- Recognizing Common Cryptocurrency Scams
- Fraudulent cryptocurrencies
- Fake exchanges
- Pump-and-Dump Circuits
- P2P Trading Fraud
- Fake apps
- Ponzi schemes
- Exit fraud
- DeFi scam
- Phishing scams
- Authorized Push Payment Fraud
- Scams with fake cryptocurrency job advertisements
- Scams with free cryptocurrencies
- Duplication fraud
- Free token giveaway scam
- Fake celebrity endorsements
- Crypto-romance scams
- Cryptocurrency mining scam
- Address poisoning
- Impersonating someone else
- Twitter Cryptocurrency Scam Tactics (X)
- How to Recognize Cryptocurrency Scams
- Too good to be true?
- Project legitimacy
- White paper
- Is the title spelled correctly?
- Can I report cryptocurrency scams?
Cryptocurrency has revolutionized the way we think about and interact with money, but with great innovation comes great responsibility. The digital landscape is rife with scams and scammers looking to profit from unsuspecting investors. Protecting your hard-earned digital assets requires vigilance, research, and sound techniques. In this post, we'll look at the different types of crypto scams, provide important tips on how to avoid crypto scams, and provide tips for reporting and recovering from scams.
Main conclusions:
- Cryptocurrency scams are becoming increasingly common due to their lucrative value, with the largest cryptocurrency heist to date occurring in 2022 with the Ronin Network hack.
- Some of the most common cryptocurrency scams include fake crypto exchanges, app scams, phishing, pump-and-dump, Ponzi schemes, business opportunity scams, and the newest scams such as crypto job posting scams.
- One of the easiest ways to spot and avoid cryptocurrency scams is to determine the project's background.
Recognizing Common Cryptocurrency Scams
Cryptocurrency scams come in various forms, each carefully designed to separate you from your digital assets. The tactics used by crypto scammers are as varied as they are dangerous. To protect your assets, it is important to remain vigilant and familiarize yourself with these scams.
Understanding how these scammers operate and being able to recognize warning signs are key steps to preserving your assets.
Fraudulent cryptocurrencies
One of the easy to spot scams is fake cryptocurrency projects. These projects usually present themselves as alternatives to more established cryptocurrencies. For example, a cryptocurrency may claim to be an upcoming fork of an existing cryptocurrency like Ethereum (ETH) or simply a new cryptocurrency from Ethereum’s parent company. They lure you into it because cryptocurrencies like Ethereum are booming, but at the same time, it may be too late to invest in ETH to make a big profit.
Many people don’t know how cryptocurrencies work at all. But they are willing to invest because of the “fear of missing out” (FOMO). Once the people behind the fake cryptocurrency feel they have enough money, they can transfer all the crypto investments to their bank accounts and quickly close the scam project, leaving the “investors” without their assets.
An example is My Big Coin — a fake cryptocurrency that was used to steal $6 million from investors who believed it was real.
Fake exchanges
Another common cryptocurrency scam is fake exchanges. These fake exchanges build a reputation in the crypto community by claiming to be legitimate and offering seemingly better rates and airdrops than legitimate exchanges. Soon after investors buy these coins, they are no longer able to purchase them. In fact, these fake exchanges often disappear and remain uncontacted.
For example, BitKRX convinced many people that it was one of the largest cryptocurrency exchanges of the decade, which led to a large-scale theft of people's money. The scammer of this exchange was reprimanded by local authorities in South Korea in 2017.
Pump-and-Dump Circuits
Pump and dump schemes originate from the stock market. The basic idea behind a pump and dump scheme is that the price of an asset is predicted to go up in the future, so people invest in it at a lower price. This automatically causes the price of the item to go up as demand begins to exceed supply. Once the person/group behind the pump and dump scheme has made enough money, they dump the project.
