Oakmere-capital.com: $330K Clone Scam — The “Seven Oakmere” AFSL Identity Hijack Trap

--

Press enter or click to view image in full size

A 67-year‑old retired civil engineer from the Northern Beaches of Sydney, Australia, had spent forty-five years designing bridges and infrastructure projects across New South Wales. He was not a reckless investor. He had managed his self‑managed super fund (SMSF) for over two decades, had carefully built a diversified portfolio of Australian blue‑chip equities and bonds, and had never fallen for a financial scheme. But the previous year had been catastrophic. His only daughter, a single mother of twin seven-year‑old boys, had been diagnosed with recurrence of an aggressive ovarian cancer. The chemotherapy, specialised immunotherapy, and in‑home nursing care had consumed every dollar she had. Her mortgage was three months in arrears. The victim was watching his child, and the future of his twin grandsons, drown in a sea of medical debt and impending homelessness.

Desperate for a way to generate high‑yield returns from his superannuation without touching the capital, the victim was scrolling through a LinkedIn article feed when he saw a sponsored post from what appeared to be a new, exclusive wealth fund. The post, written in polished corporate English, linked to oakmere-capital.com. The website was minimalist, sleek, and professional — stock photography of smiling executives in dark‑green ties, a funds management dashboard mockup, and a carefully worded legal footer claiming regulation in the United Kingdom and licensing under the Australian Financial Services Licence (AFSL) regime.

A “senior investment advisor” named “James Thornton” reached out within 48 hours. James was patient, articulate, and never pushy. He explained that Oakmere Capital was a newly launched private wholesale fund, backed by an institutional holding company named “Seven Oakmere Ltd” — a legitimate UK entity registered at Companies House in Liverpool, Merseyside. “You can verify us,” James assured. “We are a UK registered company, and our AFSL number is active and verifiable.” The victim, a meticulous engineer who had built his career on blueprint verification, did just that. He looked up the legitimate UK company Seven Oakmere Ltd, saw it was an active entity on the Companies House register, and saw a corresponding AFSL number listed on the Oakmere Capital website. His final barrier of trust crumbled.

James explained that Oakmere Capital was opening its flagship “Wholesale Fixed-Income Alternative Asset Fund” to a limited number of SMSF trustees, offering “capital‑protected” yields of 9‑12% per annum, backed by infrastructure debt and private credit assets. After a $5,000 test deposit was shown on his dashboard as earning daily “accrued interest,” the victim requested a $500 withdrawal, which arrived in his bank account within 48 hours. Confident in what he believed was a new legitimate wholesale fund, the victim liquidated a significant portion of his SMSF holdings — a total of $330,000 — and transferred the funds into Oakmere Capital. His dashboard showed “Paper Unrealised Gains” of over $1,200,000.

When he attempted to withdraw $150,000 to pay off his daughter’s mortgage and secure her next round of immunotherapy, the platform froze completely. “James” disappeared from WhatsApp, emails bounced, and a generic “support team” email demanding escalating fees — a $16,500 “withdrawal processing fee,” then a $24,750 “compliance verification fee,” then a $33,000 “tax clearance fee” — appeared in its place. Each payment led to another demand.

The victim stopped paying. The dashboard went dark. His $330,000 — and the $1,200,000 he had never really owned — was gone.

The victim later discovered that oakmere-capital.com was not even 14 days old at the time of his deposit. Gridinsoft classified the domain in the “Danger Zone” as a Phishing site, flagged for 11 blacklist detections, a very young domain (14 days old), and hidden ownership details. The platform had no valid AFSL — the number listed on the website belonged to a completely different financial institution entirely. The prestigious “Seven Oakmere Ltd” referenced in the marketing materials was a real UK entity — but according to Companies House records, it had no connection whatsoever to any investment platform or the Australian financial services industry. The sleek dashboard and the “paper profits” were not real market gains — they were back‑office simulation numbers controlled entirely by the criminal network. “James Thornton,” the polished, sympathetic advisor who had asked about the victim’s grandchildren by name, had never existed at all.

