KXTRA Fraud Network Exposed: OpenPayd VIBANs, Klickl Europe Sweeps, and TFG Technology Payouts Linked To Alleged Scam Infrastructure
The KXTRA / KKR Global Investment operation appears to have been far more than a simple fake trading application. Documents and victim materials reviewed by Scam-Or Project indicate that the scheme allegedly relied on a structured payment infrastructure involving regulated and semi-regulated financial entities.
The public-facing side of the operation followed a now-familiar pattern: social media advertisements, WhatsApp-based manipulation, fake investment advisers, a polished trading application, and fabricated portfolio profits. Behind the scenes, however, the payment trail allegedly routed victim money through OpenPayd-linked accounts, onward sweeps to Klickl Europe, and partial payouts associated with TFG Technology Ltd.
According to the reviewed evidence, this was not merely a case of poor compliance controls. The financial rails themselves appear to have enabled the movement, conversion, and recycling of victim funds.
If you lost funds through KXTRA, KKR Global Investment, OpenPayd, Klickl Europe, TFG Technology, Banking Circle, Thunes, or associated crypto-payment channels, Scam-Or Project encourages affected individuals to contact the Scam-Or Project Complaints. Supporting documents may help identify the operators behind the scheme.
Executive Summary
The alleged KXTRA / KKR Global Investment structure presented itself as an investment opportunity platform while allegedly operating as a coordinated fraud environment backed by identifiable payment channels.
Victim files reviewed by Scam-Or Project show a recurring structure:
- victims were approached through Facebook and WhatsApp;
- fake advisers promoted IPO and private-equity investment opportunities;
- the KXTRA application displayed fabricated profits;
- deposits were routed into OpenPayd-linked virtual IBANs appearing to belong to the victims themselves.
One transaction file reportedly supplied by OpenPayd allegedly shows victim deposits being automatically transferred onward to Klickl Europe Sp. z o.o., a Poland-based virtual asset and crypto on-ramp provider.
The key issue is straightforward: the funds did not disappear anonymously. They allegedly moved through traceable payment infrastructure.
Apparent Payment Structure
| Layer | Entity | Apparent Role |
|---|---|---|
| Collection Layer | OpenPayd Malta | Victim-facing VIBAN infrastructure |
| Sweep Recipient | Klickl Europe Sp. z o.o. | Primary account beneficiary |
| Crypto / On-Ramp Layer | Klickl Group | Suspected crypto conversion and settlement |
| Payout Layer | TFG Technology Ltd | Partial withdrawal processing |
The fake KXTRA interface appears to have been the presentation layer. The payment infrastructure was allegedly the operational engine.
Scam-Or Project Findings
Based on victim documentation reviewed by Scam-Or Project, KXTRA appears to have served as the fraud interface, while OpenPayd, Klickl Europe, and TFG Technology allegedly played roles in the financial movement of victim funds.
If these entities were unknowingly exploited by third parties, they should now be able to provide:
- onboarding documentation;
- account ownership records;
- downstream wallet destinations;
- transaction monitoring data;
- suspicious activity reports;
- law-enforcement communications;
- termination and compliance records.
At this stage, silence raises additional questions.
Key Findings
1. KXTRA Functioned As The Fraud Front-End
Victim materials describe a coordinated fraud pattern involving:
- Facebook advertisements;
- WhatsApp manipulation;
- fake financial advisers;
- the KXTRA trading application;
- narratives tied to “KKR Global Investment” and “KKR Globale Aktienstrategie”.
Victims allegedly believed they were participating in IPO and private-equity investment strategies while being shown manipulated profits inside the application.
The operation allegedly depended not only on psychological manipulation but also on functioning financial rails.
2. OpenPayd Appears To Have Served As The Collection Layer
One criminal complaint reportedly states that victims were instructed to transfer money into OpenPayd virtual IBANs appearing in the victims’ own names.
The complaint references four transfers totaling approximately €100,500 sent to OpenPayd Financial Service Malta. Both OpenPayd Malta and Klickl Europe were identified in the payment flow.
This places OpenPayd at the center of the alleged collection infrastructure.
The issue is no longer simply whether AML procedures existed. The more important question is why regulated infrastructure allegedly became the intake layer for a suspected fraud operation.
