September 14, 2020

Most of us automatically put our guard up when someone we don’t know promises something too good to be true. But when the too-good-to-be-true thing starts as our idea, sometimes that instinct fails to kick in. Here’s the story of how companies searching for investors to believe in their ideas can run into trouble.

Nick is an investment banker who runs a firm that helps raise capital for its clients (Nick is not his real name, and like other investment brokers interviewed in this story spoke with KrebsOnSecurity on condition of anonymity). Nick’s company works primarily in the mergers and acquisitions space, and his job involves advising clients about which companies and investors might be a good bet.

In one recent engagement, a client of Nick’s said they’d reached out to an investor from Switzerland — The Private Office of John Bernard — whose name was included on a list of angel investors focused on technology startups.

“We ran into a group that one of my junior guys found on a list of data providers that compiled information on investors,” Nick explained. “I told them what we do and said we were working with a couple of companies that were interested in financing, and asked them to send some materials over. The guy had a British accent, claimed to have made his money in tech and in the dot-com boom, and said he’d sold a company to Geocities that was then bought by Yahoo.”

But Nick wasn’t convinced Mr. Bernard’s company was for real. Nick and his colleagues couldn’t locate the company Mr. Bernard claimed to have sold, and while Bernard said he was based in Switzerland, virtually all of his staff were all listed on LinkedIn as residing in Ukraine.

Nick told his clients about his reservations, but each nevertheless was excited that someone was finally interested enough to invest in their ideas.

“The CEO of the client firm said, ‘This is great, someone is willing to believe in our company’,” Nick said. “After one phone call, he made an offer to invest tens of millions of dollars. I advised them not to pursue it, and one of the clients agreed. The other was very gung ho.”

When companies wish to link up with investors, what follows involves a process known as “due diligence” wherein each side takes time to research the other’s finances, management, and any lurking legal liabilities or risks associated with the transaction. Typically, each party will cover their own due diligence costs, but sometimes the investor or the company that stands to benefit from the transaction will cover the associated fees for both parties.

Nick said he wasn’t surprised when Mr. Bernard’s office insisted that its due diligence fees of tens of thousands of dollars be paid up front by his client. And he noticed the website for the due diligence firm that Mr. Bernard suggested using — insideknowledge.ch — also was filled with generalities and stock photos, just like John Bernard’s private office website.

“He said we used to use big accounting firms for this but found them to be ineffective,” Nick said. “The company they wanted us to use looked like a real accounting firm, but we couldn’t find any evidence that they were real. Also, we asked to see an investment portfolio. He said he’s invested in over 30 companies, so I would expect to see a document that says, “here’s the various companies we’ve invested in.” But instead, we got two recommendation letters on letterhead saying how great these investors were.”

KrebsOnSecurity located two other investment bankers who had similar experiences with Mr. Bernard’s office.

“A number of us have been comparing notes on this guy, and he never actually delivers,” said one investment banker who asked not to be named because he did not have permission from his clients. “In each case, he agreed to invest millions with no push back, the documentation submitted from their end was shabby and unprofessional, and they seem focused on companies that will write a check for due diligence fees. After their fees are paid, the experience has been an ever increasing and inventive number of reasons why the deal can’t close, including health problems and all sorts of excuses.”

Mr. Bernard’s investment firm did not respond to multiple requests for comment. The one technology company this author could tie to Mr. Bernard was secureswissdata.com, a Swiss concern that provides encrypted email and data services. The domain was registered in 2015 by Inside Knowledge. In February 2020, Secure Swiss Data was purchased in an “undisclosed multimillion buyout” by SafeSwiss Secure Communication AG.

SafeSwiss co-CEO and Secure Swiss Data founder David Bruno said he couldn’t imagine that Mr. Bernard would be involved in anything improper.

“I can confirm that I know John Bernard and have always found him very honourable and straight forward in my dealings with him as an investor,” Bruno said. “To be honest with you, I struggle to believe that he would, or would even need to be, involved in the activity you mentioned, and quite frankly I’ve never heard about those things.”