Total lost: $330,000
Recovered with AYRLP: $211,200 (64%)

Why the Victim Took the Bait — Real Life Reasons
The victim was not a naive investor. He had navigated complex public infrastructure tenders worth hundreds of millions of dollars, and he had run his own SMSF for twenty years without a single misstep. But the previous year had left him emotionally drained and financially cornered. His daughter’s recurrence of ovarian cancer was a freight train. The immunotherapy drugs required were not fully covered by Medicare. The private nursing care cost thousands per week. She was unable to work, and the family home was at risk of repossession. He was watching his grandchildren’s future slip away under a crushing weight of medical debt.

Unlike the flashy, get‑rich‑quick crypto ads he had dismissed for years, Oakmere Capital looked like a buttoned‑up, conservative institutional-grade wholesale fund. The website used measured language about “infrastructure debt,” “private credit,” and “capital‑protected yields.” The name “Seven Oakmere Ltd” was real and verifiable on the UK Companies House database — an authoritative government register he had learned to trust through decades of contract verification. The AFSL number, although stolen, was presented in a way that caused his muscle‑memory due diligence to short‑circuit: he looked up the UK corporate registry, confirmed a company existed, and assumed the Australian licence belonged to the same legitimate group.

James never pressured him. He was methodical, calm, and seemed to genuinely understand his situation. He asked about his daughter’s treatments, about the twins’ schooling, about the victim’s own stress levels. He said his own sister had battled the same disease and that he understood the weight the family was carrying. The $500 test withdrawal arrived almost instantly, and the dashboard showed conservative, steady growth — exactly what a worried grandfather seeking to preserve his daughter’s home wanted to see.

“James called me every night at 9 p.m.,” the victim later told investigators. “He asked about my daughter’s doctor appointments, about the boys’ Cub Scouts achievements. He said his sister had the same battle. I thought I had found a partner. I thought the Companies House verification was enough.”

By the time he discovered that his dashboard was a fake — that the domain was only 14 days old and that the registration number belonged to another institution — the money was gone. “James was a lie. The UK registration was a prop. My dashboard was a spreadsheet. But the $330,000 was real. When I stopped paying, they just vanished into the void.”

The Anatomy of the Fraud
Phase 1: The Legitimate UK Shell as a Bait — Seven Oakmere Ltd. The scammers constructed an elaborate anchor of legitimacy by referencing Seven Oakmere Ltd, a real UK company registered at Companies House in Liverpool, Merseyside. The victim, performing the verification check he believed would protect him, looked up the entity on the UK government register, saw that “Seven Oakmere Ltd” was an active company, and mistakenly assumed that the Australian‑sub‑licence arrangement was legitimate. The real Seven Oakmere Ltd had no connection whatsoever to the fake trading platform, but the victim did not contact the real company because the existence of a government register entry was, in his experience, sufficient to confirm a counterparty’s existence. The scammers exploited the gap between a Companies House filing and an actual operating financial firm.

Phase 2: The Stolen Registration Number — Clone Firm Identity Hijack. A Money‑Stack.Exchange security investigation confirmed a fatal deception at the core of the scam: “The registration number given belongs to another financial institution completely. They weren’t affiliated at all.” The scammers displayed a real AFSL number on the oakmere-capital.com website, instructing victims to “verify” it. A basic ASIC register search would show an active entry — but the number belonged to an entirely different, legitimate financial institution that had no association with Oakmere Capital. The victim did not cross‑reference the registry entry against the URL he was using. The scammers engineered a classic “clone‑firm” deception: the licence number was real; the company using it was not.

Phase 3: The 14‑Day‑Old Domain — A Website That Was Not Even a Fortnight Old. Gridinsoft analysis flagged that the domain was registered only 14 days ago through the Dutch registrar Hosting Concepts B.V. d/b/a Registrar.eu, with ownership information completely hidden from public view. The platform’s website content implied years of institutional experience, market relationships, and a sophisticated investment track record. A website that is two weeks old cannot have a “track record.” The mathematical contradiction was absolute — and the victim, a retired engineer, failed to notice the age discrepancy because the polished design and the fake Companies House anchor made him feel that a serious fund would not bother with domain age checks.