Inspired by major cryptocurrencies like Bitcoin (BTC), investors try to hype and promote fake plans for the cryptocurrency to attract more buyers. As a result, people start investing in the cryptocurrency, believing that its prices will skyrocket based on seemingly strong fundamentals. However, once they realize that the “innovative” plans were a scam, the cryptocurrency is dumped, resulting in significant financial losses for everyone involved — except the scammer behind the scheme.
P2P Trading Fraud
When trading cryptocurrencies on exchanges that offer peer-to-peer (P2P) trading services, be aware that P2P fraud can occur if a seller attempts to bypass the exchange's escrow system by making an outside transaction with a buyer. After the seller receives payment from the buyer, the scammer pretends that the transaction did not go through and refuses to fulfill his part of the deal.
Learn more: How to avoid P2P trading scams
Fake apps
App scams involve malicious apps that steal funds or personal information from unsuspecting users. Fraudsters may create fake cryptocurrency trading apps or use popular platforms to scam victims. Fake apps are often quickly detected and removed from official app stores, but thousands of people may already be victims of their scams.
Typically, these apps are based on existing ones and only the letter in their name may be different to fool people into thinking they are real. Once you download these apps, they can inject malware into your device or steal your data if you enter your sensitive information. Being careful when downloading apps, checking reviews, and checking the legitimacy of the app developer will help you avoid falling victim to these scams.
Ponzi schemes
The essence of a Ponzi scheme is that a scammer finds two investors and lures them into giving him money so that they can "double" their investment. To do this, the scammer finds four more investors who, in turn, provide the same amount of money, allowing the scammer to "fulfill" his promise to the first two investors. And to return the money to all four investors, the scammer deceives eight more people, then sixteen more, and so on.
The implication is that the person behind the Ponzi scheme does not actually invest the money collected from investors, but steals it, using the money of subsequent investors to pay off each round of investors. For example, BitClub Network was one of the largest Ponzi schemes in the cryptocurrency world, with three people managing to run a scheme worth over $700 million. Fortunately, all participants were caught and arrested by government officials. However, investors never received their investments.
Exit fraud
Most cryptocurrencies raise funds for the development of their projects through initial coin offerings (ICOs). ICOs can be private or public, depending on the team behind the project. During an ICO, the price of tokens or coins after they are released to the cryptocurrency market turns out to be lower than expected. So investors are using this opportunity to buy a lot of coins through the ICO while funds are being raised for the project.
However, after the ICO, the people behind the project can close down and keep the money for themselves. This is known as exit fraud. Since the core idea of cryptocurrencies is anonymity, tracking down the scammers behind ICOs can be difficult. This makes money scams one of the most dangerous on the Internet.
DeFi scam
Decentralized finance (DeFi) relies heavily on smart contracts to make these services possible. The everyday use of DeFi is yield farming. Like stacking, yield allows you to borrow some of the coins you own to earn more coins through interest rates.
However, since anyone can start their own DeFi project, scam DeFi projects can also emerge. These projects seem to offer you higher interest rates if you lend your money, but the person behind the project never returns your coins. Another classic scam in the DeFi space is the “red carpet,” where the project creator suddenly withdraws all the funds invested by users.
All these scams are carried out through manipulation of the smart contract code or hidden mechanisms that allow liquidity to be drained. As a result, investors are left with worthless tokens or completely empty wallets.
Phishing scams
Phishing is the act of sending fraudulent emails to people in an attempt to trick them into providing personal information such as phone numbers, social security numbers, and cryptocurrency account numbers.
For example, scammers pose as a legitimate company that makes Ledger wallets and send you an email claiming that there is a problem with your assets and the only way to resolve it is to give them your seed phrase and password. While most people may not fall for these scams, some do, resulting in significant financial losses for them.
Authorized Push Payment Fraud
Authorized payment (APP) fraud occurs when a fraudster tricks a victim into initiating a cryptocurrency transaction into an account controlled by the fraudster. This type of fraud is especially common in the cryptocurrency space due to the anonymity and irreversibility of cryptocurrency transactions.
