelling of WhiteBIT, a legitimate European cryptocurrency exchange that has operated since 2018, serves over 35 million customers, and is widely recognized as the largest European centralized exchange by traffic. But Whitebittrades.com had no connection to the real WhiteBIT. It was a clone — a fraudulent website built to steal the reputation of a trusted name.

The victim was added to a WhatsApp group run by individuals who called themselves “Professor Michael Chen” and “Sophia.” They were warm, patient, and never pushy. Over several weeks, they posted what appeared to be wildly successful trading signals. Other “members” of the group — almost certainly bots or paid actors — posted daily screenshots of their profits. The group felt like a family. The victim had no way of knowing that he was being carefully groomed for a financial slaughter.

When the victim tried to withdraw his funds — which his dashboard showed as over $1.2 million — the platform froze his account and demanded escalating fees. By the time he realised the truth, he had lost $430,000.

Security platforms had already flagged the domain. Scamadviser gave whitebittrades.com a low trust score, noting that the owner was hiding their identity on WHOIS, the site had very few visitors, and the domain was registered only recently. Gridinsoft classified a related domain, whitebit.trade, as a “crypto fraud source” with a trust score of just 9/100, warning of fake token sales, unrealistic return promises, and wallet‑based social engineering attacks. The Russian review platform Metkaplus exposed the site as a “typical example of fraud built on lies and manipulation,” noting that the domain was registered only in February 2025 — contradicting the site’s claims of “years of experience.”

But the victim never saw any of these warnings.

The Anatomy of the Fraud

Phase 1: The WhatsApp “Professor” Who Built Trust

The victim received an unsolicited WhatsApp message from a woman who called herself “Sophia.” She was warm, patient, and never pushy. Over several weeks, they talked about his family, his retirement, his grandchildren. She seemed genuinely interested. She never asked for money — only for trust.

One day, she mentioned that she had been making easy money trading on a platform called Whitebittrades.com. She said it was the “VIP trading arm” of the legitimate WhiteBIT exchange and that she could show him how to access exclusive AI‑powered trading signals.

Phase 2: The “Test Drive” That Worked

“Sophia” offered the victim a “test drive.” She said the platform would deposit $5,000 of its own capital into his account to prove the system worked. The victim risked nothing.

Within a week, his dashboard on Whitebittrades.com showed the $5,000 had grown to $8,600. He requested a withdrawal of $500 — it landed in his bank account the next day. That single success lowered his guard completely.

Phase 3: Scaling Up — $430,000 Invested

“Sophia” then encouraged the victim to “scale up.” She explained that Whitebittrades.com had a tiered VIP program with higher returns for larger deposits. The victim added $100,000 from his savings, then $150,000 from a home equity line of credit, then another $180,000 through a “private lending partner” introduced by the scammers.

His dashboard showed his total value soaring past $1.2 million. He began planning a family trip to the Grand Canyon.

Phase 4: The Trap Snaps Shut — Endless Fees and Frozen Accounts

When the victim tried to withdraw $500,000, the platform returned an error. “Sophia” introduced him to a “compliance officer” named “James.” James said he needed to pay a “liquidity licensing fee” to unlock his funds. The scammers demanded escalating fees — first $25,000, then $35,000, then $45,000.

The victim paid — but the demands continued. His account was frozen. “Sophia,” “James,” and the entire WhatsApp group vanished. The website remained accessible, but his funds were gone.

Total lost: $430,000.

What the Security Reports Already Showed

Scamadviser: Low Trust Score — Hidden Owner, Recent Registration

Scamadviser gave whitebittrades.com a low trust score, concluding that “the website may be a scam”. The algorithm flagged several critical issues:

• Hidden ownership. The website owner was hiding their identity on WHOIS — a major red flag for fraudulent platforms.
• Very few visitors. The site had a low Tranco rank, indicating limited traffic.
• Recent registration. The domain was registered only recently, a common tactic used by scammers to avoid detection.
• Suspicious server. Other suspicious sites were hosted on the same server.