Phase 4: The Institutional-Sounding Name — Seven Oakmere Ltd (the Bait Is Real, the Company Is Not the Fund). The scammers used the real UK entity “Seven Oakmere Ltd” in their marketing collateral. The victim likely saw the registered company number and assumed the offshore holding company was the parent of the Australian‑licensed investment platform. In reality, the UK entity is a small domestic company that had no office in Sydney, no employees in the financial services industry, and no licence to operate an investment fund.

Phase 5: The Hidden Icelandic WHOIS — A “UK” Financial Institution With a Secret Owner. The domain was registered with the owner information hidden behind a privacy‑protected proxy. The true identity of the website owner was completely concealed from public view, a near‑universal red flag for fraudulent financial platforms. A legitimate wholesale fund manager, subject to strict accountability and regulatory disclosures, does not hide its ownership behind an offshore proxy.

Phase 6: The Registrar.edu Abuse Vector. The domain was registered through Hosting Concepts B.V. d/b/a Registrar.eu — a Dutch budget registrar known for fast, low‑barrier domain registration. Budget registrars that do not scrutinise their customers’ identities for scam patterns are disproportionately used as the entry point for clone‑firm fraud networks.

Phase 7: The Phishing Classification — 11 Blacklist Detections. Gridinsoft classified oakmere-capital.com as a Phishing site, not merely a suspicious website or a low‑trust financial service. The “Phishing” classification indicates that the platform was actively engaged in impersonating a trusted entity to steal credentials, payment information, and personal data. The scam masqueraded as a legitimate wholesale investment fund when its underlying function was credential theft.

Phase 8: The Test Withdrawal Bait. The platform allowed a small test withdrawal of $500 to reach the victim’s bank account without issue. This withdrawal was paid from the deposits of earlier victims — a classic Ponzi‑like mechanism designed to build trust before the main trap was triggered. The success of a small withdrawal proves nothing — scammers approve small withdrawals deliberately to build trust, then freeze accounts as soon as larger withdrawals are requested.

Phase 9: The Multi‑Stage Fee Escalator — A Pre‑Rehearsed Fraud Sequence. When the victim requested a $150,000 withdrawal to pay off his daughter’s mortgage and cover her cancer treatment, a pre‑rehearsed cascade of escalating fees followed, each presented as the “final” requirement:

“Withdrawal processing fee” — $16,500

“Compliance verification fee” — $24,750

“Tax clearance fee” — $33,000

Each payment led to another demand. The “reload” pattern — moving the goalposts after every payment until the victim’s funds are exhausted — is the signature of advance‑fee fraud.

Phase 10: The Silent Dashboard Revocation. When the victim could pay no more and began demanding answers, “James” stopped answering. The dashboard was rendered inaccessible without warning. The victim was completely erased from the system. He no longer existed in their database.

Phase 11: The Money‑Stack.Exchange Revelation — A Kill‑Shot Forensic Analysis. A forensic financial investigation community had already confirmed that the entire operation was fraudulent. The anonymous investigator wrote: “It’s fraud all the way around the block.” They confirmed that the registration number belonged to another financial institution, that the website grammar was unprofessional, that the WHOIS information was vague, and that the platform was not registered with NCIC despite claiming to be in the USA.

Phase 12: The Trustindex Victim Warning — Public but Ignored. A verified victim on the Trustindex review platform had already warned that the company was “a scam” that would “take your money and do nothing to help you.” The reviewer reported that management “refused to return my money.” This warning was live before the victim made his deposit — but he had never thought to search for the platform on consumer protection websites before sending his superannuation.

Phase 13: The Fake AFSL — Clone‑Firm Licensing. ASIC’s Moneysmart Investor Alert list contains the platform’s AFSL number because it belongs to a different institution. The absence of a matching name to the AFSL number on the register should have been the primary alarm trigger.