DUE DILIGENCE

John Bernard is named in historic WHOIS domain name registration records from 2015 as the owner of the due diligence firm insideknowledge.ch. Another “capital investment” company tied to John Bernard’s Swiss address is liftinvest.ch, which was registered in November 2017.

Curiously, in May 2018, its WHOIS ownership records switched to a new name with the same initials: one “Jonathan Bibi,” with an address in the offshore company haven of Seychelles. Likewise, Mr. Bibi was listed as a onetime owner of the domain for Mr. Bernard’s company  —the-private-office.ch — as well as johnbernard.ch.

Running a reverse WHOIS search through domaintools.com [an advertiser on this site] reveals several other interesting domains historically tied to a Jonathan Bibi from the Seychelles. Among those is acheterdubitcoin.org, a business that was blacklisted by French regulators in 2018 for promoting cryptocurrency scams.

Another Seychelles concern tied to Mr. Bibi was effectivebets.com, which in 2017 and 2018 promoted sports betting via cryptocurrencies and offered tips on picking winners.

A Google search on Jonathan Bibi from Seychelles reveals he was listed as a respondent in a lawsuit filed in 2018 by the State of Missouri, which named him as a participant in an unlicensed “binary options” investment scheme that bilked investors out of their money.

Jonathan Bibi from Seychelles also was named as the director of another binary options scheme called the GoldmanOptions scam that was ultimately shut down by regulators in the Czech Republic.

Jason Kane is an attorney with Peiffer Wolf, a litigation firm that focuses on investment fraud. Kane said companies bilked by small-time investment schemes rarely pursue legal action, mainly because the legal fees involved can quickly surpass the losses. What’s more, most victims will likely be too ashamed to come forward.

“These are cases where you might win but you’ll never collect any money,” Kane said. “This seems like an investment twist on those fairly simple scams we all can’t believe people fall for, but as scams go this one is pretty good. Do this a few times a year and you can make a decent living and no one is really going to come after you.”

If you liked this post, please see Part II of the investigation, Who is John Bernard?


42 thoughts on “Due Diligence That Money Can’t Buy

  1. Laissez-faire

    Pay international unknown front company up front, no step 2.
    Classic fraud is classic.

    1. Beeker25

      My other one is the “CPA firm is found to be ineffective. ” That’s a scam.
      Most CPA firm are governed by various Codes and interpretation that puts the premium on honesty. Anyone caught could lose their designation and license and be sanctioned by state board.

      1. markth

        Ineffective (may also be read as too expensive and/or inquisitive).

  2. Gob Bluth

    The similarly egregious use of apostrophes on both the john bernard and inside knowledge sites would have set off alarm bells immediately for me.

    “for the benefit of those they employ and the family’s in turn they support”

    “We care for our clients’ and their businesses”

    1. DelilahTheSober

      I agree regarding bad/sloppy grammar being a tip-off for me that some kind of fraud is going on. Also, sometimes the scammers will call me “Dear” multiple times within the context of the email, which just isn’t a common way that English-speaking people generally communicate with each other on a professional level.

    2. SeymourB

      There’s a line of thinking that schemes using poor grammar and other obvious alarm bells are done intentionally. The kind of people who will charge ahead while ignoring all of them are the exact kind of people who they’re after.

    3. Mark Petry

      right, if the statement is enclosed in quotes, it is a quote, and not a material representation

    4. Mark Petry

      right, if the statement is enclosed in quotes, it is a quote, and not a material representation

  3. Dennis

    Isn’t it amazing all the “ingenious” ways that scammers come up with to bilk money out of people? How in the world would you even think about a scheme like this?

    1. zboot

      It’s not that hard to think of when you’re in the business. Let’s say you’re a bank teller and good at your job. One day, you decide how can I exploit my position to steal. It would be simple for you to identify holes in the process you can exploit. After all, it is usually you patching those holes or silently taking care of them when dealing with customer who intentionally or unintentionally do the same.

      Take this scheme, if you’ve actually invested in a few businesses or tried to land investment, you may quickly realize there are areas that you SHOULD do due diligence and notice that not only did you skip that in your quest to raise money, but many others also do the same. If you then decide to turn to crime, how hard would be it to leverage your own knowledge to carry it out?

