OpenPayd Malta vIBAN Appears Again In Alleged Crypto Romance Scam Infrastructure
Another Malta CFTE vIBAN Surfaces In A Crypto-Fraud Payment Trail
Scam-Or Project has received another victim report involving an OpenPayd-linked Malta vIBAN, BIC/SWIFT CFTEMTM1, and crypto transfers connected to a suspected fraudulent trading platform. While this case differs from the previously reported OpenPayd/Klickl Europe files, it appears to reinforce a broader and recurring pattern: modern romance-investment scams increasingly rely on regulated or semi-regulated fiat-to-crypto payment infrastructure.
Once again, OpenPayd infrastructure reportedly appeared at the stage where victim funds entered the crypto ecosystem.
2-Minute Overview
A new victim submission received by Scam-Or Project places an OpenPayd Malta IBAN directly inside the payment chain of a suspected crypto-investment scam.
This is not merely another online romance scam allegation. The reported facts suggest that fraud operators may have leveraged OpenPayd’s fiat-entry infrastructure to channel victim funds into cryptocurrency before dispersing them across wallets and exchanges.
According to the victim, she was approached through the dating application Bloom by an individual using the name “Allen Wilson,” who allegedly presented himself as an experienced forex trader. Communication later shifted to WhatsApp, where the victim reportedly received step-by-step trading instructions, screenshots, and guidance related to cryptocurrency transactions.
The victim claims she was instructed to:
- Open and use a Crypto.com account
- Create a Trust Wallet
- Purchase and transfer crypto assets
- Send funds onward to the alleged trading platform Ubsdfx.com
The total reported loss is estimated at approximately €60,000, including borrowed funds, between 29 April 2025 and early June 2025.
The victim further states that Austrian police later performed blockchain tracing and allegedly identified that the transferred crypto assets were fragmented across numerous exchanges and wallets.
A screenshot shared with Scam-Or Project appears to show a Crypto.com EUR deposit instruction using a Malta IBAN beginning with:
MT58 CFTE…
The screenshot also displays the BIC/SWIFT:
CFTEMTM1
The banking details shown correspond to OpenPayd Malta infrastructure used in the fiat-to-crypto deposit process.
Reported Payment Flow
Victim
↓
OpenPayd Malta IBAN / CFTEMTM1
↓
Crypto.com Cash Account
↓
Trust Wallet
↓
Ubsdfx.com
↓
Multiple downstream wallets and exchanges
The core issue remains unchanged: crypto fraud operations require legitimate-looking payment rails.
Scammers do not rely solely on fake dating profiles, WhatsApp manipulation, fabricated dashboards, or blocked withdrawals. They also depend on:
- SEPA-accessible IBANs
- Crypto exchange funding systems
- Wallet infrastructure
- Fiat-to-crypto onboarding rails
This latest case aligns with the broader operational patterns described in OCCRP’s Scam Empire investigation and further supports earlier Scam-Or Project reporting regarding OpenPayd and the wider ecosystem connected to founder Ozan Özerk.
The central question is no longer whether scammers use fake trading platforms. The real question is why OpenPayd-linked IBAN infrastructure repeatedly surfaces in fraud-related payment paths.
Questions Raised For OpenPayd
This case raises several compliance and monitoring questions, including:
- How was the Malta vIBAN infrastructure used in this transaction flow?
- Were any AML or transaction-monitoring alerts triggered?
- Were suspicious activity reports filed?
- How many similar complaints reference CFTEMTM1?
- What escalation procedures exist for suspected crypto-fraud activity?
The Operational Structure Of The Alleged Fraud
The reported scheme followed a familiar structure:
| Stage | Alleged Function |
|---|---|
| Fake romance profile | Initial victim acquisition |
| WhatsApp communication | Grooming and manipulation |
| OpenPayd Malta IBAN | Fiat-entry payment rail |
| Crypto.com | Fiat-to-crypto conversion |
| Trust Wallet | Self-custody transfer layer |
| Ubsdfx.com | Alleged fake trading environment |
What The Screenshot Allegedly Shows
The screenshot provided to Scam-Or Project appears to display Crypto.com EUR deposit instructions.
Visible Details
| Field | Information Shown |
|---|---|
| Account holder | Victim’s name |
| IBAN | MT58 CFTE 2800 4000 0000 0000 45 31340 |
| BIC/SWIFT | CFTEMTM1 |
| Bank address | Level 3, 137 Spinola Road, St Julian’s, Malta |
| Country | Malta (MT) |
| Deposit purpose | EUR deposits into Crypto.com Cash Account via SEPA |
The wording displayed in the screenshot reportedly states:
“Please use the information below to transfer EUR deposits into your Crypto.com Cash Account directly through your bank via SEPA.”
This suggests that the victim was instructed to send fiat funds into a crypto-exchange-linked account using a Malta-based vIBAN before transferring assets onward through Trust Wallet and eventually to Ubsdfx.com.
Understanding The vIBAN Structure
A virtual IBAN (vIBAN) is a payment identifier designed to resemble a conventional IBAN while operating through a centralized payment-account structure.
In legitimate exchange environments, vIBANs are commonly used for:
- Customer deposit identification
- Internal reconciliation
- Segregated transaction tracking
The payer may see an IBAN appearing to belong personally to them, while the underlying funds are actually routed through a payment institution or master corporate account.