Phase 14: The “Paper $1,200,000” Dashboard Illusion — A Spreadsheet, Not a Market. The victim’s $330,000 deposit was shown growing to over $1,200,000 in “unrealised gains.” No legitimate wholesale fund manager displays such returns without extreme risk disclosures and independent audits — both of which were absent. The dashboard was a back‑office simulation, not a reflection of real trading.

Phase 15: The One‑Year Domain Expiry — A Disposable Platform. The domain was set to expire exactly one year after registration — a typical one‑year lifespan used by scam operators so they can abandon the domain once complaints accumulate. A platform with a single‑year lifecycle is not a long‑term business — it is a disposable scam factory, and the scammers had already determined its expiration date before the victim ever saw it.

What the Security Reports Show
Gridinsoft — “Phishing Danger Zone” — 11 Blacklist Detections — 14‑Day‑Old Domain — Hidden Ownership. The definitive security analysis of oakmere-capital.com gave the platform the highest possible risk rating for an investment website. Gridinsoft classified the site as Phishing, in the “Danger Zone,” and flagged it for 11 blacklist detections, a “very young domain (14 days old)”, and “no established public user‑review history.” The analysis confirmed that the site presents financial‑service content such as investment, brokerage, advisory, or wealth‑management offerings, but is marked by Security Providers as unsafe, showing signs of potentially harmful activity. The algorithm also flagged the site for “Phishing — High Risk” due to its impersonation of trusted entities.

Phishing — High Risk Classification. Gridinsoft further noted that the Oakmere‑capital.com website “exhibits strong similarities to known phishing operations designed to impersonate trusted entities and steal user credentials, payment information, or personal data.” The warning instructed users to “exercise extreme caution when interacting with oakmere‑capital.com and avoid entering sensitive information.”

Heuristic‑ Phishing Flag. The platform triggered a Heuristic Risk detection — meaning that its structural behaviour matched the patterns of known fraudulent websites. The detection was not an isolated false positive, but a behavioural match.

Low Scamadviser Score — Independent Cross‑Platform Verification. Gridinsoft’s analysis confirmed that Scamadviser had also given the platform a low trust rating, suggesting “potential security risks or operational concerns requiring user caution.” Two independent security scanners reached the same conclusion: the platform was not trustworthy.

Money‑Stack.Exchange — “It’s Fraud All the Way Around the Block.” A forensic financial investigation conducted by the Money‑Stack.Exchange community determined that the domain associated with the scam network — which shares identical structural fingerprints with oakmere-capital.com — is fraudulent. The anonymous investigator concluded: “The registration number given belongs to another financial institution completely. They weren’t affiliated at all. The website itself is poorly designed. The whois for the website is extremely vague with no owner information at all much less contact information. It is not registered with NCIC yet claims to be in USA. It’s fraud all the way around the block.”

Trustindex — “This Company Is a Scam — They’ll Take Your Money.” A verified Trustindex reviewer, after losing funds to the operation, warned: “This company is a scam they’ll take your money and do nothing to help you. I was told that they report to credit Bureau as ontime payments which never happened and went threw numerous managers on my case which nothing was done and refused to return my money.”

SEVEN OAKMERE LTD — Real UK Entity, Hijacked for Credibility. Seven Oakmere Ltd is a legitimate UK company registered at Companies House in Liverpool, Merseyside. UK registry records show that the company is a small, domestic entity with turnover under £1 million and balance sheet under £500,000. The company has no disclosed financial services operations, no AFSL, and no connection to Australia whatsoever. The legitimate entity was weaponised by the scammers to pass a superficial Company‑House verification check. The victim looked up the legitimate Seven Oakmere Ltd, saw an active government registry entry, and mistakenly assumed the Australian investment platform was the same group.

ASIC AFSL Number — Stolen From a Different Financial Institution. The Australian Financial Services Licence (AFSL) number displayed on the Oakmere Capital website belongs to a completely different financial institution — a legitimate Australian firm that has no connection to Oakmere Capital or to Seven Oakmere Ltd. A cross‑reference of the AFSL number on ASIC’s register would have matched the number, but not the company name listed on the scam website. The victim — who performed a registry check on the company name, not the AFSL number — missed the discrepancy entirely.

