Live Wire
20:44ZMIDDLEEASTExplosion reported off coast of Sirik, near Strait of Hormuz20:41ZCLASHREPORIranian missiles strike Ramat David Airbase in northern Israel, reportedly destroying a warehouse20:41ZWFWITNESSCanada equalizes in 78th minute, 1-1 with Bosnia in friendly20:40ZGEOPWATCHCanada equalizes 1-1 against Bosnia in match at Toronto Stadium20:40ZTASNIMNEWSHezbollah drone attack hits Israeli military center in Galilee20:39ZRNINTELBernice King denounces conviction of Karmelo Anthony20:35ZDDGEOPOLITFPV drones destroy bridge in Kharkiv region20:34ZWFWITNESSU.S. Military Draws Up Plans to Secure Iran's Nuclear Materials If Peace Deal Reached20:44ZMIDDLEEASTExplosion reported off coast of Sirik, near Strait of Hormuz20:41ZCLASHREPORIranian missiles strike Ramat David Airbase in northern Israel, reportedly destroying a warehouse20:41ZWFWITNESSCanada equalizes in 78th minute, 1-1 with Bosnia in friendly20:40ZGEOPWATCHCanada equalizes 1-1 against Bosnia in match at Toronto Stadium20:40ZTASNIMNEWSHezbollah drone attack hits Israeli military center in Galilee20:39ZRNINTELBernice King denounces conviction of Karmelo Anthony20:35ZDDGEOPOLITFPV drones destroy bridge in Kharkiv region20:34ZWFWITNESSU.S. Military Draws Up Plans to Secure Iran's Nuclear Materials If Peace Deal Reached
Markets
S&P 500742.09 0.04%Nasdaq25,889 0.31%Nasdaq 10029,636 0.64%Dow513.26 0.04%Nikkei91.87 0.93%China 5035.28 0.00%Europe89.8 0.20%DAX42.31 0.05%BTC$63,420 0.17%ETH$1,663 0.39%BNB$603.11 0.32%XRP$1.13 0.05%SOL$66.62 0.41%TRX$0.315 0.65%HYPE$61.01 4.74%DOGE$0.0876 1.86%LEO$9.69 1.99%RAIN$0.013 1.97%QQQ$722.09 0.10%VOO$682.34 0.05%VTI$366.75 0.08%IWM$293.26 0.10%ARKK$75.55 0.11%HYG$79.94 0.01%Gold$386.79 0.06%Silver$61.46 0.28%WTI Crude$125.48 0.02%Brent$47.81 0.02%Nat Gas$11.36 0.09%Copper$38.86 1.72%EUR/USD1.1567 0.00%GBP/USD1.3402 0.00%USD/JPY160.20 0.00%USD/CNY6.7623 0.00%S&P 500742.09 0.04%Nasdaq25,889 0.31%Nasdaq 10029,636 0.64%Dow513.26 0.04%Nikkei91.87 0.93%China 5035.28 0.00%Europe89.8 0.20%DAX42.31 0.05%BTC$63,420 0.17%ETH$1,663 0.39%BNB$603.11 0.32%XRP$1.13 0.05%SOL$66.62 0.41%TRX$0.315 0.65%HYPE$61.01 4.74%DOGE$0.0876 1.86%LEO$9.69 1.99%RAIN$0.013 1.97%QQQ$722.09 0.10%VOO$682.34 0.05%VTI$366.75 0.08%IWM$293.26 0.10%ARKK$75.55 0.11%HYG$79.94 0.01%Gold$386.79 0.06%Silver$61.46 0.28%WTI Crude$125.48 0.02%Brent$47.81 0.02%Nat Gas$11.36 0.09%Copper$38.86 1.72%EUR/USD1.1567 0.00%GBP/USD1.3402 0.00%USD/JPY160.20 0.00%USD/CNY6.7623 0.00%
CLOSEDNYSEopens in 2d 16h 39m
themonexus.
Vol. I · No. 163
Friday, 12 June 2026
20:50 UTC
  • UTC20:50
  • EDT16:50
  • GMT21:50
  • CET22:50
  • JST05:50
  • HKT04:50
← back to Saturday edition◉ LIVE ON THE WIREfollow this thread in real time
Culture

Inside the 'Airplane' Economy: How Telegram-Based Fraud Networks Target Chinese Users

A Chinese social media account's viral post naming a fraudulent gambling platform has reignited debate about how fraud networks exploit Telegram's encrypted channels to target users — and why enforcement remains so fragmented.
By Monexus Staff Writereast-asia5-minute read3 May 2026☆ Save↗ Share⎙ Print
A Chinese social media account's viral post naming a fraudulent gambling platform has reignited debate about how fraud networks exploit Telegram's encrypted channels to target users — and why enforcement remains so fragmented.
A Chinese social media account's viral post naming a fraudulent gambling platform has reignited debate about how fraud networks exploit Telegram's encrypted channels to target users — and why enforcement remains so fragmented. / Cointelegraph / Photography

On 3 May 2026, a Chinese social media account operating under the handle SisterTucao posted a screenshot-heavy thread naming MF Mingfan Entertainment as a fraudulent gambling platform that had allegedly defrauded users of nearly one million yuan — roughly $137,000 at current exchange rates. The post, distributed via the Guancha Telegram channel and cross-posted to Chinese social platforms, went viral within hours among online fraud-awareness communities. What it surfaced was not a new phenomenon but a well-documented one: fraud networks using Telegram's encrypted, pseudonym-friendly architecture to build, operate, and scale gambling scams with a degree of operational security that makes cross-border enforcement a persistent challenge.

