Today, the Spanish Financial Markets Authority CNMV issued a warning against the broker scam Monfex (www.monfex.com). SWISS-SVG Holding Ltd and TENB Ltd operate the scam; both allegedly registered in St. Vincent and the Grenadines. As payment processors, we discovered the licensed Estonian RocketBit (www.rocketbit.io) and the Gibraltar-licensed CEX.IO. Besides that, credit and debit cards, as well as e-Payouts (www.e-payouts.com), are still available as payment options. The Monfex scam has been active since the beginning of 2019.
When selecting “Cryptocurrency Exchange” on the Monfex payment page, one is redirected to RocketBit. Monfex transfers all of their client victims’ data to RocketBit vis API integration. In addition to the email address, we used to register with Monfex, the amount and Monex’s BTC wallet address are also forwarded to RocketBit. Thus, the BTCs purchased at RocketBit are automatically transferred to Monfex’s wallet. Adios money!
The cynical part is that a Fraud Alert pop-up appears on RocketBit warning about these sorts of scammers. Apparently, RocketBit is rather relaxed with the fraud of its own partners like Monfex. The purchase of cryptocurrency via RocketBit using a credit card is then made via Decta (www.decta.com). RocketBit OÜ was founded in February 2020. Natalja Sanzarova is registered as the sole director. The company has received a license from the FIU with the number FVT000253.
The crypto payment processor and exchange CEX.IO are directly integrated into Monfex. When CEX.IO is selected, the required BTC address for the deposit and the amount are shown on Monfex‘s payment page. As with RocketBit, a deep integration via API requires Monfex operators to register as a merchant. So we can assume that both RocketBit and CEX.IO know the identity of the scammers.