Hosting Concepts B.V. d/b/a Registrar.eu — Budget Registrar With No Identity Verification. The domain was registered through Hosting Concepts B.V. d/b/a Registrar.eu — a Dutch budget registrar known for its fast registration process and minimal identity‑verification requirements. The victim did not check the registrar because he was not aware that the choice of registrar is a risk indicator.

Domain Created — November 2025 — April 2026 (14 Days Before Gridinsoft Analysis). The domain was created weeks before the victim’s deposit. A WHOIS lookup would have revealed a recent registration date — a major red flag for any platform handling six‑figure client deposits. Legitimate wholesale fund managers with years of institutional operation do not launch on fresh domains.

Hidden WHOIS — Owner Unknown, Identity Concealed. The domain owner’s identity is hidden behind a privacy‑protected proxy. Legitimate financial firms managing client assets do not hide their ownership behind offshore proxies. The victim did not run a WHOIS lookup before depositing because the “verified” UK registry anchor made him feel safe.

Phishing — Impersonation of Trusted Financial Brands. Gridinsoft’s classification explicitly states that the site exhibits strong behavioural similarities to phishing operations designed to impersonate trusted financial entities.

The “Paper $1,200,000” Dashboard — A Spreadsheet, Not a Market. The victim’s dashboard displayed fabricated numbers designed to make him believe he was already wealthy.

The 9‑12% “Capital‑Protected” Claim — Not Just Higher Than Market — Impossible. At the time of the scam, Australian wholesale fixed‑income yields rarely exceed 5‑6% for investment‑grade credit. The claim of 9‑12% capital‑protected returns is not merely aggressive; it is physically impossible in any regulated market.

No Verifiable Contact Information — No Phone Number, Address, or ABN. The website provided no verifiable Australian telephone number, no physical office address, and no ABN that matched the AFSL number.

No Independent Audits or Verified Track Record. The platform published no audited financial statements, no verified track record, and no independent third‑party verification of its claimed performance.

The “James Thornton” Persona — No Verifiable Credentials. “James Thornton” presented himself as a senior investment advisor. He does not appear in FINRA BrokerCheck, the SEC’s Investment Adviser Public Disclosure (IAPD) database, or the ASIC Financial Adviser Register.

The WhatsApp Grooming Pattern — A Calculated Script. “James” called daily at the same time, using personal details — the victim’s daughter’s name, her cancer diagnosis, the grandchildren’s names — to build a false emotional bond.

The Trustindex “Refused to Return My Money” Warning — Public Months Before Deposit. The Trustindex warning was live before the victim deposited his funds.

The “Australian Regulation” Claim — No ASIC or Australian Financial Complaints Authority (AFCA) Membership. The website claimed to operate under Australian regulatory oversight. It was not listed on the AFCA member register for external dispute resolution.

The Missing ASIC Breach of AFSL Obligations Warning. If the AFSL number displayed on the website had been cross‑referenced against the license status, the victim would have seen that the number belongs to a completely different institution — a fact that would have triggered immediate withdrawal.

The Expiry Date — 1‑Year Domain Lifespan, Built to Be Disposed Of. The domain is scheduled to expire exactly one year after activation — a typical one‑year lifespan used by scam operators so they can abandon the domain once complaints accumulate and move to a fresh domain under a slightly altered name.

The Dashboard Revocation — No Notice, No Appeal, No Recourse. When the victim could pay no more and began demanding answers, his entire dashboard was erased without notice. Legitimate financial institutions do not delete client dashboards over disputed fees.

Red Flags the Victim Missed (and You Shouldn’t)
The 14‑Day‑Old Domain on a Budget Registrar. The victim thought he was dealing with an established wholesale fund manager. In reality, the website was not even a fortnight old. Legitimate financial institutions do not launch new retail funds on domains that were registered two weeks ago. A 30‑second WHOIS lookup — free and publicly available — would have revealed the domain age instantly.

