An elaborate cryptocurrency scam has drawn international attention after U.S. federal authorities traced stolen funds to a Nigerian suspect, sparking misleading viral claims online. The scheme involved a fraudster impersonating Steve Witkoff, co-chair of the Trump-Vance 2025 Inaugural Committee, to deceive a donor into transferring over $250,000 in USDT.ETH cryptocurrency. While online posts sensationally claimed that former U.S. President Donald Trump himself was scammed by a “Yahoo boy,” official records from the U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) reveal that Trump was not the victim. Instead, the scam targeted a donor intending to contribute to Trump’s inauguration, using carefully crafted deception.
In December 2024, fraudsters sent emails purporting to be from Steve Witkoff, soliciting cryptocurrency donations for the upcoming inauguration. The emails were part of a sophisticated business email compromise (BEC) scam, which involved subtle manipulation of domain names. The authentic email domain, “@t47inaugural.com,” was mimicked using “@t47lnaugural.com,” replacing the uppercase “I” with a lowercase “L”—a nearly imperceptible change. Believing the request was genuine, the donor transferred $250,300 worth of USDT.ETH to a wallet controlled by the scammer. The cryptocurrency was quickly dispersed across several wallets and exchanges, making it difficult to trace and recover. However, Binance and Tether cooperated with the FBI in freezing accounts linked to the fraudulent activity, allowing the U.S. government to recover $40,300.
Investigators traced part of the stolen funds to a Binance account based in Nigeria under the name Ehiremen Aigbokhan. Court documents state that it appeared likely Aigbokhan received international cryptocurrency transfers from the U.S. as a result of his involvement in the scheme. The FBI has linked him to multiple wallets used in laundering the funds and is now seeking his arrest. Digital forensics played a key role in tracking the money trail, and a civil forfeiture complaint was filed by the U.S. Attorney’s Office in July 2025 to seize the recovered funds. Despite this progress, authorities emphasized the challenge of recovering assets in such cases due to the complexity and anonymity of blockchain technology.
While legitimate crypto initiatives exist involving Trump and Witkoff—such as the launch of World Liberty Financial with their sons—this particular fraud had no direct financial impact on Trump himself. Nonetheless, Trump’s name and the upcoming inauguration were exploited as bait to convince the donor of the email’s legitimacy. Social media users, particularly on X (formerly Twitter), amplified the story with posts implying that Trump personally lost money to the scam. One post, viewed nearly 2 million times, read: “A Yahoo boy scammed a whole Donald Trump, the President of US, 250,000 dollars. Some of you are audacious.” This claim was further echoed by news outlets like Peoples Gazette, which inaccurately framed Trump as the victim in their headlines, despite accurate reporting in the body of their articles.
Experts warn that such impersonation scams are increasingly common and can lead to substantial financial loss if recipients fail to verify email authenticity. FBI Assistant Director Steven J. Jensen advised the public to be cautious with unfamiliar requests, especially those involving crypto transfers. U.S. Attorney Jeanine Pirro reinforced this, urging donors to double- and triple-check recipient details before sending any funds. While a suspect has been identified and some funds frozen, the bulk of the stolen money remains unrecovered, and the viral narrative surrounding the incident continues to distort the truth.
Sources
