MoonPay Execs Swindled in $250K Crypto Scam – A Cautionary Tale for Web3

Crypto's wild west strikes again—this time, snagging the very players who should know better.

The Setup: Senior brass at MoonPay, the fintech darling bridging fiat and crypto, allegedly got duped in a slick quarter-million-dollar heist. No iron vaults cracked here—just good old-fashioned digital deception.

The Irony: These are the folks who help institutions navigate crypto's choppy waters. Yet when the tide turned? They washed up like rookie traders chasing memecoins.

The Takeaway: Even in 2025, the golden rule holds—trust nothing, verify everything. Especially when Wall Street's 'web3 experts' still confuse private keys with house keys.

Scammer employed ‘insulting typo’ to imitate a public figure

Unlike other crypto-crimes that rely on hacking or exploiting blockchain vulnerabilities (and perhaps for that reason alone), this scam was executed through deception through discreet email manipulation.

The scammers employed bogus email addresses nearly identical to correct ones — substituting a capital “I” for a lowercase “l” in domain names — to deceive their targets. In this situation, emails were sent from [email protected] and [email protected] — addresses spoofing the names of well-known people and events.

This practice, called typosquatting, is used frequently in phishing scams and has proven effective at scamming even professionals who are security aware.

“IP geolocation data consistently showed emails from these accounts originating from Nigeria, and not the United States,” the DOJ filing says. According to the authorities, Aigbokhan likely obtained the USDT due to a scam involving an international money transfer in the US.

The con artists didn’t have to hack into or exploit the blockchain in any way; they only needed a ruse and a convincing pitch to steal the funds.

Wallet activity raises further doubts about MoonPay

The filing noted that one of the wallets involved in the scam is a marked MoonPay wallet on Etherscan, suggesting that the individuals affected are likely Ivan Soto-Wright and Mouna Ammari Siala.

As of press time, MoonPay has not yet publicly replied to requests for comment from multiple outlets, including The Block and NOTUS.

The timing of the case is particularly delicate. And in the latest expansion, MoonPay, a popular payment infrastructure for cryptocurrency purchases, made its services available in only a few US states. Still, last month, the NYDFS granted it a BitLicense, which has the consequence of allowing the company to operate in all 50 United States. It is one of the most difficult-to-obtain crypto regulatory licenses in the US and vital for doing business in the financial capital.

The incident may raise additional questions about MoonPay’s internal security controls, vetting processes, and executive oversight, particularly if the victims in this case had indeed used the official company wallets to conduct what seem to be personal or poorly vetted transactions.

Amid the boom in crypto adoption, the case is a sobering reminder that no one is immune to digital fraud, not even the executives of companies that help build the infrastructure of the crypto economy.

Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now