Gridinsoft: “Crypto Fraud Source” — Trust Score 9/100

Gridinsoft’s security analysis of whitebit.trade — a related domain in the same scam network — gave the site a trust score of just 9/100, classifying it as a “Krypto-Betrugsquelle” (crypto fraud source). The analysis flagged:

• Domain age only 60 days. The domain was registered through Global Domain Group LLC with hidden ownership.
• Blacklist detections. The site was detected on multiple blacklist engines.
• Fake token sales and unrealistic return promises. Classic indicators of crypto fraud.
• Wallet‑based social engineering attacks. Scammers attempt to steal seed phrases and wallet permissions.

Legitimate WhiteBIT: No Connection to the Scam

The real WhiteBIT exchange is a legitimate, regulated platform founded in 2018, serving over 35 million customers worldwide. It is recognized as the largest European centralized cryptocurrency exchange by traffic, offering over 900 trading pairs and supporting 8 fiat currencies. The company holds a valid operating license and is registered with financial authorities. Whitebittrades.com had no connection to the legitimate WhiteBIT — it was a clone, built to steal the brand’s reputation.

Red Flags the Victim Missed (And You Shouldn’t)

• Unsolicited WhatsApp contact. “Sophia” reached out of the blue. Legitimate investment firms never recruit clients through unsolicited WhatsApp messages.
• A “professor” with no verifiable credentials. “Professor Michael Chen” had no online presence. His photo was likely AI‑generated or stolen.
• A WhatsApp group with “guaranteed” profits. The “members” were almost entirely bots. Real investment groups do not operate this way.
• “Demo money” that disappears. The $5,000 test credit was just a number on a screen. Once real funds were deposited, the rules changed.
• Escalating fees to withdraw funds. No legitimate exchange demands “liquidity licensing fees,” “network processing fees,” or “commission fees” to release your own money.
• A young domain with hidden ownership. The domain was registered in February 2025 — contradicting the site’s claims of “years of experience.” WHOIS data was completely hidden.
• The real WhiteBIT had no connection to the platform. A quick check of WhiteBIT’s official website would have revealed that whitebittrades.com was not an affiliate.
• The Metkaplus warning was public. The Russian review site had already exposed Whitebittrades.com as a fraud, but the victim never checked.
• The platform was unregulated. Whitebittrades.com held no license from the SEC, CFTC, FCA, or any recognised financial authority. Trading with an unregulated provider carries severe risks — once funds vanish, recovery is often impossible.

How AYRLP Helped Recover 60% of the Loss

After the victim realised he had been scammed, he contacted AYRLP, a UK‑based blockchain forensic firm certified by the Financial Conduct Authority (FCA). AYRLP’s forensic analysts traced the stolen cryptocurrency across multiple exchanges and worked with international authorities to freeze a portion of the assets.

Through AYRLP, the victim secured a 60% return of his lost $430,000 — approximately $258,000. While not a full recovery, it was enough to prevent financial ruin.

“I thought my money was gone forever. AYRLP helped me get back more than half. I can finally start rebuilding.”
— The victim

Final Warning: Always Check the Registers

The Whitebittrades.com scam is a textbook example of how fraudsters weaponise the names of legitimate exchanges, social grooming, and unregulated platforms to steal retirement savings. Scamadviser gave the domain a low trust score, Gridinsoft classified it as a crypto fraud source, and Metkaplus exposed its fraudulent registration date and fake office address. The real WhiteBIT exchange had no connection to the scam. Those warnings were available to anyone who searched for the platform before investing.

Before you trust any online trading platform, always:

• Verify the domain — a single misspelling of a trusted brand is a major red flag. The legitimate WhiteBIT operates at whitebit.com.
• Check the platform’s registration with your local securities regulator (in the US, check the SEC’s EDGAR database; in the UK, use the FCA Firm Checker).
• Check Scamadviser and Gridinsoft for trust scores before depositing any money.
• Be sceptical of any platform that offers “demo money” or charges fees to withdraw your own funds.
• Verify the domain’s age using WHOIS lookup. New domains with hidden ownership are major red flags.

If you or someone you know has been victimised by Whitebittrades.com or a similar scheme, contact the FBI’s IC3, your state securities regulator, and a reputable blockchain forensic firm like AYRLP immediately.