Blockchain And Cryptocurrency Provider

Common scams involving cryptocurrency and how to avoid them

cropped fraud prevention 3188092 960 720

Table of Contents

Introduction

Scams have been around since the dawn of time. The crypto space is not immune to hacks, scams and thefts and has seen it’s fair share unfortunately.  Some traditional scams are also turning to crypto where they once used more traditional techniques for money transfer.

Blockchain characteristics such as decentralization, immutability and anonymity can be a double edged sword. The benefits of this revolutionary technology can also appeal to scammers, particularly because there is no central authority that oversees transactions and mediates disputes. You can’t take the transaction back (immutability) and although transactions are publicly viewable, it’s difficult to tie an identity to an address.

Some common scams

Below we’ll look at some common scams you should you be aware of and some tips that can help you avoid them.

Email and phone extortion scam

Extortion scams are nothing new, but the scammers are now using crypto to facilitate extortion payments. In the US, some people are even getting phone calls claiming to be from agencies like the IRS and demanding payment in Bitcoin. Users in the US are sometimes guided to their nearest bitcoin ATM to send funds. There are several other known fraud schemes, which are used in order to direct people to deposit money at bitcoin ATMS. 

Cryptocurrency payments are irreversible. If you are asked to use a bitcoin ATM in order to deposit cash and scan someone else’s QR code — please stop. This is a scam, and you will lose your money. No official authority will ask you to pay through a bitcoin ATM.

You can view known scam addresses at the bitcoin who’s who website here.

Social media advance-fee scam

All over twitter, particularly in the comments of popular personalities you’ll find spoofed profiles offering “special gifts” for all fans. Scammers will often offer you Bitcoin or Ethereum, right after you send them some “to confirm your address”. If you want someone to send you an email then you tell them your email address. You don’t need to send an email first. Similarly, with cryptocurrency, you simply provide them your public address. 

Vitalik Buterin changed his profile to “Vitalik Non-giver of Ether” because of the many scammers spoofing his twitter profile. Elon Musk also had his profile targeted by scammers who successfully deceived many users into sending crypto. 

For their part, Twitter have taken steps to crack down on this and there’s not as many fake accounts. You’ll now see a blue check-mark symbol next to the names of verified accounts so you can easily spot the real vs fake profiles. Bottom line, never send crypto to someone on social media who is  promising to send more to you in return. This is always a scam.

Buterin

E-mail advance-fee scam

E-mail is often used for the classic advance-fee scam. In this case the victim is asked to pay money to someone upfront in anticipation of receiving something of greater value after. These come in many elaborate guises such as the common “Prince of Nigeria” scam.  Recently these scammers have been using bitcoin as the payment system to swindle users.  

These emails follow a similar pattern. Someone you don’t know contacts you promising untold sums of money for little or no effort on your part, but you’re always asked to provide money up front. Thankfully the spam folder takes care of most of these emails. If it slips through the spam then don’t respond to these emails or click on any links provided. That said, if you want a laugh, take a look at this TED video on responding to one of these spam emails. 

Phishing scams

Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords and bank details by pretending to be a legitimate entity. It’s usually carried out by email spoofing and will contain a link that will take you away to a site which looks to belong to a legitimate organization. 

In recent times these scams have been targeting crypto space with links to very realistic looking cloned exchange websites that request the user provides details that are then used to steal funds. These scams can also install malware that wreaks havoc on your computer.

Some things to watch out for:

  • Look at how you’re addressed in the email. Scammers will use a general greeting normally
  • Often the e-mail will be crafted with poor english
  • Always double-check URLs to make sure you’re visiting the genuine website and check the SSl cert
  • Never click on suspicious links that are emailed to you
  • Never disclose your private key or backup phrase via email to anyone
phishing 3390518 960 720

Ponzi / Pyramid schemes

If it sounds too good to be true, it usually is. Bitconnect was a classic example of this. If anyone is offering you guaranteed returns, then it’s likely a ponzi scheme.  People were encouraged to recruit people under them in a multi-level marketing structure. Money is made by paying older investors with money from newer investors —  a classic sign of a ponzi. The video of infamous Bitconnect spokesperson Carlos Matos should also have raised doubts. 

More recently, the third largest Ponzi scam in history, Plus Token Wallet, allegedly scammed investors out of $3 billion in cryptocurrency. Over $2.1 billion of this is in Bitcoin. Statements like below from Plus Token Wallet should raise red flags straight away.

“Our super wallet will let you earn interest (profit sharing concept). 6-18% “

There is no such thing as “risk-free investing” “or “guaranteed returns”.  Don’t allow yourself to be pulled into any of these schemes because someone will always be left paying the tab at the end. 

SIM port attack

SIM porting or swapping has been on the increase lately. It involves transferring a person’s  phone number to a SIM card held by the attacker. They do this by contacting the carrier pretending to be you or else bribing employees of the carrier in some cases.. Once the attacker has the phone number it can use it to reset  passwords and break into accounts. This includes accounts on cryptocurrency exchanges as American investor Michael Terpin found out last year.

Ask your carrier for extra protection for your number such as a pin or passcode. SMS Based 2FA is not enough so use Google Authenticator or similar 2FA. Remove your phone number from all gmail accounts and protect your online identity.

Bottom line from a crypto perspective is never store a large amount of crypto on an exchange and use a hardware wallet like Trezor, Ledger or Keepkey for the best security.

Ransomware attacks

ransomware 2320941 1920

Ransomware is a type of malicious software, or malware, designed to deny access to your computer or  data until a ransom is paid Bitcoin and other cryptocurrency are often used for the ransoms.The attacks are typically carried out using a Trojan that is disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. WannaCry is a famous example of a ransomware that spread through the internet and caused a lot of damage. 

Most security firms will advise not pay the ransom. It encourages and funds attackers and even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.

Always have your data backed up, use antivirus software and make sure that software are up-to-date with relevant patches. Above all, be vigilant and careful about links and downloads.

Conclusion

We’ve only scratched the surface here and there’s a lot more scams out there to be wary of. We haven’t mentioned ICO scams, but that probably deserves an article in and of itself

Here are some practical steps you can take to protect yourself better:

Share this 

Facebook
Twitter
LinkedIn
Bryan

Bryan

Based in Ireland, Bryan is the founder and CEO of Boinnex. He has worked for almost a decade as an IT Project Manager contracting across finance, banking, insurance, tech, and healthcare industries. He found his way into the crypto space in 2017 when he started a contract role with IOHK — the dev company behind the Cardano blockchain. Since then, he has continued to be actively involved in different projects in the crypto and blockchain space. He enjoys learning, writing, and sharing knowledge about all things crypto.

Have any questions? Write them below

Leave a Reply

Sign up for our Newsletter

Receive daily updates directly in your favorite email.