      Lets take another example – buying a house. It is normal to get an email before closing from someone whom you may have never corresponded before or only once before, giving you wiring instructions that you must carry out IMMEDIATELY to close on your home. It is also normal for you to wire significant sums of money and have the exact amount you’d wire change at the last minute. So, you’re buying a house, you get wire instructions, the amount is close to what you expect, what do you do? You send it.

      What knowledge do you need to know to come up with this scheme? Have bought a houses previously, have worked for a title company or mortgage broker, etc and dealt with people who made mistakes (wired the wrong amount, transposed digits, etc) all because they’re conditioned to follow instructions, do it quickly, and trust random emails. How hard is it to be able to come up with a scam based on that if you have significant experience working in that field?

      I rent out investment property. I’ve dealt with people desperate to find housing who because of poor rental history, expect to pay up front higher fees just for the pleasure of submitting a rental application. How hard is it for an unscrupulous person to notice this while carrying out legitimate business and determine they can exploit the desperate into paying fees for nonexistent properties? It’s not like people are doing title searches to see that the person they’re corresponding with is the actual property owner.

      Thieves don’t need much imagination. It only seems that way because that’s not your area of expertise.

      1. security vet

        …anyone that wires money based on an email from a stranger…

        …but I repeat myself…

      2. Chops

        “It is normal to get an email before closing from someone whom you may have never corresponded before or only once before, giving you wiring instructions that you must carry out IMMEDIATELY to close on your home.”

        Yikes, is it? Do people not use conveyancing solicitors for all this sort of thing? Legal professionals who know what they’re doing and have professional bodies and insurance and so on. Doing it by email to strangers seems very dangerous.

        1. JamminJ

          The UK system of conveyancing solicitors doesn’t exactly exist in the US. But there are plenty of legal experts that carry out those same duties.

          The original post is correct though… even with buyer and seller real estate agents, the mortgage lending agent, and the title company… I was introduced to yet another legal professional to handle the wire transfer, the “Transaction Coordinator”.

          This transaction coordinator was introduced to me over email by my buyer real estate agent, which not everyone has. I was a bit suspicious at first since the email domain misspelled “transaction” which turned out to be intentional. And the email signature had the following disclaimer:

          IMPORTANT NOTICE: Never trust wiring instructions sent via email. Always independently confirm wiring instructions in person or via a telephone call to a trusted and verified phone number. Never wire money without double-checking that the wiring instructions are correct.
          I still was not completely at ease, since social engineering over the phone was still possible.

          But I confirmed the wire instructions, and was reassured by my realtor.

          Unfortunately, the way this industry is set up, with only certain licensed professionals legally allowed to do specific tasks, its all segregated into different professions. And furthermore, laws vary by 50 different states.

  4. The Sunshine State

    “..made his money in tech and in the dot-com boom, and said he’d sold a company to Geocities that was then bought by Yahoo.”

    This should have been the first red flag in my opinion.

    1. econobiker

      Geocities and Yahoo involved?
      Why not throw in the original iteration of Pets.com along with backing by Enron and Blockbuster Video….

  5. sam

    It’s like taking candy from a baby from a sucker born a minute ago.

  6. TimH

    Just another advance fee fraud variant. Amusingly high end target victims though. Should know better, particularly with all the red flags.

  7. Phil

    “Here’s the story of how companies searching for investors to believe in their ideas can run into trouble.”

    1st thought: Harley Davidson…

  8. MaryL

    Another excellent article, Brian! You’re the best, for unsuspecting people like me. Thank you for what you do.

  9. JCitizen

    I’m ignorant, but none-the-less surprised to see that the .ch domain is Swiss in relation to SWITCH. They must have just been handing out those domains back in 1987 in alphabetical order as they were registered? Don’t pay attention to me, it just seems funny!

    1. JamminJ

      Similarly, “.de” is reference to the native word for their country, not the English version. Deutschland.

  10. rich

    Even though they were warned the clients did it. Some people are so naive. It is one thing if they did this on their own and were a bit careless but getting warned and then doing the pre-payment of fees is just stupid.