The appeal for scammers is structural. Telegram offers end-to-end encryption, channels that can host thousands of members without requiring phone-number visibility, and a bot interface that automates everything from customer support to payment settlement. In Chinese internet slang, the app is commonly referred to as "airplane" — a phonetic echo of its logo — and operating accounts there are known as maintaining an "airplane account." That terminology appeared directly in SisterTucao's thread: the scammer's airplane account and the fraudulent betting platform were named in the same breath, a signal that the poster understood the fraud operation's architecture as much as its outcome.

The platform governance gap

Telegram's moderation record in Chinese-language spaces is inconsistent. The company has acted on verified terrorism and CSAM reports, and its 2022 legal troubles in Germany — where a Berlin court held it liable for unlawful content on specific channels — appeared to signal a shift toward greater responsiveness. But enforcement against financial fraud, particularly gambling, has remained lighter. The company's terms of service prohibit scams, yet the reporting pipeline for fraud in Chinese languages is slower and less staffed than for content in Western languages. The result is an asymmetry: fraud networks optimise for the language and geography where their platform host is least operationally present.

MF Mingfan Entertainment appears to have operated across that gap. The platform advertised via Telegram channels and coordinated payment collection through embedded bot systems that require no formal company registration and no financial institution as intermediary. Users transferred funds — sometimes directly, sometimes via cryptocurrency — into accounts controlled by operators who could liquidate and disappear before formal complaints reached any regulator with jurisdiction.

This is not unique to MF Mingfan. Chinese-language fraud-awareness accounts across Weibo and WeChat have for years catalogued similar platforms, often citing identical operational patterns: a Telegram channel, a branded app, a customer service bot, and a payout system that dissolves the moment enough users have accumulated losses. The scale is rarely one million yuan. Researchers who track these networks estimate that individual platforms routinely absorb tens of millions in user deposits before shuttering, with new domains registered and new Telegram channels opened within days of shutdown.

The enforcement maze

Why does it persist? Part of the answer is jurisdictional. Telegram DMCC, the company's registered entity, is domiciled in the Dubai International Financial Centre — a jurisdiction with limited mutual legal assistance treaties covering financial fraud with some Southeast Asian countries where these platforms often originate or terminate funds. Chinese law enforcement can issue requests, but enforcement depends on whether the platform holds assets or operates personnel in a country with an active treaty relationship. The answer for many of these operators is no on both counts.

Chinese internet regulators have tightened domestic controls: platform-level restrictions on gambling content, blocked access to offshore betting sites, and periodic crackdowns on illegal lotteries. But the Telegram layer sits outside those controls by design. The app is accessible in China via VPN, and the platforms targeting Chinese users often deliberately operate from overseas domains to stay beyond domestic enforcement reach. This is a documented feature of how cross-border fraud adapts to regulatory pressure — it migrates to the next least-governed node in the network.

What the viral post achieved

SisterTucao's thread did not file a legal complaint. It named a platform and an operator account to a community that had no legal standing to act on that information. Its value was reputational and informational: warning potential future victims, building a collective record that may inform future law enforcement requests, and — in the Chinese social media context — generating the kind of engagement that pressures platforms to respond out of reputational risk even when legal obligations are unclear.

Whether that mechanism works is contested. One camp holds that public exposure is the only leverage available when legal routes are blocked — naming and shaming creates enough business risk to force operators to abandon a platform rather than rebuild under a new domain. The other camp notes that the same dynamics have been in place for years, and the platforms keep reappearing. The economic logic of fraud, absent a coordinated enforcement mechanism, tends to favour continuation.

Stakes and what remains unclear

The million-yuan figure cited in the SisterTucao post represents confirmed reported losses from users who could document their transfers. Researchers who study these networks note that reported figures are almost always a fraction of actual losses — many users do not file complaints, language barriers prevent coherent documentation, and the documentation itself would need to be presented in a form that Chinese courts could act on, which requires knowing which jurisdiction to approach. The true scale of the MF Mingfan operation, if it was comparable to similar platforms tracked by fraud-awareness communities, likely exceeded that figure substantially.

What remains unresolved is whether the naming of the platform in a Telegram channel constitutes actionable intelligence for any authority with jurisdiction to act. The sources reviewed do not indicate that any law enforcement agency has confirmed an investigation. Telegram's own response to the naming, if any, is not documented in the available record. The SisterTucao post functions as a community alert, not a legal instrument — and the gap between those two things is where these fraud networks have routinely survived.

The episode is a small data point in a much larger pattern: encrypted messaging platforms have become infrastructure for financial fraud at a scale that outpaces the institutions built to address it. Whether community-driven exposure meaningfully alters that calculus, or merely documents it, is the unresolved question the article cannot answer — because the sources do not yet show the outcome.

Wire provenance

This editorial synthesis draws on the following public wire/social posts:

  • https://t.me/guancha_cn
© 2026 Monexus Media · reported from the wire