Crypto Con Alert: Scammers Target Old Bitcoin Wallets with Phony Legal Threats
Forgotten Bitcoin wallets are getting fresh attention—from fraudsters. A new scam preys on long-dormant holders, deploying fake lawyers and fabricated legal claims to strong-arm victims into surrendering their keys.
How the scheme works: Scammers identify inactive wallets (some dating back to the 2010s), then send threatening letters demanding access under false pretenses—tax audits, inheritance disputes, or 'security reviews.' The letters appear legit, complete with forged law firm letterheads and references to real regulations.
Why it's spreading: With Bitcoin hovering near all-time highs, old wallets now hold life-changing sums. Criminals are betting owners won't verify legal threats—especially if they acquired coins anonymously years ago.
Protect yourself: Never share private keys. Verify any legal notice directly with authorities—not via contact details in suspicious correspondence. And remember: if a 'lawyer' demands crypto instead of fiat, it's not just unethical—it's probably illegal.
Bonus jab: The only thing growing faster than Bitcoin's price? The creativity of people trying to steal it.
Bitcoin Scam Alert
The LINK embedded in the OP_RETURN string resolves to a slick website branded “Salomon Brothers,” complete with an “advisory board” of genuine 1980s bond-trading luminaries. The site claims to have taken “constructive possession” of the dormant wallets and gives any “bona fide owner” ninety days—until 5 October 2025—to prove ownership or forfeit all rights. Proof, it says, can be provided either by signing an on-chain transaction or by submitting personal information through a web form.
BitMEX Research calls the set-up “a Calvin Ayre-style legal scam,” echoing past attempts by Craig Wright and associates to seize the Mt. Gox coins via creative legal theories. Independent investigators agree: security analyst @0xZilayo labelled the OP_RETURN notices “most definitely phishing attempts and have no legitimacy.”
The scam coincides with a burst of coordinated activity uncovered by blockchain sleuths. On 4 July—a US holiday that saw record-breaking on-chain movement—80,000 BTC were transferred out of eight decade-old wallets within minutes of each other, each wallet having first received a trio of OP_RETURN messages culminating in the “Salomon Brothers” notice.
Researchers believe the scammers are exploiting OP_RETURN because the opcode lets them “graffiti” arbitrary text onto the blockchain without spending significant funds, guaranteeing that any future owner—or curious on-chain watcher—will see the notice.
BitMEX’s advice is blunt: “Do NOT fill in this form.” Anyone holding coins in an address that receives one of these messages can prove control safely by moving funds to a fresh wallet; anyone without the private key has nothing to gain and much to lose by responding. Law-enforcement agencies have been notified, but no jurisdiction has yet announced an investigation.
The episode underscores a growing trend: attackers are reaching back into Bitcoin’s early history, exploiting both technical primitives (OP_RETURN messaging) and legal grey areas to monetize dormant or stolen coins. It also highlights the enduring magnetism of the Mt. Gox saga, which—more than a decade after the hack—still tempts opportunists to stake spurious claims on the exchange’s missing treasure.
For now, the safest course is to treat any unsolicited legal notice broadcast via the blockchain with extreme skepticism. In Bitcoin, possession of the private key remains the only proof of ownership that matters—no matter what an OP_RETURN string or a glossy website might say.
At press time, BTC traded at $108,811.