So, there was this 31-year-old guy in India named Chirag Tomar who pulled off one of the craziest crypto heists ever. He basically stole $20 million just by buying a domain name.

He registered "CoinbasePro[dot]com" and built a fake login page that looked exactly like the real thing, down to the last pixel. He was a wizard at SEO, so when people searched for Coinbase Pro on Google, his fake site showed up as the very first result.

When people clicked on it, they’d type in their email, password, and 2FA code. While the victims were looking at a fake "loading" screen, Tomar’s crew was using those live codes to log into the real accounts and empty the wallets in seconds. If someone got confused, they’d call a "support" number on the page, and a scammer would actually pick up and talk them into giving away even more security codes.

He kept this up for over two years and scammed 542 people. He even kept a massive spreadsheet tracking every person he robbed. He used the money to live like a movie star—buying Lamborghinis, Porsches, Audemars Piguet watches, and taking huge trips to Dubai and Thailand.

But his luck ran out in December 2023. He flew into Atlanta for a vacation, thinking he was untouchable, but the Secret Service was literally waiting for him at the gate.

How they caught him is actually hilarious. This guy was smart enough to trick Google’s algorithm for years, but he was dumb enough to use the exact same email for his scamming business that he used on his official US visa application. When the feds looked at his search history, they found him googling stuff like "how to take money from coinbase without OTP" on the same browser.

He pleaded guilty and got 5 years in federal prison. On top of that, the authorities in India ended up seizing over $7 million worth of properties he’d bought for himself and his family. It just goes to show that you can be a genius at coding, but you can still get busted by a simple "forgot to switch emails" mistake.