    I learned a long time ago to never give people money ahead of time. Even construction type work I generally get people to agree to accept payment after they start work and if it is a material issue, let me order the stuff and get it delivered to my residence. That way I know it was spent on materials.

    1. WK

      It’s quite possible that these people were so desperate for money (in order to stay in business) that they felt they had to take a risk on the first offer they were presented with.

  11. roflem

    Classic advance fee fraud, bilking victims who are too ashamed to report it.
    Why don’t you do a Top Ten list Brian, ? A list where the biggest upfront fee received is number 1?
    In Romania the scammers had such a list among themselves. No1 was the guy who sold a Boeing 727 on ebay and received 250.000US$ for the Gasoline so the Romanian could fly it over to him in USA 🙂

  12. Stealth Mode

    I’ve been a mortgage broker/mortgage banker for almost 30 years, and I’ve done more than a handful of overseas deals. Anyone or any entity asking for front fees beyond an appraisal (if it is real estate) is a fraud. Due diligence is a cost of doing business for the LENDER. Buyers should also do some due diligence before they ship off all kinds of their confidential data to people they don’t KNOW are legitimate. Be warned – lotsa varmints out there. If you are skeptical, I have a large folder of correspondence from various “princes” who want me to launder lots of money for them but need me to send them a front fee first for various taxes, fees and bribes. Deals that are too good to be true are indeed too good to be true.

    1. JamminJ

      As the article points out…. venture capital investment for startups is NOT real estate. Far fewer regulations, and there is no clear precedent for responsibility regarding due diligence. It’s often part of the negotiations and quite often in legitimate deals, the investment recipient covers these costs.

      The real red flag was not doing due diligence on the due diligence company after the prospective investor insists on using them.

  13. econobiker

    Its no different than the owner selling a beautiful lake front house who continually takes non-refundable deposits from prospective buyers only for the buyers to find out that the house is actually built around a single wide mobile home and will not qualify for a conventional home loan. The scam is in the process itself, not in the end product…

  14. Forensic Studies

    Just made a quick research: “The Private Office of John Bernard” is not a registered Swiss company.

    His website “the-private-office.ch” IP is 134.122.79.92, so Cloud Hosting via DigitalOcean LLC New York. On same IP :25 is an eMail server from secureswissdata.com.

    Registered was the website Jan 12, 2018 from: Lift Invest Ltd., Jonathan Bibi, Global Gateway 8, SC-00 Mehe and hosted on 155.133.142.5 (France) with 596 other sites hosted on this server.

    So, no connection to Switzerland except the website on .ch.

    Due diligence: “InsideKnowledge.ch” at Bahnhofstrasse 21 in Zug, Switzerland is a registered Swiss company:

    01.09.2017: c/o Goldblum & Partners LLP, London, branch Zug from managing director Hubskyi Ihor, in Kiew Ukraine and chairman Pichugin Dmytro, (yes, also from Ukraine) in Zürich.

    17.11.2017: New at c/o STAX AG, Bahnhofstrasse 21, 6300 Zug… retired person was Pichugin, new registered was Turturica Alina (Romanian) in Adliswil, Switzerland.

    27.11.2018: Retired was Turturica and new registered Peerthy Shankar (Mauretania) in Gland, Switzerland as president; so with Hubskyi as partner & manager they run the show and if you call the “office” you endup with Peerthy.