For example, scammers may promise investment opportunities that are too good to be true, with a well-crafted offer to lure users into partnering. This typically occurs when scammers offer subscription-based services or trading signals with verified insider information on cryptocurrency price movements or price predictions for the next bull run. They then manipulate trading charts by placing their own trades to fabricate results, creating the illusion of a successful forecast.
Scams with fake cryptocurrency job advertisements
One of the most common cryptocurrency scams in 2023 involves fake cryptocurrency job postings, even on legitimate sites like LinkedIn. Scammers are targeting people looking for jobs in the crypto industry, taking advantage of job seekers' desire to work in this fast-growing field. They sell their personal information, trick them into paying agency fees, etc., making empty promises.
Scams with free cryptocurrencies
Many scammers take advantage of unsuspecting people by distributing private keys to wallets purporting to contain valuable digital assets. These keys are often distributed to different recipients through different channels.
Scammers lure victims with the promise of free cryptocurrency. Once people have access to a wallet with the provided key, they may notice a significant balance. This prompts them to try to transfer funds to their wallet. However, malicious wallets lack the necessary “gas” — the fee for processing transactions on the blockchain network.
Many scammers take advantage of unsuspecting people by distributing private keys to wallets purporting to contain valuable digital assets. These keys are often distributed to different recipients through different channels.
Duplication fraud
Duplication scams are notorious among gamers who prey on users who want to make a quick and easy profit. The scheme works on a simple principle: scammers promise to double your cryptocurrency assets if you send them a specified amount.
They may lure you in with an offer like “send 1 ETH and get 2 ETH back!” While the allure of doubling your investment may be strong, this is a classic case of scam.
Once you send your cryptocurrency to the scammer's address, you will never see it again. This is a simple but effective scheme that thrives on the victim's hope for easy profits, leaving him with no chance of recovering lost funds.
Free token giveaway scam
Attackers may try to exploit users by spamming them with seemingly valuable tokens. These tokens are sent to random wallet addresses to incentivize recipients to take further action.
Be careful if you receive unexpected mailings. Fraudsters may use malicious code in the token's smart contract or decentralized exchange (DEX) used for trading. This code could give them unauthorized access to your wallet and steal your cryptocurrency holdings if you try to exchange the tokens you receive.
It is very important to be vigilant when working with airdropAirdrop is a type of marketing strategy that involves sending multiple tokens or coins to crypto wallet addresses in exchange for completing small tasks, such as posting a message on social media. This is usually done to raise awareness.... Only interact with tokens from reputable sources in the cryptocurrency ecosystem and verify any claims before proceeding.
Here's an example of a scam:
You should always avoid interacting with suspicious traders or wallet addresses. Be skeptical of unexpected emails, especially if you have never heard of these tokens. Always conduct thorough research to determine the legitimacy of the project and the value of the tokens. Using a reputable cryptocurrency aggregator such as CoinGecko will help verify the market valuation of a token.
Fake celebrity endorsements
A recent example is the creation of a fake Elon Musk account that was used to promote a malicious cryptocurrency project. In addition to creating fake personas, scammers can also use real accounts of influential people. Incidents like the hack of Vitalik Buterin’s Twitter account in September 2023, a prominent figure in the crypto community, clearly demonstrate this tactic. By hacking legitimate profiles, scammers can distribute malicious links and further enhance their deception.
Scammers lure victims with the promise of free cryptocurrency. Once people have access to a wallet with the provided key, they may notice a significant balance. This prompts them to try to transfer funds to their wallet. However, malicious wallets lack the necessary “gas” — the fee for processing transactions on the blockchain network.
One way to avoid falling into these traps is to not give in to the fear of missing out (FOMO) on perceived investment opportunities. Avoid impulsive decisions based on celebrity reviews or social media buzz, and instead favor rational decision-making based on thorough research and due diligence.
