TL;DR: Unusual company connections around the payment infrastructure emerged in FutureNet’s Ponzi structure, which relied on standard victim recruitment and cryptocurrency payment flows, according to Chainalysis. The case shows how fraud operations can hide behind legitimate-looking rails, making transaction tracing and entity attribution essential for investigators.
NHIMG editorial — based on content published by Chainalysis: Crypto Crime Intelligence Brief on the FutureNet Ponzi Scheme and Criptolago's role in Venezuela's cryptocurrency project
Questions worth separating out
Q: How should fraud teams investigate crypto scams that use multiple companies?
A: Fraud teams should build a single case file that links wallets, domains, payment processors, and company records.
Q: Why do Ponzi schemes often use referral incentives?
A: Referral incentives turn victims into a distribution channel, which lowers acquisition costs and expands reach without traditional advertising.
Q: What breaks when investigators focus only on transaction tracing?
A: They miss the enabling infrastructure that makes the fraud durable.
Practitioner guidance
- Map counterparties behind payment flows Build an evidence model that records exchanges, processors, hosters, and shell entities connected to suspicious wallet activity.
- Correlate blockchain data with OSINT Pair wallet tracing with domain records, website content, messaging channels, and company registration data.
- Review referral mechanics as a risk signal Flag investment schemes that reward recruiting others, because referral incentives often indicate a pyramid-style distribution model.
What's in the full report
Chainalysis' full crypto crime intelligence brief covers the operational detail this post intentionally leaves for the source:
- Wallet clustering, transaction tracing, and the blockchain evidence that supported the attribution.
- The open source intelligence signals used to connect FutureNet activity to associated companies.
- The investigative logic behind the claim that the payment infrastructure was part of the scam's operating model.
- Additional context on what the findings may mean for broader cryptocurrency ecosystem risk.
👉 Read Chainalysis' analysis of the FutureNet Ponzi scheme and payment infrastructure →
Crypto Ponzi payment rails: what investigators need to watch now?
Explore further
Company identity is part of the attack surface in crypto fraud. Chainalysis’ framing suggests the central question is not only where funds move, but which entities are operationally enabling the movement. That pushes investigations beyond wallet attribution into counterparty governance, administrative ownership, and service-provider relationships. For investigators, the lesson is to treat entity identity as evidence, not background.
A question worth separating out:
Q: Who is accountable when a scam uses associated companies to move funds?
A: Accountability sits with the operators, facilitators, and any counterparties that knowingly enable the scheme. From a governance perspective, firms that provide payment, hosting, or administrative support should expect scrutiny over onboarding, due diligence, and ongoing monitoring. The right control question is whether the relationship was validated before it was trusted.
👉 Read our full editorial: FutureNet Ponzi analysis shows how crypto payment rails obscure fraud