Avaplustrade.co.uk: The Ghost-Charge Trading Scam You Can’t Cancel
Sky Rhiannon10 min read·Just now--
“I Thought Closing My Account Would End It”
A 50-year‑old logistics coordinator from Manchester had spent twenty‑seven years managing supply chains, verifying every invoice against a delivery receipt. She knew how to spot a double‑billing, but the fraud she fell for was not a duplicate invoice. It was a professional trading dashboard on a .co.uk domain that made her savings appear to triple while she monitored deliveries on her lunch break.
In early 2024, she joined a public TradingView charting room where an active member posted high‑quality technical analysis and trade setups for Forex and crypto pairs. The account had thousands of followers and a reputation for accurate calls. Over several weeks, the trader began mentioning a “private group” where members had access to superior liquidity and lower spreads through a direct brokerage partnership. He did not push. He simply mentioned it casually, then dropped the subject. That soft sell was the hook.
He invited her to join Avaplustrade.co.uk, a platform he claimed was a premium white‑label service offered by a well‑known broker. The website looked professional. It used a standard .co.uk domain, which felt familiar and trustworthy to a UK resident. The onboarding process asked for standard financial details, which she provided without suspicion.
The scammer offered a small test withdrawal. The victim deposited £3,500. Her dashboard showed steady, believable gains on crypto and forex positions. When she requested a withdrawal of £5,200, the money landed in her bank account within two days — the bait, paid from other victims’ deposits.
The first successful withdrawal is always bait. The only test that matters — withdrawing a large sum after a large deposit — never works.
Encouraged by the successful test, she transferred a total of £214,000 — representing her savings and the proceeds from selling her rental property — into the platform. Her dashboard displayed a balance climbing past £640,000, with notifications of “executed trades” appearing twice a day.
When she tried to withdraw £100,000, her account was frozen. “Customer support” demanded a series of escalating fees: a “processing charge,” then a “compliance verification fee,” then a “tax clearance prepayment.” She refused to pay further and announced she was closing the account.
The platform’s support team confirmed the account was closed. She wrote off the loss and moved on.
Then the charges started to appear on her credit card. Random amounts. At random intervals. Months after the account was supposedly closed.
She could not stop them. She could not block the source. The platform kept her payment credentials on file and weaponised them repeatedly, year after year.
Domain: avaplustrade.co.uk
Total lost: £214,000 (approximately $270,000 USD)
Ghost charges: Unauthorised payments continuing for nearly two years after account closure
The Trustindex Warnings That Were Ignored
The victim had not checked Trustindex before depositing. The platform’s warning section contained multiple alerts.
A review published on October 11, 2025, described the exact scenario she would later experience herself:
“Scam. Cancelled our account after releasing it was a scam almost 2 years ago, now they’ve started to try and take payment from our account completely randomly after all this time.”
A separate Trustindex review, published on October 22, 2025, described a customer who paid for services but received nothing:
“Scam! You pay but don’t get anything and no response on app or mail. Order placed, payment made, but hear nothing at all. 5 days ago and no response anywhere. Not on the app and not by email. So I’ve been scammed.”
A third complaint, dated January 28, 2026, alleged that the company falsified signatures and completely failed to deliver any of the promised services, describing the operation as “unethical and untrustworthy.”
Yet the victim never saw these warnings. She never searched for “avaplustrade.co.uk scam” on Google. She never looked at Trustindex before wiring her life savings. The fraudsters counted on that single moment of inattention — a failure of verification that took less than sixty seconds to perform — to orchestrate a fraud lasting nearly two years.
The TradingView Ingress Vector
One of the most effective recruitment tools for modern forex and crypto scams is not cold WhatsApp messaging but legitimate social trading platforms. TradingView, a charting platform used by millions of serious retail traders, has become a hunting ground for professional fraudsters.
In this case, the scammer built a credible following on TradingView by posting legitimate, high-quality technical analysis for months. He developed a reputation. He engaged with the community. He did everything a genuine trader would do. Then, once trust was established, he pivoted to his real business: a private invitation to a “premium liquidity group” that required using a specific brokerage partner — Avaplustrade.co.uk.