Crypto-romance scams
A sophisticated twist on traditional romance scams, this dangerous phenomenon has emerged in cryptocurrency. Criminals establish seemingly genuine emotional connections with victims, exploiting their trust and affection. Once a rapport is established, the scammer tricks the victim into transferring cryptocurrency under false pretenses. These fabricated scenarios can include claims of urgent family needs or lucrative, albeit fictitious, investment opportunities.
Scammers have also infiltrated online communities like Discord servers and Telegram groups, using a tactic known as “crypto bromance.” Here, scammers pose as knowledgeable crypto enthusiasts, gaining the victims’ trust by offering seemingly helpful advice. Once the victim feels comfortable, the scammer uses that trust to trick them into revealing their private keys or to coerce them into taking actions that ultimately empty their crypto wallets.
Cryptocurrency mining scam
Fraudsters dealing mining cryptocurrencies often pose as representatives of well-known companies operating in this industry, such as MetaMask (MEW) or Enkrypt.
They may also make contact by pretending to be friendly and trusting, and then lure unsuspecting victims with promises of significant enrichment through supposedly lucrative cryptocurrency mining programs. To make these opportunities especially attractive, they offer unrealistically high annual percentage rates (APR) as a return on investment. Once victims deposit funds on the said site, they disappear completely, leaving them with no recourse.
Unfortunately, the exploitation doesn’t stop there. Scammers can use a variety of tactics to trick their victims into giving them even more money. Most commonly, scammers will claim that the deposited funds are now locked on the platform and require additional collateral to fully access them. Once the victim agrees to this initial “unlock fee,” scammers can fabricate excuses such as overpayment or underpayment discrepancies. These fabricated issues are then used to justify demands for additional deposits to correct the supposed errors. This cycle can continue indefinitely, with scammers coming up with increasingly elaborate excuses to withhold the promised income.
All the while, they are secretly siphoning cryptocurrency directly into their own wallets. Because such transactions typically occur in self-custody wallets, victims often do not realize the scam until it is too late. This delay allows fraudsters to abscond with stolen funds and avoid detection due to the decentralized nature of cryptocurrency transactions.
If you suddenly find that your funds are unexpectedly locked in the protocol, and subsequent deposits require unlocking, refrain from further investment. This is a red flag for potential fraud, and additional deposits are more likely to add to your losses than to make a profit.
Address poisoning
Address poisoning takes advantage of a common user behavior when making cryptocurrency transactions: copying and pasting wallet addresses. This tactic uses software to create addresses that closely resemble legitimate ones and targets victims who rely on their wallet's recent activity for a quick reference.
Fraudsters often identify used addresses in a user's transaction history. They then use software to create a fake address with a high degree of similarity to the legitimate one, often differing only by a few characters at the beginning or end (the areas that appear in most wallets). To further deceive, a negligible amount of cryptocurrency may be sent to this fake address, causing it to appear next to the recipient in the list of recent transactions.
So, when a user copies and pastes an address from recent activity without carefully checking the entire string, they risk unknowingly sending funds to a scammer's address. Due to the immutable nature of blockchain transactions, these lost funds cannot be recovered.
Impersonating someone else
There is a dangerous trend in cryptocurrency communities on platforms like Telegram and Discord involving deceptive impersonation tactics. Attackers create usernames that are very similar to legitimate administrators or users. This similarity can make it difficult to distinguish genuine accounts from fraudulent ones.
Such parodists often approach unsuspecting people under the guise of offering help or guidance, especially in response to publicly stated requests. However, their true goal is to either gain unauthorized access to users' accounts or lure them out of the platform's secure environment. Once in this situation, these people become vulnerable to phishing attacks or other fraudulent schemes.
However, here are some ways you can protect yourself:
- Check the username and information: Scammers may use the real username in the "Info" section of their profile to mislead users, while usernames are unique as shown in the image above. Pay close attention to this information and compare it with other data to ensure the account is genuine.
- Check for spelling errors: Look for misspellings or sloppy letter substitutions in account names, especially in administrator names. Be wary if your username and screen name do not match, as this may indicate an attempt to imitate a legitimate account.