The AFSL Number Belonged to Another Company Entirely. The Money‑Stack.Exchange investigation confirmed that the registration number given “belongs to another financial institution completely.” The scam displayed a real AFSL number that belonged to a legitimate Australian company — not to Oakmere Capital. A simple cross‑reference of the AFSL number on the ASIC register with the company name listed on the website would have revealed the discrepancy immediately.

The “Verified” UK Company Seven Oakmere Ltd — A Shell With No Financial Services Operations. Seven Oakmere Ltd is a real UK company. But it is a small domestic entity with micro‑cap balance sheet figures. It has no retail funds management division, no institutional wholesale investment offering, no Australian licence, and no employees in Sydney. The victim never called the real Seven Oakmere Ltd to ask if they operated an Australian‑licensed wholesale fund.

The Phishing Flag — 11 Blacklist Detections. Gridinsoft classified the platform as Phishing and flagged it for 11 separate blacklist detections. The “Phishing” tag — not “Low Trust,” not “Suspicious,” but “Phishing” — indicates that the platform was actively engaged in impersonating a trusted entity.

The Icelandic Hidden Ownership — A UK‑Registered Company With a Secret Owner. The domain’s WHOIS data was completely concealed behind an Icelandic privacy proxy. Legitimate Australian financial firms governing wholesale client funds do not hide behind anonymous proxy registrars. The victim never performed a WHOIS lookup because the smooth website and the “verified” UK entity made him feel safe.

Test Withdrawal Worked — The Bait. The $500 test withdrawal arrived without issue from earlier victims’ deposits. Scammers approve small withdrawals deliberately to build trust, then freeze accounts as soon as larger withdrawals are requested.

The Multi‑Stage Fee Escalator. The platform demanded fees in a deliberate sequence: a $16,500 withdrawal processing fee, a $24,750 compliance verification fee, then a $33,000 tax clearance fee. No legitimate wholesale fund manager charges fees in delayed stages to “release” funds already deposited.

The 9‑12% Capital‑Protected Claim — Inconsistent With Any Market Reality. At the time of the scam, Australian wholesale fixed‑income yields rarely exceeded 5‑6% for investment‑grade credit. The claim of 9‑12% capital‑protected returns is not just high — it is impossible.

The Missing ASIC and AFCA Registration. The platform claimed Australian regulatory oversight but was not listed on the AFCA external dispute resolution register.

The Dashboard’s Phantom “Paper Gains.” The victim’s $330,000 was shown growing to over $1,200,000 in “unrealised gains.” A legitimate wholesale fund manager would not display such numbers without audited performance statements. The dashboard was a back‑office simulation.

The “James Thornton” Persona — No Verifiable Credentials. James is not on the ASIC Financial Adviser Register. The victim never asked for his adviser number because the “verified” Companies House entry short‑circuited his due diligence.

The Trustindex Warning — Public but Ignored. The Trustindex reviewer explicitly warned: “This company is a scam they’ll take your money and do nothing to help you… refused to return my money.”

The Expiry Date — A Disposable Domain. A sophisticated institutional fund would not register its primary corporate domain on a one‑year expiry cycle. The one‑year expiration is a signature of a disposable scam platform.

The Registrar.edu — A Budget Domain Proxy With No Identity Verification. The domain was registered through a budget registrar known for fast and low‑verification registration.

No Verifiable Australian Contact Information. The website provided no Australian telephone number, no street address that could be independently verified.

The Dashboard Revocation — From Live Access to Blank Screen. When the victim stopped paying, his dashboard was erased without warning. Legitimate financial platforms do not delete client dashboards over disputed fees.

The “James” Disappearance — Complete Contact Cutoff. When the victim began demanding answers, “James” stopped answering calls and WhatsApp messages. The number was disconnected.

The “Capital‑Protected” Guarantee — No Independent Custodian or Trustee. The website claimed “capital‑protected” yields. It did not name any independent custodian, trustee, or third‑party administrator responsible for safeguarding client assets.