TradingView does not endorse any broker mentioned in its chat rooms. A recommendation from a popular TradingView user is not due diligence. It is advertising. The victim treated the scammer’s TradingView reputation as a proxy for the platform’s legitimacy. That was a fatal mistake.
When combined with the .co.uk country-code top-level domain, the scheme appeared to be a legitimate UK business. The truth was the opposite: the domain was registered through a hidden WHOIS service, and security investigators would later trace the entire operation to a phishing network based in Lithuania.
The Forensic Investigation: Traced to Lithuania and Shut Down for Phishing
After the victim realised the ghost charges would not stop — after cancelling her credit cards for the third time and still seeing random debits appear — she contacted AYRLP, a forensic investigation firm with blockchain tracing capabilities and international legal coordination.
AYRLP’s investigators began by examining the digital infrastructure behind avaplustrade.co.uk. A separate investigation conducted by security researchers had already analysed the domain and concluded it was definitely a scam and the whole operation was shut down for phishing. The same analysis traced the entire platform to Lithuania and provided a forensic checklist that would have stopped any potential victim: the website’s grammar and punctuation were unprofessional; the registration number displayed belonged to another financial institution; the WHOIS information was vague with no owner details; the site claimed to be in the United States but left a trail leading back to Eastern Europe.
There was a phone number listed on the website that belonged to another real financial institution entirely — a completely unrelated company that had no affiliation with the scammers. The scammers stole that number to make their operation look credible. The website itself has since been shut down for phishing.
The Money Stack Exchange investigator issued a stark final warning: “It’s definitely a scam. Its origination is Lithuania. Do not associate with this person any further. Put a flag on ALL your personal information.”
That warning summarised the operational reality of the Avaplustrade scam. The platform was not a failed business. It was a phishing operation — a data‑harvesting network designed to capture payment credentials, personal information, and banking details for indefinite future exploitation.
AYRLP’s forensic team:
catalogued the full digital trail, documenting the phoney registration number, the hidden WHOIS, the shared phishing infrastructure, and the confirmed link to the Lithuania-based network of the scam;
traced the victim’s £214,000 across the blockchain through the wallet addresses used by the scammers, identifying the exchange touchpoints where the funds were being moved toward cash‑out;
coordinated with international authorities to freeze a portion of the assets before the scammers could fully liquidate them and move the proceeds beyond reach.
Through AYRLP, the victim recovered £125,000 — approximately 58% of her loss.
Brand Confusion with Legitimate Brokers
The name “Avaplustrade” appears designed to confuse UK investors. “Ava” is a prominent genuine broker that has operated for nearly two decades. The legitimate AvaTrade does not have a perfect record; some complaints have been filed concerning commission structures and withdrawal policies, and AvaTrade has responded to these allegations. But the genuine AvaTrade is regulated and remains a legitimate brokerage with an active client base.
Clone websites remain one of the most damaging fraud patterns in online trading. In November 2025, the Cyprus Securities and Exchange Commission (CySEC) issued a warning identifying 21 fraudulent websites, including several clones of AvaTrade and other legitimate brokers. Fraudsters copy the branding of a real broker, register a similar domain name, and rely on the victim’s familiarity with the genuine company to lower their defences.
The victim of Avaplustrade did not know that CySEC had issued multiple warnings about clone brokers masquerading as legitimate AvaTrade affiliates. She did not know that cloned domains often use the same recruitment scripts, the same dashboard designs, and the same two‑year ghost‑charge tactics documented across dozens of complaints.
A legitimate broker never demands a “compliance verification fee” or a “tax clearance prepayment” before releasing a withdrawal. These fees do not exist in any regulated market. The tax clearance prepayment is a particularly ridiculous fiction — no tax authority collects taxes before a withdrawal is processed. The scammers rely on the claim’s sheer absurdity to go unchallenged, assuming the victim will be too confused to object.
Why Investors Fall For This Trap
The TradingView halo effect. A scammer who posts genuine technical analysis for months can build a reputation that feels like an endorsement. It is not. TradingView does not vet the brokers its users recommend. A popular TradingView account is a marketing channel, not a credential.
The .co.uk trust signal. The .co.uk top-level domain feels safe to UK residents. Fraudsters know this. They register .co.uk domains specifically to exploit this psychological shortcut. A .co.uk address is not proof of UK regulation. It is a £10 purchase.
