If you run a business that accepts cryptocurrency, you’re likely familiar with Tether (USDT). It’s the gold standard for stablecoins. However, scammers have found a clever way to exploit its popularity using a “look-alike” token called Tethre.
Here is how the scam works and how one business nearly lost thousands of dollars.
How the Scam Unfolds: The 4-Step Process
1. The “Company Policy” Setup
The scammer approaches a service provider (a freelancer, agency, or consultant) and agrees to a contract. They insist on paying in crypto but claim their company only uses the TON Network for security reasons. They then recommend a specific wallet, like OKX, to receive the funds.
2. The Kickback Hook
To build rapport and greed, the scammer says they have “inflated” the invoice by $1,000 and asks for a kickback once the payment is made. This creates a sense of a “closed-loop” deal where you feel you are gaining extra profit.
3. The “Ghost” Transaction (The Magic Trick)
This is the most dangerous part of the scam. The scammer sends a test amount of USDT.
- The Deception: They don’t send real Tether. They send a fake token named Tethre.
- The Display: In many wallets (like OKX), the token name might appear as “USDT” or look nearly identical to the real logo.
- The Validation: When the victim tries to transfer a small amount of this “fake” USDT to their main wallet (like Binance), the scammer watches the blockchain. The moment the victim initiates the transfer, the scammer manually sends real USDT to the victim’s Binance wallet.
Why this works: The victim sees the real funds land in their Binance account and assumes the funds sitting in their OKX account are legitimate.
4. The Exit
The scammer “pays” the full balance (e.g., $3,500) in the fake Tethre token. They then urgently ask for their $1,000 kickback to be sent via a different network, such as Ethereum (ERC-20). If the victim sends the kickback, they are sending real money in exchange for a worthless digital ghost.
Red Flags to Watch For
If you encounter these signs, stop the transaction immediately:
- Network Pressure: Insistence on using a specific network (like TON) for “security” when other networks are more common.
- Specific Wallet Recommendations: Being told exactly which wallet to download (this allows them to predict how the fake token will be displayed).
- Kickback Requests: Any client asking for money back from a payment they just sent is a massive red flag.
- The Spelling Check: Always verify the Contract Address of the token. Real Tether has a specific contract address; “Tethre” is a common misspelling used to bypass a quick glance.
How to Protect Your Business
- Verify the Contract Address: Never trust the name or logo of a token. Use a block explorer (like TonScan or Etherscan) to verify the Asset ID.
- Use Your Own Infrastructure: Never use a wallet suggested by a client. Stick to the tools you know and trust.
- Wait for Confirmations: If a client sends funds, try to swap a small portion for a different coin (like USDC or BTC) within the same wallet. If it’s a fake token, the exchange will not recognize it or it will have zero liquidity.
Final Thoughts
Crypto scams are becoming increasingly psychological. In this case, the scammer was willing to “lose” a small amount of real USDT ($2.33) just to prove the transaction worked and gain the victim’s trust.
Stay vigilant: If the payment process feels unnecessarily complicated, it’s probably a scam.
For business or legal advise and services in Thailand, feel free to contact UnionSPACE
