Cryptocurrency Scams 02
Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. This is ONLY for understanding and education purposes. The content in this article is referred from https://www.finder.com.au and https://bitcoin.org/en/scams
What are the main crypto scams?
- Fake exchanges and wallets
- Old-school scams
- Bitcoin blackmail scams
- Impersonation giveaway scams
- Fraudulent ICOs (Initial Coin Offering)
- Ponzi or pyramid schemes
- Rug pulls and exit scams
- Mining scams
- Pumps and dumps
- Meet in Person
- Money Transfer Fraud
- Prize Giveaways
- Scam Coins
The first scam on the list is one that you may well be familiar with already, as it’s also been widely used to target customers specially from banks,.
Known as “phishing”, this type of scam occurs when you receive an unsolicited email that looks as if it’s from your bank – or, in this case, from your crypto exchange or wallet provider. This email contains a link which will take you to a site that looks almost identical to the exchange or wallet you usually use, but is actually a scam site.
Beware of emails purported to be from services you use soliciting you for action, such as resetting your password, or clicking through to provide some sort of interaction with regard to your account. It can be very difficult to spot the difference in a fake email that’s trying to entice you to compromise your account, and a legitimate one sent on behalf of a product or service that you use. When in doubt, considering triple-checking the authenticity of the communication by forwarding it to the company, using the contact email address on their website, calling them on the telephone, and/or reaching out to them via their official social media accounts.
Phishing websites often go hand-in-hand with phishing emails. Phishing emails can link to a replica website designed to steal login credentials or prompt one to install malware. Do not install software or log in to a website unless you are 100% sure it isn’t a fake one. Phishing websites may also appear as sponsored results on search engines or in app marketplaces used by mobile devices. Be wary that you aren’t downloading a fake app or clicking a sponsored link to a fake website.
Once you enter your account details on this unofficial page, the scammers have everything they need to log in to your real account and steal your funds.
How to avoid phishing scams
Always double-check URLs to make sure you’re visiting the genuine website
Don’t click on suspicious links that are emailed to you
Never disclose your private key
In a similar vein to phishing scams, keep an eye out for fake Bitcoin exchanges. They might walk and talk like a reputable exchange, but they’re merely a front to separate consumers from their hard-earned cash.
Some will entice users with promotional offers that sound too good to be true. Others pressure users into creating an account and depositing funds, perhaps even offering “bonuses” to those who deposit larger amounts. But once they have your money these platforms might charge ridiculously high fees, make it very difficult to withdraw funds or simply steal your deposit altogether.
Other scammers have turned their attention to creating quite sophisticated fake wallet apps which, once downloaded to a user’s smartphone, can be used to steal critical account details. These apps have even made it into official, legitimate app stores like Google Play, so it pays to do your research before downloading anything to your phone.
In December 2017, the Bitcoin community and South Korean authorities exposed a fake exchange known as BitKRX.By posing as a legitimate exchange and passing itself off as a branch of KRX, a large and reputable trading platform, it was able to ensnare innocent users.
Stick with well-known and popular exchanges
Thoroughly research any exchange or wallet before creating an account – who is the team behind the exchange or wallet? Where is the company registered?
Are there reliable reviews from other users confirming its legitimacy?
Don’t let yourself be pressured into depositing funds or providing any personal information
Don’t just randomly pick a wallet from the app store – only download apps and software from legitimate wallet providers and exchanges
Case study: Fake Poloniex appsPoloniex is a large, prominent and legitimate crypto exchange. However, in 2017 it was the target of a sophisticated scam that saw at least three fraudulent Poloniex trading apps listed on the Google Play store.
Two of the apps, “Poloniex” and “Poloniex Exchange,” were downloaded more than 5,500 times before they were removed from the store. These apps asked Poloniex users to enter their account credentials, thereby giving fraudsters a way to perform transactions on behalf of users and even lock victims out of their own accounts.
Cryptos may be based on new technology, but there are still plenty of scammers using old tricks to con unwitting consumers.
The classic example of this is an unsolicited phone call or email from someone claiming to be with the Tax Office, Inland Revenue Department or Bank. This fictional tax man will try to convince you that you owe the Tax Office/ Inland Revenue Department money and you’ll be facing legal action if you don’t transfer them a certain amount of Bitcoin as soon as possible.
The tried-and-tested “Nigerian prince” scam has also migrated into the world of cryptocurrency. So, if you’re ever contacted out of the blue by someone overseas promising you a share in a large sum of digital currency if you help them transfer funds out of their own country, use your common sense and recognise it for the scam it is.
How to avoid old-school scams
Use your common sense
Don’t trust unsolicited emails or phone calls
Similar to how scammers will sometimes pretend to represent the tax office (or Inland Revenue Department) in the hope of coercing victims out of money, they’ll also pretend to be hackers with some kind of incriminating evidence.
One common variation of this scam arrives in the form of an unsolicited email, where the sender claims to be a hacker who has accessed your computer and is operating it via remote desktop protocol (RDP). They will say they’ve found some kind of incriminating evidence, or taken over your webcam to capture footage of you doing something embarrassing or which you’d rather other people didn’t know about. The emails promise to send the incriminating evidence to all of your email or social media contacts unless you send some Bitcoin to the blackmailer, and will typically include instructions on how to purchase Bitcoin and where to send it.
Naturally, it’s all a lie. The phony blackmailers don’t have any evidence and nothing will happen regardless of whether or not you make a payment. This scam is purely a numbers game, where the perpetrators hope that by sending out enough emails they’ll scare enough people into sending them some Bitcoin.