    Ahh… huch, yeah Shankar is kind of a busy person as president at: SGE Associates AG, Meal AG, ERA VINTAGE AG and member of the board of directors at: JMI Brokers AG, First Alfa Industries AG, Libra Advisors AG, Swiss Global Trust AG, Swiss International Asset Management AG, Bridge Management AG, 5Horizons Consulting AG, Fide et Fiducia AG, Confidia AG, TorVault AG, SWISS AMF AG, Avantage Group AG, Swiss Global Investment Trust AG, Swiss Asset Management AG, Sentinel Technologie AG, IPVISIONTECH AG, STAR MINERALS TRADING AG, RIBO ROYAL AG, K Vera International AG, SGIT Capital AG, Software Direction AG, New Agro AG, Savoy Trading AG, REGENERATE AG, New Swiss Solar AG, IMT (Industrial Metal Trade) AG, Murfield Investment AG, LBFG Supply AG, Custom Projects AG, CORNWELL GROUP AG, Fullerton Maritime AG, Essential Energy AG, Chaince Blockchain International AG, SF Handelshaus AG, Swiss Message Deposit AG, TAPCOM AG, Swiss Global Wealth Management AG, AlphaIO AG, Truly Global AG, 5Day AG, Aviation Support Technologies AG, Cardiff Commodities SA en liquidation …and CEO at GLUCO-Z GmbH, ST Education GmbH, ARSISCO SSC GROUP GmbH, YASH Technologies GmbH, The Inside Knowledge GmbH, …and as well manager at Retn GmbH, 3H20 Capital GmbH, Rose Capital GmbH, Oero International GmbH, Lux Hospitality GmbH, Global 6 Group GmbH, Altituud Capital GmbH, CyberSecurity Swiss Group GmbH, Wonop GmbH, VIR Trading Commodities GmbH, KIM Consulting Sàrl and also some other activities in several other organizations.

    The website IP is 217.70.186.115 cloud hosting with 369 other sites and uuups… on IP :25 is an eMail server from secureswissdata.com. Registered was the website 08 March 2015 from The Inside Knowledge GMBH, Suite 105972, Paradeplatz 1, 8001 Zurich.

  15. Craig

    This sounds like something out of one of James Veitch’s videos, especially those where he leads on the would-be scammer.

  16. Tomaso

    I have pointed ncsc.ch ex Melani aka the Swiss Cert to this article. They replied that they would look further into the matter.

    Thanks a lot “Forensic Studies” for the additional research. Huge thanks to Brian for the original research and article. You are shining light on my path and so make me see clearer. Extremely thankful for that.

  17. Alex

    I swear I’ve had John Bernard email me in the past as the signature is just too unique. I figured it was Nigerians and fobbed it off as a scammer. I’m sure Bibi contacted me to. This was a long, long time ago.

  18. Andrew

    I have to admit I actually met John Bernard last year and introduced him to a company that I was trying to raise $25 million for called Toledo Solar Inc. He was actually a really nice guy, albeit he was a very private individual surrounded by security when I met him and paranoid about who he did business with, he bought me a nice lunch and to start with we had a good relationship.

    He entered into an agreement to make the investment but before doing so he wanted to have some due diligence done. He brought in a firm that was the downfall of the deal. The investment opportunity said they had orders of around $900 million and that they were valuing their company in excess of $100 million to which he was sceptical about. My partners and I were convinced though that this was a good opportunity and pressed Bernard to invest.

    Whilst the company was and still is fundamentally a good company they didn’t really have the orders that they had suggested and unfortunately for us Bernard had brought in a due diligence company who dissected the opportunity piece by piece and who produced a damming report on what had presented initially. Needless to say the company valuation was way off and they didn’t have the order book that they had said they did. It was at that point that the relationship turned sour, Bernard was very angered that he had effectively been lied to and didn’t take it well, He demanded that his costs on looking at the investment opportunity be met although I don’t think that ever happened.

    My partners decided that the best form of defence was to attack and went on a little campaign to try and smear Bernard, even suggesting at some point that Bernard wasn’t his real identity in a vain effort to try and get him to complete the investment. Needless to say it didn’t work and all ended badly.

    I actually lost my job over the whole incident and whilst I can’t blame Bernard for everything, my advice would be if you’re doing business with him be straight and if you have anything to hide don’t because he will find it.

    We live and learn

    1. Josh

      Would I be wrong if I guessed that the IP address for this comment was out of the Ukraine?

      1. Gunther

        Sounds like “Andrew” or maybe real name “John” is trying to scare Mr. Krebs or the investment bankers about posting this “smear” campaign.

        Brian keep up the good work! (When you will make this site design responsive design/mobile friendly?)

    2. Ron

      Notice the lack of naming the due diligence company. Notice that “Andrew” never admitted his position in this supposed transaction. I love reading Brian Krebs articles, the comments are priceless. False flag operations abound.

Comments are closed.