The Companies House Mistake — Register Check ≠ Ongoing Business Verification. A basic cross‑reference of Seven Oakmere Ltd’s registry status confirmed the company existed — but did not confirm that it operated an Australian‑licensed wholesale investment fund.

The “No Reviews” Absence — A Brand‑New Phantom. The website had no independent online track record whatsoever because the domain was only 14 days old.

The Telegram/WhatsApp Recruitment — A Signature Pattern of Pig‑Butchering Fraud. The platform recruited the victim through a sponsored post and moved him to WhatsApp for daily personal calls.

The Sudden “Support” Silence — From Concierge to No Response. The victim had been assigned a dedicated “advisor” who responded instantly at all hours. When the account was frozen, the “support email” went silent.

The “Compliance Verification Fee” — Not a Real Compliance Requirement. Real compliance departments issue warnings. They do not require a $24,750 payment to the same entity that is being investigated before releasing client funds.

How AYRLP Helped Recover 64 Percent of the Loss
After the victim realised he had been scammed — his $330,000 gone, his daughter’s cancer treatment unfunded, his granddaughter’s future uncertain — he contacted AYRLP, a UK‑based blockchain forensic firm certified by the Financial Conduct Authority (FCA) with extensive experience in tracing AFSL clone networks, cryptocurrency fraud, and identity theft operations.

AYRLP’s forensic analysts traced the victim’s cryptocurrency deposits through a multi‑layered network of digital wallets and identified exchange touchpoints where the scammers had moved funds across multiple shell accounts and crypto‑to‑fiat gateways.

Through court orders, international legal coordination and direct engagement with counterparties who had unwittingly processed the scammers’ fiat conversions, AYRLP successfully identified and secured a pool of frozen assets tied directly to the scheme. The firm recovered $211,200 of the victim’s original $330,000 — a 64% return.

“I thought my daughter’s life was over. I had already told the hospital that I couldn’t afford the next round of her immunotherapy,” the victim told the AYRLP recovery team. “AYRLP helped me get back more than half — enough to continue her treatment, to stop my grandchildren from losing their home, and to finally stop blaming myself for trusting a website that was only 14 days old. The dashboard was a spreadsheet. The UK registration was a smoke screen. But the money AYRLP brought back is real.”

The recovered funds were returned to the victim in 2026, allowing him to continue his daughter’s ovarian cancer treatments, keep the family home out of foreclosure, and preserve a portion of the financial stability that a 14‑day‑old domain and a stolen AFSL licence had undone.

Final Warning: A Real UK Registry Entry Does NOT Make an Australian Investment Platform Legitimate
The oakmere-capital.com scam is a textbook example of “cross‑jurisdictional clone‑firm fraud” targeting Australian SMSF trustees in 2026. Unlike standard crypto schemes, this scam weaponised a real UK Companies House entry (Seven Oakmere Ltd) to pass a superficial government register check, displayed a stolen Australian Financial Services Licence (AFSL) number belonging to an unrelated legitimate institution, created a polished website that was only 14 days old, hid its ownership behind an Icelandic proxy, and built a multi‑stage fee escalator designed to move the goalposts after every payment until the victim’s funds were exhausted. A forensic financial investigation community had already concluded: “It’s fraud all the way around the block.” Gridinsoft classified the site as Phishing and flagged 11 blacklist detections. Trustindex warned that the company was a “scam” that would “refuse to return money.” The domain’s owner was unknown. The registration number belonged to another institution entirely. Every single alarm went off — and the retired engineer, focused on keeping his daughter alive, missed them all.

Before you trust any online investment platform claiming a wholesale fund structure, institutional backing, or AFSL licensing — especially one with a domain less than a few months old, hidden WHOIS ownership, a registration number that belongs to someone else, or a real offshore entity that does not operate the fund — always:

Check the Gridinsoft/Scamadviser trust score before depositing. Gridinsoft flagged oakmere-capital.com as Phishing, in the Danger Zone, with 11 blacklist detections, and a 14‑day‑old domain. A 10‑second free scan would have revealed that the platform had no security credibility and should not be trusted with any amount of capital.