3. Victim-Named VIBANs Increased Credibility
The use of victim-facing accounts or VIBANs bearing the victims’ own names appears to have been psychologically important to the operation.
Victims allegedly believed the funds remained under their own control because the accounts displayed their names. However, available evidence suggests these were collection sub-accounts rather than genuine investment accounts controlled by the victims.
This mechanism likely reinforced trust and encouraged larger deposits.
4. OpenPayd Transaction Data Allegedly Shows Sweeps To Klickl Europe
A second victim file reportedly originating from OpenPayd allegedly reveals internal transaction mechanics.
Incoming transfers into a victim-linked OpenPayd account were allegedly followed almost immediately by outgoing payments to:
KLICKL EUROPE SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ
Reported transaction descriptions included:
“Transfer to Klickl Europe – EUR/Sepa”
The transaction reference allegedly stated:
“Sweep to Primary Account”
That wording is significant because it suggests that Klickl Europe may have functioned as the primary beneficiary behind the OpenPayd collection structure.
In practical terms, the OpenPayd accounts allegedly served as intake points while Klickl Europe appeared to receive the consolidated funds.
5. Klickl Europe Was Allegedly More Than A Passive Recipient
Klickl Europe is reportedly registered in Poland as a virtual asset provider and appears to operate as a crypto on-ramp and exchange-related service provider.
Its alleged role is therefore highly material.
Victim funds were not simply transferred to a standard commercial account. They were allegedly swept into a crypto-services environment, raising several critical questions:
- Were the funds converted into crypto assets?
- Were wallets used?
- Were exchange accounts involved?
- Were settlements made to downstream operators?
Klickl Europe should theoretically be able to identify those destinations.
6. OpenPayd And Klickl Europe Allegedly Formed A Structured Rail
Victim files reviewed by Scam-Or Project repeatedly point to the same architecture:
- OpenPayd provided the victim-facing VIBAN layer.
- Klickl Europe allegedly received the swept balances as primary-account beneficiary.
This does not appear to be random payment activity.
The key questions now include:
For OpenPayd
- Was Klickl Europe onboarded as a master-account customer?
- Were large retail investment deposits monitored?
- Did compliance teams identify suspicious patterns?
For Klickl Europe
- Who controlled the downstream accounts?
- Who instructed the transactions?
- Where were the funds ultimately routed?
7. TFG Technology Allegedly Appeared On The Payout Side
According to one complaint, a victim allegedly received a partial withdrawal of roughly €17,000 from TFG Technology Ltd through a Danish IBAN.
The remainder of the withdrawal was reportedly blocked.
This resembles the classic “confidence payout” pattern commonly associated with investment fraud operations:
- send a limited amount back;
- create trust;
- encourage larger future deposits;
- delay suspicion.
TFG Technology allegedly appears to have fulfilled that role.
8. TFG Technology Carried Significant Registry Red Flags
TFG Technology Ltd reportedly existed only briefly before being dissolved after UK Companies House flagged incorporation information as potentially misleading, false, or deceptive.
In the context of the KXTRA allegations, several factors stand out:
- a short-lived UK company;
- Danish banking infrastructure;
- partial payouts to alleged fraud victims;
- registry warnings regarding incorporation data.
Together, these elements form a substantial risk profile.
9. Klickl Europe Should Be Able To Trace The Funds
If Klickl Europe received the swept balances, it should possess records relating to:
- exchange destinations;
- crypto wallets;
- merchants;
- counterparties;
- settlement partners;
- internal ledgers.
Unless Klickl Europe itself was involved in the alleged operation, identifying downstream recipients should theoretically be possible.
The central question remains:
Who instructed Klickl Europe to receive the victim funds, and where did the money go afterward?
10. This Appears To Be More Than A Compliance Failure
Once KXTRA is viewed as a suspected fraud operation, the roles of OpenPayd, Klickl Europe, and TFG Technology cannot simply be described as “AML weaknesses.”
The reviewed evidence suggests that these entities may have formed part of the operational payment framework that enabled:
- collection of victim deposits;
- movement of funds;
- crypto conversion;
- controlled payouts designed to maintain credibility.
The real issue is whether participants knowingly, recklessly, or negligently enabled a fraudulent payment ecosystem.