- Beware of Direct Messages: Be wary if an admin or user contacts you through a direct message rather than posting it to the group. Fraudsters prefer direct messages because they make it more difficult to verify the identity of the sender.
Twitter Cryptocurrency Scam Tactics (X)
Fraudsters often use social media platforms such as Twitter (X) to attract users through deceptive tactics. One common scheme is for scammers to comment on posts of popular key opinion leaders (KOLs) or influencers. Such comments usually promise profitable airdrops or claim to offer automated trading bots that generate risk-free profits. In addition, scammers often disable comments on their posts or replies, preventing legitimate users from alerting others to the scam and further isolating potential victims. In reality, it is a scam designed to trick users into visiting malicious websites or connecting their wallets, ultimately leading to the loss of their funds.
How to Recognize Cryptocurrency Scams
Let's look at a few red flags that indicate a cryptocurrency scam.
Too good to be true?
If something sounds too good to be true, it probably is. This is usually the case with scams that involve pumping and dumping money, but not only them. DeFi projects can offer you returns that are significantly higher than normal. High rates are usually a red flag — the project may be a scam, and the person behind it just wants to convince you to invest more money.
Another red flag is the word “guaranteed,” as nothing is guaranteed when it comes to investments, especially volatile ones like cryptocurrencies.
Project legitimacy
There are many aspects that give a project legitimacy. The first is its founders. If the founders are known, there is less chance that the project will be a scam. Of course, Bitcoin's Satoshi Nakamoto is an exception (in name only), but most cryptocurrencies have a known founder or parent company.
The second thing to keep in mind is whether the project has a legitimate, secure website and social media platform. If the answer is yes, check how they interact with their community and look out for suspicious, unusual responses.
Finally, it is best if you pay attention to the main purpose of the project. Typically, new blockchain projects aim to add new or better services for people. If a project has a real, genuine goal that is achievable (i.e. not too good to be true), it is less likely to be a scam.
White paper
A white paper is one of the most important aspects of a cryptocurrency. A white paper speaks about the legitimacy of a project and also allows people to understand first-hand how the project works. When checking the legitimacy of a white paper, look at the basic characteristics of the project such as the estimated total supply, consensus mechanisms, algorithms, and other components to understand whether the project can function as proposed.
Please note that a white paper does not necessarily prove that a cryptocurrency is legit. Scammers can create a simple, professional-looking, but completely fake “white paper” just to take your money.
Do they ask you to send money?
It goes without saying that asking for money is one of the biggest red flags that indicates a scam. Legitimate cryptocurrency projects never ask for money directly. Scammers, on the other hand, are good at finding ways to scare you into giving them money or access to your crypto wallet.
Is the title spelled correctly?
When it comes to fake apps or exchanges that pretend to be other, more well-known apps, you should always check how the website (URL) is written. For example, “ledger.com” with a lowercase “L” may look the same to many as “Iedger.com” with an uppercase “i,” or an “O” may be typed where a “0” should be.
To avoid becoming a victim of scammers, always carefully check whether the application or site is secure — the URL will start with "https://" — and whether the name matches the original site. Also, check their social media accounts. If there are no accounts on social media or only new accounts, there is a high probability that the project is a scam.
Additionally, while you should never click on ads or links from unknown sources or download their attachments, simply clicking the "reply" button on a suspicious-looking email will allow you to see its email address, which is often easy to spot as fake. Delete the email immediately.
Can I report cryptocurrency scams?
Reporting fraud is an important step in combating fraudulent activity in the cryptocurrency space. There are many organizations dedicated to combating fraud and scams in the cryptocurrency industry. For example, the Internet Crime Complaint Center (IC3) is a great place to report any cyber fraud-related issues.
However, victims of these crypto scams usually cannot get their money back. For example, if you accidentally sent your cryptocurrency to another person, it may be considered lost forever, because everything depends on the person’s desire to return the cryptocurrency. Therefore, it is very important to recognize these warning signs before it is too late.