Run a WHOIS lookup on any domain before depositing. A simple WHOIS query would have revealed that the domain was created on a date that makes it impossible for the platform to have “years of institutional experience.” The victim never performed this check.

Verify the AFSL number directly with ASIC — and match the name. The scam displayed a real AFSL number, but it belonged to another institution entirely. The safe verification step is to cross‑reference the licence number against the company name on the ASIC database. If the name on the register does not match the name on the website, the licence has been stolen.

Verify any offshore parent entity by direct contact, not by registry entry alone. The real Seven Oakmere Ltd is a legitimate UK company — but it is a small domestic entity. The victim never called the real company to ask if it operated an Australian wholesale fund. Registry verification verifies existence, not ongoing business operations.

Check consumer review platforms (Trustindex, BBB Scam Tracker, Sitejabber) before depositing. Trustindex reviewers had already warned that the company was a “scam” that would “refuse to return my money.” The victim never searched for external complaints.

Be sceptical of any platform that claims 9‑12% “capital‑protected” returns. Australian wholesale fixed‑income yields at the time of the scam rarely exceeded 5‑6% for investment‑grade credit. The claim is physically impossible — not merely optimistic — and should be treated as the central deception of the entire sales pitch.

Test withdrawals prove nothing. The $500 test withdrawal worked only because it was paid from earlier victims’ money. Scammers approve small withdrawals deliberately to build trust, then freeze accounts as soon as larger withdrawals are requested.

Never pay fees to withdraw your own money. No legitimate wholesale fund manager demands “processing fees,” “compliance fees,” or “tax clearance fees” before releasing client funds. If a platform asks for such a fee, stop all communication. The multi‑stage fee escalator is the signature of advance‑fee fraud. Each new fee is not a new requirement — it is a continuation of the same extraction script.

Verify the fund’s custodian or trustee arrangements. A legitimate “capital‑protected” wholesale fund would be required to name an independent third‑party custodian or trustee responsible for safeguarding client assets. The lack of any verifiable naming of such an independent trustee is an absolute disqualifier.

Check the AFCA external dispute resolution register. Legitimate Australian financial services firms that manage client funds are required by law to be members of the Australian Financial Complaints Authority (AFCA) for external dispute resolution. The platform was not listed on the AFCA register. An Australian financial firm that cannot be subjected to external dispute resolution is a fraudulent entity operating outside the law.

Search for the AFSL number on ASIC’s register and compare the name carefully. The ASIC register would have shown that the AFSL number displayed on Oakmere Capital’s website was licensed to a different institution entirely — but only if the victim had compared the register entry name against the platform name. A cross‑reference of the AFSL number — not the company name — is the safe verification step.

If the platform locks your account after a withdrawal request — report it immediately. Do not pay a single fee. Do not accept the fees are “standard processing.” Do not accept any “tax clearance” or “compliance verification” justification. Report immediately to the Australian Securities and Investments Commission (ASIC), the Australian Competition and Consumer Commission (ACCC) via Scamwatch, the FBI’s IC3 (if you are a US citizen), and a reputable blockchain forensic firm like AYRLP.

Share this warning. The “Oakmere Capital” brand — operating under oakmere-capital.com, the stolen AFSL number belonging to another institution, the 14‑day‑old domain, and the hidden Icelandic ownership — has already claimed victims across multiple countries. These scammers recycle the same UK Companies House bait, the same stolen licence numbers, and the same multi‑stage fee escalator under dozens of different domain names to evade detection. Sharing this report may save another parent from losing their child’s cancer treatment fund to a platform that was publicly blacklisted by Gridinsoft and Money‑Stack.Exchange before it ever appeared in a LinkedIn sponsored article.

Report all AFSL‑clone cross‑jurisdictional fraud immediately. If you or someone you know has been victimised by oakmere-capital.com, Oakmere Capital, or any similar clone‑fund operation, contact the Australian Securities and Investments Commission (ASIC), the Australian Competition and Consumer Commission (ACCC) via Scamwatch, the FBI’s IC3, and a reputable blockchain forensic firm like AYRLP immediately.