KXTRA / KKR Scam — Payment Rail & Entity Overview
| Layer | Entity / Individual | Jurisdiction | Apparent Role |
|---|---|---|---|
| Fraud Interface | KXTRA App | Moldova-linked references | Fake investment application |
| Fraud Narrative | KKR Global Investment / KKR Globale Aktienstrategie | Unknown | False IPO/private-equity story |
| Victim Acquisition | “Julia Hoffmann,” “Till van Dorp” | Unknown / likely aliases | WhatsApp and social-engineering contacts |
| Collection Layer |
OpenPayd Malta (website) |
Malta | Victim-facing VIBAN infrastructure |
| Sweep Recipient |
Klickl Europe Sp. z o.o. (website) |
Poland | Alleged primary beneficiary |
| Crypto Layer | Klickl Group | Poland / broader group | Suspected crypto settlement and routing |
| Control Person | Michael Xu Zhao / Xu Zhao | Publicly linked to Klickl | Director / UBO references |
| Payout Layer | TFG Technology Ltd | United Kingdom | Alleged confidence-payout vehicle |
| TFG Director | Libo Wang | UK company filings | Director / control person |
| Banking Infrastructure | Banking Circle Denmark | Denmark | Alleged payout banking layer |
| Regulatory Authority | MFSA | Malta | Relevant regulator for OpenPayd |
| Regulatory Authority | Polish VASP Register | Poland | Relevant authority for Klickl Europe |
Beyond Compliance: Who Enabled The Scheme?
KXTRA does not appear to resemble a legitimate investment platform.
It was allegedly:
- unlicensed;
- deceptive;
- based on fabricated investment narratives;
- supported by payment infrastructure that enabled operational scalability.
This changes the legal and compliance analysis significantly.
The key questions now include:
- Who controlled the receiving accounts?
- Who instructed the OpenPayd sweeps?
- Who benefited from the Klickl Europe transfers?
- Were crypto wallets involved?
- Who funded the TFG Technology payouts?
- Were suspicious activity reports filed?
- Did any participant profit from the payment flow?
If OpenPayd and Klickl Europe were themselves victims of criminal abuse, they should be able to provide records clarifying the customer relationships and downstream transactions.
If not, the allegations become substantially more serious.
Conclusion
KXTRA appears to have been the bait.
The payment infrastructure allegedly functioned as the weapon.
Victims were not only manipulated through fake app interfaces and fabricated profits. They were allegedly moved through a financial structure that gave the scheme operational credibility:
- OpenPayd allegedly handled the collection layer;
- Klickl Europe allegedly functioned as the sweep recipient and crypto on-ramp;
- TFG Technology allegedly served as a confidence-payout vehicle.
This is not merely an administrative AML issue.
It appears to be a suspected cross-border fraud-facilitation case involving payment infrastructure across Malta, Poland, Denmark, and the United Kingdom.
Regulators and law-enforcement agencies may now need to examine:
- who opened the accounts;
- who controlled the VIBANs;
- who authorized the sweeps;
- who handled crypto conversion;
- who financed payouts;
- who benefited from the victim losses.
If OpenPayd, Klickl Europe, and TFG Technology were exploited by criminal actors, disclosure of records and cooperation with investigations should clarify the situation.
If not, the suspicions surrounding the payment rail deepen considerably.
The KXTRA application may have been the visible stage.
The real investigation lies within the payment map.
Scam-Or Project will continue monitoring the case.
Share Information
Scam-Or Project calls on victims, whistleblowers, payment-sector employees, compliance insiders, former Klickl or OpenPayd staff, crypto-exchange personnel, and law-enforcement contacts to provide information connected to this case.
Relevant materials may include:
- OpenPayd account statements;
- Klickl Europe payment references;
- KXTRA screenshots;
- WhatsApp conversations;
- TFG Technology payout records;
- Thunes transactions;
- Banking Circle IBAN details;
- crypto wallet addresses;
- DSAR responses;
- onboarding documentation;
- internal compliance communications.
If you possess information relating to KXTRA, OpenPayd, Klickl Europe, TFG Technology, Banking Circle, Thunes, or associated payment rails, contact Scam-Or Project through the Scam-Or Project Complaints.
This case is no longer only about a fake trading app.
It is about the payment infrastructure allegedly supporting the fraud.
