“If it sounds too good to be true, it probably is.”
The old adage might perhaps be the biggest safe phrase one can use to steer clear of swindlers and protect yourself in any financial deal. This is even truer for protecting against crypto scams which unsurprisingly amount to billions of dollars lost every year.
Why ‘unsurprised’? Wherever there is money, there are scammers. It’s no amazement that the lucrative cryptocurrency markets draw the attention of fraudsters looking to prise away the fortunes of unsuspecting victims.
The slow response of crypto platforms and security experts to counter these scams further incentivize them, pumping losses higher year on year. That is why awareness of the common types of crypto frauds and knowing how to protect yourself is super important.
Although some crypto scams are easily noticed, not all are. Here are some common crypto scams and how to avoid them
Just How Big Are Cryptocurrency Scams Reports?
It’s difficult to put a finger on the total value of funds stolen through cryptocurrency scams since the inception of Bitcoin. The recent numbers are, however, alarming.
In early 2021, scammers took home over $1 billion, according to a report released by the Federal Trade Commission (FTC) — nearly 60 times the amount stolen in 2018, with an average loss of $2600 per individual. By the end of 2021, that number had towered to a record $14 billion in losses, a 516% increase from 2020’s numbers, according to data from Chainalysis. Of this total, 72% were largely facilitated by Decentralized Finance (DeFi) protocols which rose to prominence in 2021.
‘Rug pulls’, a fresh scam facilitated by DeFi hacks, became the most popular way through which scammers stole digital currencies between 2020 and 2021. By December 2021, rug pulls accounted for $2.8 billion of total losses.
While DeFi was the chief accelerator of 2021’s astronomical losses, it certainly wasn’t the only contributor. Nearly half of the victims robbed of their crypto funds since 2020 claimed that the scam process began with a message on a social media platform, usually in the form of social engineering or romance. Most messages were sent through Instagram (32%), with Facebook (26%) taking second place and WhatsApp (9%) and Telegram (7%) bringing the rear.
Fake investment opportunities are the most common content of these messages; unbeknownst to the receiver, the scammer intends to cart away with their funds once they put money into the so-called investment. FTC attributed a whopping $575 million of 2021’s crypto fraud losses to fake investment opportunities alone.
Scammers love cryptocurrency because crypto transactions are irreversible and often untraceable, making it impossible to recover stolen funds. Bitcoin made up 70% of crypto-related scams, followed by Tether at 10% and Ether at 9%.
It’s important to note that these numbers are from fraudulent incidents occurring on just the surface and deep web. A lot more goes on behind the curtains, unrecorded and untraceable, in the shady dark web world where top crypto scams truly thrive.
Techniques Scammers Use And How To Avoid Them
Scammers are always designing new ways to rob unsuspecting targets; as such, there are many forms of crypto swindles. The most popular among them are:
Ever come across a comment on an Instagram or YouTube post about a specialist trader who helped Mr. Jons make X amount of dollars within days after Mr. Jons invested Y amount? Sure you have. It’s not uncommon to see replies to this comment from other people all testifying to the trader’s money growth magic.
This is a practical example of social engineering scams where scammers use psychological manipulation to gain a victim’s trust and control of information relating to user accounts. The idea is to make you think you’re dealing with a trusted source, professional support group, or community. Most times, scammers go as far as sending some crypto fund to the victim’s wallet. Once they gain trust, they demand crypto payments or investments.
To avoid social engineering crypto scams:
- Never engage the so-called experts these comments promote. Half the time, these are done by a tiny group of scammers working with multiple YouTube or Instagram accounts. The accounts may even be that of someone you know if they have been hacked. Don’t fall for it.
- Never send cryptocurrency as payment for a service yet to be done. Don’t invest in an online investment you don’t understand, or that sounds too good to be true. For what it’s worth, duly research the authenticity of any investment or guru first.
Simply put, don’t be Mr. Jons.
Defi Rug Pulls
DeFi became one of the biggest innovations in the crypto ecosystem but also paved the way for bad actors to cart away with investors’ in the form of rug pulls. A typical rug pull starts with a developer attracting investors to a new cryptocurrency project. Once enough money is raised, the developer pulls out before the project is built, leaving the investors with a worthless cryptocurrency.
Since rug pulls are particularly common in DeFi or any project built with smart contracts, non-fungible tokens (NFTs) projects are also used for rug pulls.