In the earlier OpenPayd/Klickl Europe-related material, OpenPayd reportedly explained that such vIBANs function as digital identifiers attached to a primary corporate account rather than standalone banking accounts.
Unlike the prior Klickl Europe cases, the current screenshot does not appear to reference Klickl Europe. Instead, it appears connected directly to Crypto.com deposit infrastructure using a Malta CFTE IBAN.
However, the broader fraud risk remains consistent.
The vIBAN-To-Crypto Fraud Sequence
Personal-looking IBAN
↓
Crypto exchange funding
↓
Self-custody wallet
↓
Fake trading platform
↓
Funds dispersed and lost
Key Case Information
| Category | Details |
|---|---|
| Case type | Romance / pig-butchering crypto-investment scam |
| Initial contact | Bloom dating application |
| Alleged scammer identity | “Allen Wilson” |
| Communication channel | |
| Fraud narrative | Forex and crypto trading profits |
| IBAN structure | Malta IBAN beginning MT58 CFTE… |
| BIC/SWIFT | CFTEMTM1 |
| Deposit context | Crypto.com Cash Account / SEPA |
| Exchange layer | Crypto.com |
| Wallet layer | Trust Wallet |
| Destination platform | Ubsdfx.com |
| Reported losses | Approximately €60,000 |
| Timeline | 29 April 2025 – early June 2025 |
| Law enforcement | Austrian police complaint reportedly filed |
| Blockchain tracing | Funds allegedly dispersed across multiple wallets/exchanges |
| OpenPayd relevance | Malta CFTE vIBAN infrastructure visible in deposit flow |
| Klickl relevance | No current evidence connecting this case to Klickl Europe |
| Risk classification | High-risk vIBAN-enabled crypto fraud |
Payment Infrastructure Breakdown
| Layer | Entity / Tool | Apparent Role | Primary Risk |
|---|---|---|---|
| Victim acquisition | Bloom | Romance-scam entry point | Emotional manipulation |
| Grooming | “Allen Wilson” / WhatsApp | Instruction and trust-building | Social engineering |
| Fiat entry | OpenPayd Malta | SEPA funding rail | False legitimacy through named IBAN |
| Exchange layer | Crypto.com | Fiat-to-crypto onboarding | Legitimate infrastructure leveraged |
| Wallet layer | Trust Wallet | Self-custody transfer | Reduced recovery options after transfer |
| Scam platform | Ubsdfx.com | Alleged fake investment platform | Withdrawal denial |
| Laundering stage | Multiple wallets/exchanges | Fragmentation of proceeds | Tracing complexity |
Scam-Or Project Assessment
This case should currently be classified as a vIBAN-enabled crypto scam involving Crypto.com, Trust Wallet, and Ubsdfx.com — not as a Klickl Europe case.
That distinction is important.
In the earlier KXTRA and Peel Hunt / Peelhuntaicore investigations, available evidence suggested that funds were linked to corporate payment infrastructure associated with Klickl Europe.
In this case, the visible transaction route appears different:
OpenPayd Malta IBAN
↓
Crypto.com
↓
Trust Wallet
↓
Ubsdfx.com
Nevertheless, the underlying operational model appears similar: fraud operators allegedly exploit legitimate payment and crypto infrastructure to gain victim trust and facilitate fund transfers.
The scammers do not necessarily control the exchange or payment institution itself. Instead, they weaponize existing rails.
This explains why OpenPayd remains central to ongoing investigative scrutiny. Scam-Or Project has repeatedly covered OpenPayd-related payment structures in elevated-risk transaction environments, while OCCRP’s Scam Empire reporting documented how international fraud networks depend heavily on payment intermediaries, crypto rails, and banking infrastructure.
According to OCCRP, leaked records allegedly showed fraud-related payments flowing through dozens of companies, including entities connected to Ozan Özerk, although OCCRP also stated there was no evidence that those companies knowingly processed fraudulent payments.
Core Compliance Questions
This latest case again raises several important questions:
- How are victims repeatedly being directed toward Malta-based vIBAN payment rails?
- What monitoring systems are triggered when large retail SEPA deposits fund crypto accounts?
- Are fraud reports escalated quickly enough to freeze assets?
- Are exchanges and payment facilitators preserving complete transaction records for investigators?
- How frequently does the same CFTE/OpenPayd infrastructure appear in crypto-fraud complaints?
Conclusion
This latest report adds another layer to the broader Scam-Or Project investigation into OpenPayd-linked vIBAN infrastructure.
At present, the matter appears to be:
- A Crypto.com case
- A Trust Wallet case
- A Ubsdfx.com scam allegation
- A Malta CFTE vIBAN payment-rail case
But the operational pattern remains consistent:
- Fake identities attract victims
- WhatsApp conversations build trust
- vIBANs move fiat into crypto
- Wallets transfer assets away
- Fake platforms simulate profits
- Withdrawals fail
- Funds disappear across multiple wallets and exchanges
OCCRP described the ecosystem as the “Scam Empire.”
Scam-Or Project continues following the payment rails.
And once again, OpenPayd-linked infrastructure appears directly inside the victim’s reported payment path.
Share Information
If you have information regarding OpenPayd, Malta CFTE vIBAN structures, or related crypto-payment activity, you may share details through the Scam-Or Project Complaints.
Victims who transferred funds through OpenPayd-linked payment rails are also encouraged to provide documentation and transaction details for further analysis.
