crypto fraud elderly
SoFi continues to blame the victim arguing it has found no foul play in the loan application despite culprit's confession. Sora Shimazaki/Pexels.com

A unique case of identity theft has emerged, revealing how a determined scammer exploited an online bank's verification process to steal a $52,000 loan, only to lose the entire sum to a cryptocurrency scam. ABC 7 News's 7 On Your Side investigative team uncovered the details after receiving an anonymous package from Manila, Philippines. The sender, claiming to be the hacker, confessed to stealing a San Francisco man's identity to secure a loan in his name. The case sheds light on the vulnerability of digital banking and the devastating consequences for victims of identity theft.

Hacker Claims Identity Theft Was Meant to "Help" Expose Security Flaws

According to ABC 7 News, the package sent to 7 On Your Side contained a letter from the hacker, who went by the alias "Killian" and claimed to be from Nunavut, Canada. Killian confessed to stealing the victim's identity to expose flaws in SoFi's online verification systems and help the victim understand the ease of such fraud.

The parcel included sensitive documents—copies of the victim's driver's licence, Social Security numbers, address, and contact information. The hacker had also obtained private data such as Zoom call screenshots and banking details. These materials indicated that Killian accessed public records, including the victim's employment information at the University of California, to strengthen his application for the loan. The hacker's letter mentioned that securing a loan under the victim's name was facilitated by his excellent credit score, making him "an easy target."

Victim Expresses Shock Over the Fraud

7 On Your Side reached out to the victim, who expressed disbelief and fear upon learning of the identity theft. "It was surreal," he said. "They had my driver's licence, old addresses, phone numbers from a decade ago... it was like something out of a movie." This revelation made the victim realise the extent of the breach, leading him to take immediate steps to protect himself. He closed his bank accounts, wiped his smartphone, and began managing his finances through his wife's accounts to avoid further exposure.

Despite the hacker's claim of a "helpful intent," the victim's financial and personal security were severely compromised. He reported feeling uneasy, particularly with the knowledge that multiple data breaches had exposed him to such a targeted attack. Yet, the hacker encouraged him to make the case public, supposedly to help other people recognise digital banking vulnerabilities.

SoFi Denies Accountability in the Identity Theft

SoFi, one of the leading digital banks, received a similar package from the hacker. However, the bank's internal investigation concluded there was no fault in its processes, holding the victim accountable for repaying the loan. SoFi began sending collection warnings, demanding payments of $2,400 monthly, which the victim ignored, sparking a "delinquency" remark on his credit report. This status could harm his credit score for years, affecting future loan approvals, rental applications, and even job prospects, as many entities rely on credit reports for verification.

The victim discovered the loan only after receiving a loan statement two weeks after approval. Surprised, he initially suspected a mistake, especially as the loan and inquiry didn't appear on his credit report. He disputed the claim, prompting SoFi to launch an investigation, but the bank ultimately maintained there was no evidence of fraud. Under California law, banks are required to investigate fraud allegations thoroughly, and victims have the right to request detailed records. However, SoFi's electronic ID verification process relies solely on uploading a government ID and a real-time video, which the hacker manipulated. SoFi provided the victim only with a "Truth in Lending" statement and a copy of the loan agreement with an electronic signature, which he argued could easily be forged.

Authorities Step In as Victim Struggles for Resolution

Frustrated, the victim reported the incident to various authorities, including the credit bureaus, the Federal Trade Commission (FTC), the local police, and the state attorney general's office. With limited success in getting SoFi to reopen the investigation, 7 On Your Side intervened to request proof of identity from the bank. SoFi responded by claiming it had substantial evidence, including a voice recording from a call disputing the loan and a real-time video verifying the victim's identity.

In a surprising twist, the victim's brother, Rudi Yanto, emerged as a suspect. The victim realised that his brother, who closely resembles him, could have impersonated him during the identity verification process. "If he wears my glasses, we look identical," the victim explained. He allowed Yanto access to his computer, debit card, and mobile phone while he was away skiing, providing ample opportunity for Yanto to use his information without arousing suspicion.

Family Betrayal: Brother Confesses to Fraud for Cryptocurrency Scheme

Upon confronting Yanto, the victim was met with an unexpected response. "He asked, 'Do I need to get a lawyer?'" the victim recalled, a moment that underscored the betrayal. Yanto later confessed to the crime, explaining that he had taken out the loan intending to invest in a high-reward cryptocurrency scheme. The plan failed disastrously, and he lost all the funds to scammers. Yanto revealed that the idea to exploit a family member's identity came from an acquaintance he met through a cryptocurrency forum, who claimed the investment would yield significant returns.

Attempting to undo the damage, Yanto sent the Manila package to the consumer advocate, assuming the alias "Killian." He claimed the intent was to expose SoFi's security flaws and hoped this would encourage the bank to forgive the debt. But this action led to further complications. Despite the confession, SoFi's records still identified the victim as the borrower, leaving him legally liable for the debt.

Crypto Scammers Take Over

Yanto's interactions with the crypto scammers began over Telegram, where a user named Killian assured him he could make substantial earnings by "unlocking" cryptocurrency funds through an initial $50,000 deposit. When SoFi initially declined the loan application due to insufficient ID verification, Yanto intensified his efforts, altering Zoom videos on the victim's computer and donning the victim's glasses and clothing to pass as him. Ultimately, a member of the crypto group accessed security footage of the victim, which Yanto used to bypass SoFi's ID verification. Once the loan was approved, Yanto withdrew the $52,000 from the victim's Chase account and sent the funds to the scam group, only to discover his "earnings" had vanished shortly after.

Debt Sold to a Third Party Without Notice

After Yanto's confession, the victim lodged further complaints with the FTC and police, officially naming Yanto as the perpetrator. SoFi initially appeared willing to reconsider the case under the grounds of "family fraud." However, the bank's subsequent actions complicated matters: they sold the loan to a debt buyer without notifying the victim. As a result, the victim faces the additional hurdle of disputing the debt with an external collector.

Determined to clear his name, the victim has hired an attorney and filed a dispute with the debt buyer, vowing to continue the fight. He shared his story publicly to raise awareness of identity theft risks and emphasise victims' rights to comprehensive investigations in fraud cases.

Read more
Cybercrime Bitcoin