Protect yourself against rug pulls by investing only in established cryptocurrency or NFT projects. Thoroughly review the code of any new project and do your background checks on the developers involved.
Fake Initial Coin Offerings (ICOs)
An ICO is a way start-up cryptocurrency companies raise money from users to further build the project. Users are usually promised a discount on new coins or token launches in exchange for more valuable cryptocurrencies like Bitcoin or Ether to the start-up brand.
Rather than keep the promise, fraudulent ICO campaigners would make away with the cryptocurrencies sent. Several ICOs have turned out to be elaborate frauds on huge scales.
Here are ways to protect yourself:
- One of the best ways to protect yourself is to research the team behind a new crypto project before investing.
- Investors are usually provided with an ICO whitepaper that attempts to explain the blockchain-backed project, background, strategy, goals, and timeline for implementation. Thoroughly analyze any ICO whitepaper and take a step further to look for supportive resources such as SWOT analysis, financial models, legal concerns, and terms.
- Don’t invest in companies that do not offer detailed whitepapers.
As a rule, if the project isn’t feasible or looks like something feeding off pure speculation, you should hesitate to invest.
Scammers can poise to be someone they are not. It’s the oldest trick in the book, a newfangled version of classic con artistry.
Typically, they set out as the support personnel of a crypto company and would contact potential victims whose emails or phone numbers they scrabbled from the Internet. Using social engineering, they will make false claims and even offer to manipulate victims into providing personal information that makes them vulnerable to digital theft.
Here’s how to avoid impersonation scams:
- Most crypto and banking platforms already have your data encrypted and will never directly ask for your login details. Never give this information to anyone claiming to be a support staff (or anyone else for that matter).
- Since some scammers only need remote access to your computer to gain further access to your online financial accounts, never give your system’s security details to anyone.
- Use 2-Factor Authentication (2FA) to further secure your online accounts, and don’t share the security codes with anyone.
- Finally, do not send cryptocurrency to external addresses on behalf of anyone claiming to be a support agent of your crypto service providers or bank.
- Always double-check the contact details of your online financial service providers when you get suspicious calls or emails. If they are not an exact match, it’s best not to engage.
Fake Endorsements And Giveaway Scams
Scammers do impersonate executives of crypto companies or pose as a notable cryptocurrency influencer (e.g., Elon Musk) and post screenshots of forged messages promoting a giveaway with hyperlinks to fraudulent websites.
They would then use fake accounts to respond to these posts, affirming the giveaway as legitimate. Once you click through to the fraudulent websites, you’d be asked to “verify” your address or unlock your benefits by sending cryptocurrency to an address.
These scams are deeply intertwined with social engineering, and you shouldn’t trust all social media giveaway promotions or rush to benefit from them. Instead, you should;
- Double-check any promotion against the original company’s website or social media platforms. If it’s real, you’d probably find it on the official accounts. Check the giveaway URL to ensure it directs you to the company’s original website.
- Never send cryptocurrency to secure giveaways or verify an address.
Fraudsters sometimes design fake versions of official crypto websites or fake cryptocurrency exchanges. These websites look similar to the authentic, but their URLs would slightly differ as they attempt to mimic the original to capture the login details of unsuspecting visitors who assume they are dealing with the official website. This is called phishing.
These websites serve as the landing page visitors find when directed by misleading social media posts and other traffic channels, including search engine advertisements, SMS messages, and emails. Phishing works in two ways:
- The scammer gains access to all the details you enter into the website, including login details, crypto wallet’s password, recovery phrase, private keys, and other financial information.
- The website may be designed to steal outrightly instead. In this case, the scammer allows you to withdraw a small number of funds after you’ve invested a token, incentivizing you to invest more. However, the website shuts down or declines subsequent payouts once you invest more money.
To avoid getting phished, ensure you’re dealing with an authentic website when you follow a link on social media, text, email, or ads. Simply enter the original company’s URL on a browser to compare URLs. For example, https://binance.com is not the same as http://b1nance.com. If you don’t know the original brand’s URL, a simple search engine search should help.
If you discover a phishing attack on your US-based cell phone number (through SMS or calls, that is), you can help reduce this scam by sending the content of suspicious SMS texts to 7726 (SPM). This will allow mobile carriers to blacklist and block malicious messages on their network, protecting other potential victims.
When a financial service provider’s network is hacked or data breached, scammers will often steal users’ information to try to extort targets.