How to avoid Bitcoin blackmail scams
Search online to see if other people are saying they’ve received the same email
Don’t believe the scammers
Consider using VPNs to browse more privately, for additional peace of mind against this type of scam
One type of scam that’s common to many large sites and social media platforms is a celebrity impersonation giveaway scam. Here, the scammers will impersonate a celebrity or other notable person and announce that they’re giving away a lot of cryptocurrency for free, as long as you send them some cryptocurrency first.
The scammers will often promise to send back double what you send them. Although especially prominent on Twitter, this scam has also appeared on platforms including YouTube, where scammers will impersonate a celebrity in a video or livestream.
This scam is all about quickly rushing victims into a bad decision by making them think they’re missing out. A typical giveaway scam always specifies a total amount of cryptocurrency, such as “5,000 ETH giveaway” and then uses an army of bots and fake accounts to make it look like people are actually receiving money.
After seeing all the apparently free money being given away, victims race to send money to the scammers before they have time to think it over.
On Twitter, the fake giveaway bots will often have a blue “verified” check mark, but this does not mean anything. The scammers obtain this by taking over verified accounts and then changing the names. Similarly, scams will often have thousands of likes, views, retweets or other types of social proof. Those are just from bots, and don’t mean anything either.
Although there are some ways to get free cryptocurrency, it’s only possible to get small amounts and there’s often some kind of catch.
How to avoid impersonation giveaway scams
Assume that anytime a celebrity is offering to give away free cryptocurrency on social media, it’s a scam
Double check the user name of the suspected scam account, and compare that to the username of the celebrity’s real account
Check the provided cryptocurrency address using a blockchain explorer. You can see how much money the scam is making and whether or not it’s actually sending any money out
In April 2018, the Pincoin and iFan ICOs, run by the same Vietnam-based company, are believed to have cheated more than 30,000 investors out of a combined total of US$660 million.
iFan was meant to be a social media platform for celebrities and Pincoin promised 40 per cent monthly returns to investors. Both were later shown to be multi-level marketing (MLM) scams.
This has led to the rise of fake ICOs which, with some slick marketing and a little bit of hype, can convince people to buy a cryptocurrency that doesn’t actually exist. For example, one report found that 78% of ICOs in 2017 were scams, while a separate report put that figure at above 80%.
Finally, if you’re dreaming of getting rich quick from a crypto ICO, be aware that for every ICO success story there are many, many more failures, even if the project isn’t a scam.
How to avoid fraudulent ICOs
Thoroughly research any ICO before buying in. Look at the team behind the project, its whitepaper, the purpose of the currency, the tech behind it, and the specifics of the token sale.
Do not participate in offerings where one or more people offer you a guaranteed return in exchange for an upfront deposit. This is known as a ponzi scheme, where-in future depositors’ principals are used to pay previous investors.
A Ponzi scheme is a simple but alarmingly effective scam which lures in new investors with the promise of unusually high returns. Here’s how it works: a promoter convinces people to invest in their scheme. These initial investors receive what they believe to be returns, but what are actually payouts from the money deposited by newer investors. Now satisfied that the scheme is legit, those investors who have received payouts pump more of their money into the scheme and encourage others to do the same. The end result is usually a lot of people losing a lot of money.
A pyramid scheme promises returns to participants based on the number of people they invite to join. This enables the scheme to grow virally and rapidly, however, it most often doesn’t result in any kind of meaningful return for the members and/or those invited who also joined. Never invite your personal network under the sole goal of accumulating rewards or returns from a product or service, and do not contribute your own capital at the behest of others to accelerate the process.
Sooner or later, the scheme collapses when the promoter runs off with the money or it becomes too difficult to lure new investors. These types of pyramid schemes are nothing new and can be easy to spot, but that hasn’t stopped some crypto buyers being scammed in a handful of high-profile incidents.
How to avoid Ponzi/pyramid schemes
Look out for cryptocurrency projects that encourage you to recruit new investors to enjoy bigger profits
Never trust a scheme that promises returns that sound too good to be true.
Do not participate in offerings where one or more people offer you a guaranteed return in exchange for an upfront deposit
A rug pull is a type of exit scam in which a smart contract is robbed of its funds by one of the contract’s own developers, after a substantial number of users have deposited money. Rug pulls have become increasingly common in the DeFi space, where users deposit funds into specialised smart contracts in order to earn interest – a process known as “yield farming”. Once a large enough sum of funds has been deposited into the contract, one of the developers will then steal the funds, either using the contract’s keys or a hidden backdoor in the code.
A rug pull can be very difficult to spot before it happens as they typically originate from profitable projects that function as intended, unlike a Ponzi scheme or ICO scam which are illegitimate from the outset. Furthermore, because of the rapid and dynamic nature of DeFi, users often enthusiastically “pile in” to new projects early in their life-cycle while profits are highest, which may give the project an unwarranted degree of trust.
SushiSwap was famously rug pulled for 37,400 ETH by its developer, Chef Nomi, after amassing $1 billion worth of funds after only a few weeks of operation.
Rug pulls may be difficult to spot ahead of time, but there are a few things you can do to help avoid them.
Steer clear of DeFi projects where the private keys are held by one individual.
Beware of pseudonymous developers or teams without a thorough reputation.
Look for DeFi projects that have gone through a smart contract audit by a trusted third party, as this will help reduce the likelihood of a backdoor attack – although even these can be spoofed.
Use restraint to avoid chasing gains and jumping into a project before it has time to prove itself.
Remember that none of these methods are foolproof and that DeFi is a high-risk space.
Lets continue reading the remaining scam types