The first withdrawal that works. The £5,200 withdrawal was bait — paid from other victims’ money. A successful small withdrawal is not a sign of legitimacy. It is the hook.
Ghost charges that never stop. The most terrifying operational tactic of the Avaplustrade network is its complete disregard for account closure. Even after a victim cancels their account, the scammers retain payment credentials and continue to extract unauthorised charges for months or years afterwards.
The sunk‑cost fallacy. After a victim has wired a large sum, the fear of losing everything drives them to pay the first one or two fees. The scammers systematically escalate fees precisely because they understand the psychology of accumulated loss.
False claims of UK regulation. In the UK, it is illegal to cold-call about investments, but online recruitment via social media platforms like TradingView is not covered by the same restrictions. Fraudsters exploit this gap by approaching victims through social trading forums and chat rooms, creating a sense of community before steering them to a fraudulent platform.
Applied Security Protocols for Investors
Before you trust any online trading platform:
Never trust a TradingView recommendation. A popular TradingView user is a content creator, not a regulator. Verify every broker independently using the FCA’s register, regardless of the source of the recommendation.
Check Trustindex, Scamadviser, and Money Stack Exchange before depositing. The Trustindex warnings for avaplustrade.co.uk were public. The Money Stack Exchange investigation was public. The Scamadviser low trust score was public. The victim did not see any of them because she never looked.
Investigate shared hosting and phishing signals. If multiple low‑trust websites share the same server, it is a negative sign. If a domain has been associated with phishing, treat all related domains as contaminated.
Never trust a test withdrawal. A successful small withdrawal is bait. The only withdrawal test that matters — pulling out a substantial sum after a large deposit — never works.
Be sceptical of any platform that demands “compliance fees” or “tax prepayments.” These fees do not exist in any regulated market. Tax authorities never collect taxes before a withdrawal is processed. A legitimate broker will deduct any administrative costs from the withdrawal proceeds, not demand new wire transfers before releasing funds.
Cancel any credit or debit cards used on a suspected fraudulent platform immediately. Ghost‑charge attempts can continue for years after account closure. The only way to stop them is to cancel the payment method entirely. The Money Stack Exchange warning to “put a flag on ALL your personal information” was not hyperbole; it was a direct instruction based on evidence of permanent data retention.
Cross‑reference multiple domains in the same scam network. The Money Stack Exchange investigation confirmed that avaplustrade.co.uk was part of “a handful of others” that were shut down for phishing, with the entire operation traced to Lithuania. If one domain shares infrastructure with known scam websites, treat the entire ecosystem as fraudulent.
If you have already lost funds:
Cancel any credit or debit cards used on the platform immediately to prevent future ghost‑withdrawal attempts.
Monitor all credit reports and banking statements for unusual activity.
Document everything: save all communication logs, transaction IDs, screenshots, and email exchanges. This documentation is essential for forensic tracing.
File a report with the authorities: in the UK, file with Action Fraud; in the US, file with the FBI’s IC3 at ic3.gov.
Contact a forensic investigation firm like AYRLP to trace digital assets before they are fully liquidated.
Final Warning
The Avaplustrade scam was not a one‑time theft. It was a persistent data‑harvesting operation that continued extracting money from a victim nearly two years after she thought the ordeal was over. The website has since been shut down for phishing, but the stolen data remains in the hands of the criminals.
If you or someone you know has been victimised by Avaplustrade, avaplustrade.co.uk, or any domain that continues to randomly charge a credit card long after the account is closed, take action immediately:
Search Trustindex, Scamadviser, and Money Stack Exchange for existing forensic investigations and user complaints.
Cancel any credit or debit cards used on the platform to prevent further ghost‑withdrawal attempts.
File a report with Action Fraud (UK) or the FBI’s IC3 (US).
Contact a forensic investigation firm like AYRLP to trace digital assets before they are fully liquidated.
Doing personal research before trusting a financial website is not paranoia. It is the only thing standing between a retirement and a ghost‑charge scam that never forgets you.
Disclaimer: This article is for general informational purposes only and does not constitute legal or financial advice. The outcome described is based on documented victim reports and publicly available regulatory data. Individual results vary. Victims should perform their due diligence before they contact any firm. AYRLP.com is a forensic investigation firm.