They might show you an old password to an online account or claim to have a record of adult websites the user visits. Blackmail scams are designed to trick you into thinking that they have more information about you than they actually do. Usually, they will request you make a cryptocurrency payment to avoid public display or malicious use of your data.
If you’ve ever fallen victim to a blackmail scam, take these steps to protect yourself;
- Report the email you received from the scammer as SPAM to your provider immediately.
- If the passwords or security codes shown to you are those you currently use, change them immediately across all your online accounts.
- Use a reliable malware detection tool like Malwarebytes to run a precautionary malware scan on your computer.
- File a police report about the incident and contact your financial service provider.
Beware of emails, calls, or SMS messages from a fraudulent recruiter offering fake job positions or training in exchange for crypto payments.
No legitimate company would require payments from job applicants. Scammers gather contact details of job seekers who have posted their resumes online and then reach out to them, asking for payment to begin training. Watch out for this, especially when these “job offers” letters include convincing confidential personal information.
Choosing not to reply to suspicious employment emails, calls, or SMS messages is the first step to avoiding scams like this. Endeavor to report such incidents to the company being impersonated using official helplines.
Downloading a fake cryptocurrency app and entering private financial information into it is a common way people get scammed with their money. Scammers do create these fake apps, something as a mimic of an original crypto app, and have them up on Google Play and the Apple App Store. While these apps are quickly found and removed, thousands of people fall victim to them.
Report any fake app you discover to the distribution service hosting it, and be sure to leave a concrete negative review warning others not to download it.
Scammers often create profiles on dating websites or apps and make unsuspecting targets think they are dealing with a serious partner. They patiently work to gain the target’s trust and then start asking for transfers of either cryptocurrencies or even account authentication codes. FTC reported that 20% of the money lost in romance scams was paid out in cryptocurrencies.
The avoid romance scams, we strongly recommend the following:
- Never share personal financial details with anyone online, no matter how far your relationship with them has gone.
- Never send or receive money from anyone you’ve met online, no matter how convincing their story is.
- Use only trusted dating websites as fraudsters tend to want to take conversations off these dating websites as soon as possible.
- Be careful when using a webcam to interact with a new online love interest. The footage could be used against you in a blackmail scam.
Don’t hesitate to report fake dating profiles to the website so they can take down shut accounts.
How To Spot Crypto Scams
Spotting a potential cryptocurrency scam can be tricky, but here are common warning signs of a potential scam:
- Unrealistic high returns: Simply put, if it’s too good to be true, it probably is.
- Promise of guaranteed returns: As an investment rule, no legit financial undertaking can guarantee future returns because of the element of risk. Avoid crypto investment that guarantees X returns for Y invested.
- Excessive marketing: If a crypto offering makes extravagant claims without concrete backing, try researching them further. Fraudsters invest heavily in marketing so they can reach many people quickly and raise money quickly.
- Free money: Thoroughly research any promise of free money offered by an unknown crypto brand – whether it’s in deposit bonuses or added incentives for early investments.
- Poorly written or non-existent whitepaper: Typically common with ICO scams or rug pulls, scammers invest little or no time writing whitepapers because they have nothing to offer. Consider it a red flag if a crypto’s whitepaper is confusing or doesn’t exist.
- Unnamed team members: If you cannot find the team behind a crypto project, tread carefully. Real founders would be easily found online with an active social media presence.
What To Do If You Fall Victim To A Crypto Scam
It’s important to act fast if you ever fall victim to any type of crypto scam. If you sent cryptos to an address or disclosed personal financial information, report these to your bank immediately to curtail the situation.
Since crypto fraudsters often sell victims’ details to other criminals, change your usernames and passwords across all your online financial accounts to prevent further damage. You can equally report matters to your local police or ask for directives to legally handle these types of financial crimes.
Depending on your location, there are relevant bodies in your jurisdiction you can report to. For example, the Federal Trade Commission takes up crypto crimes in the United States and in the UK, its Action Fraud.
Furthermore, you can use trusted cyber security products like Kaspersky internet security to protect against possible malware attacks (if you’ve given a scammer access to your computer) and secure your subsequent online activities.
The Bottom Line
As long as cryptocurrencies are around, crypto frauds might live on. Even as developers and regulators work to curb fraudulent activities, understanding the common ways you can be swindled and how to protect yourself remains the best defense against crypto scams.