Crypto fraud is an increasing risk for investors and users of digital assets. As the popularity of cryptocurrencies increases, so does the number of scams that try to take advantage of the lack of regulation and anonymity of the field. From fake investment schemes to phishing attacks to the misuse of artificial intelligence to forge celebrity endorsements, fraudsters are constantly looking for new ways to gain access to valuable cryptocurrency assets. In this article, we will review some of the most typical cryptocurrency scams and provide tips on how to avoid them.
Article Content – Crypto Scams
Bitcoin investment schemes
In these schemes, fraudsters contact investors claiming to be experienced “investment managers”. As part of the scheme, so-called investment managers claim to have made millions by investing in cryptocurrencies and promise their victims that they will make money with their investments.
To get started, scammers ask for an upfront fee. However, instead of recovering the money from the investment, the thieves just steal the prepaid fees. Fraudsters may also request personal identification information, claiming it is to transfer or deposit funds, and thereby gain access to the victim’s personal cryptocurrency accounts.
Another type of investment fraud involves the use of fake celebrity endorsements. Scammers use real photos and then apply them to fake accounts, ads or articles to make it look like the celebrity is promoting a large financial gain from the investment. The sources for these claims look legitimate, using the names of reputable companies like ABC or CBS with professional-looking websites and logos. However, the support is fake.
If you’re starting out: First cryptocurrency purchase – how to do it and what to watch out for?
AI crypto scams
With the advent of artificial intelligence (AI), attackers are finding new ways to cheat the cryptocurrency market. They can use AI to create fake celebrity endorsements, exploiting the faces of prominent celebrities without their knowledge. The most extreme examples include Prince Harry and Meghan Markle, Bill Gates, Mark Zuckerberg and Sir Richard Branson.
One of the most apt fake celebrity endorsements was Elon Musk’s deepfake promoting a fraudulent cryptocurrency project. In this video, the fake Musk claims to be launching a new cryptocurrency project in which participants can get a 30% return on investment in three months.
In order to protect users from these fake celebrity endorsements, it is essential to conduct thorough research before engaging in any cryptocurrency project or investment opportunity. They must verify the legitimacy of the project, its team members and any endorsements associated with it.
Phishing
Phishing, or “fishing”, is a form of cyber fraud in which scammers create fake websites or apps that mimic legitimate services such as Binance, one of the world’s largest cryptocurrency exchanges. This is how they entice users to enter their login and personal information. This information can then be used to steal cryptocurrencies from users’ accounts.
Scammers also use fraudulent emails that contain malicious links leading to fake websites. These sites are designed to look like legitimate services, but are actually used to obtain sensitive information such as cryptocurrency wallet keys.
Security against phishing scams requires caution on the part of the user. It is important to never enter sensitive information from email links. Instead, it is advisable to go directly to a website that the user knows well, even though the link in the email may look legitimate. This can minimise the risk of personal data leakage and protect against cyber threats associated with phishing.
Rug pull scams
Rug pull scams are a strategy in which investment fraudsters deliberately “inflate” new projects, non-computer tokens (NFTs) or coins to obtain funding. Once they reach their goal and raise the money, the scammers leave investors in the lurch. Investors are then left with a worthless investment as the coding of these funds makes it impossible to sell them, resulting in a loss of money.
One of the most famous cases of this scam was the Squid coin project, inspired by the popular Netflix series Squid Game. The scam lured investors into buying tokens for online games in the hope of making a profit, but the result was a loss. Consequently, the trading halt led to a complete loss of chip value, and the scammers made huge profits.
Rug pull scams are also occurring in NFTs, which are unique digital assets. These scams therefore carry the risk of investing in new and unproven projects that may result in financial losses for investors.
Romantic scams
Dating apps have become the target of cryptocurrency scams. These scams often involve the creation of relationships through online communication, where one party gradually gains the trust of the other.
Once trust is gained, the scammer starts convincing the other party to invest or donate money in the form of cryptocurrency. Once the scammer gets the money he wants, he simply disappears. These scams are often referred to as “butchery” as they exploit people’s vulnerabilities and gullibility to take financial advantage.
Man-in-the-middle attacks
When users log into their cryptocurrency accounts in public places, they can become targets of fraudsters who aim to steal their private and sensitive information. A fraudster can intercept all data sent over a public network, including passwords, cryptocurrency wallet keys and account details.
Every time a user logs in, a thief can use a man-in-the-middle attack to gather sensitive information. It does this by intercepting Wi-Fi signals on trusted networks if they are within range.
The best way to avoid these attacks is to use a virtual private network (VPN). A VPN encrypts all data transmitted over the network, making it impossible for thieves to obtain personal information and steal cryptocurrency.
Cryptocurrency donation scams on social media
There are many fraudulent posts on social media promising donations of bitcoins. These scams often involve fake celebrity accounts that entice people to participate in these bogus benefits.
When a user clicks on such a donation, they are redirected to a fraudulent site that requires authentication in order to receive the promised bitcoin. The verification process may involve making a payment to prove the legitimacy of the account.
However, the victim may end up losing money for the payment, or worse, clicking on a malicious link, putting their personal information and cryptocurrency at risk of theft. It is important to be cautious when interacting with such fraudulent posts and not to click on suspicious links.
Fake cryptocurrency exchanges
Scammers are luring investors with the promise of a great cryptocurrency exchange, perhaps even promising the discovery of the next “bitcoin.” However, the reality is often quite different – many of these exchanges do not exist and investors only realise this after they have lost their deposits.
It is crucial to stick to proven cryptocurrency exchanges such as Coinbase, Crypto.com and Cash App to avoid unfamiliar and potentially dangerous platforms. Before providing any personal information, thoroughly check the reputation and legitimacy of the Exchange on industry websites and discussion forums. This way, you can minimize the risk of losing money and getting caught up in crypto scams.
Read more about crypto exchanges here: Crypto Exchanges – A Simple Guide
Job offers and fraudulent employees
Fraudsters often disguise themselves as recruiters or job applicants to gain unauthorized access to cryptocurrency accounts. Under the pretext of an interesting job opportunity, they demand cryptocurrency from their victims as payment for “training”.
Another type of fraud is cases of abuse in the hiring of remote workers. For example, IT freelancers from North Korea try to take advantage of telecommuting opportunities by submitting impressive resumes and claiming to be based in the United States. The U.S. Treasury Department has issued a warning about this form of fraud targeting cryptocurrency companies, calling it a “shadow workforce.”
In 2022, shadow workers targeted a Sky Mavis engineer by posing as recruiters on LinkedIn. During the phone interview, the engineer received a document to review for the next step in the hiring process, but it contained malicious code. This code allowed the North Korean group Lazarus to steal $600 million in a bridge attack.
Flash loan attacks
Flash loans are short-term loans that allow for quick transactions, often lasting only a few seconds. These loans are popular in the cryptocurrency space, where traders use the funds to buy digital tokens at lower prices on one platform to immediately sell them at a higher price on another platform to make a profit. These fast and profitable transactions are completed in a single transaction and the flash loan is subsequently repaid.
As flash loans are unsecured and not subject to any credit checks, attackers often abuse them to manipulate prices on decentralised financial platforms. By creating the false impression of high demand, attackers create many buy and sell orders, which they then cancel after prices rise, resulting in an immediate price drop. By abusing this strategy, attackers can make significant profits by buying at a lower price on another platform.
In February 2023, Platypus Finance was the victim of a flash loan attack that caused a loss of $8.5 million.
Conclusion – Crypto Scams
It is imperative that investors and users of cryptocurrencies are cautious and informed to avoid falling into the traps of scammers. Conducting thorough research, verifying the legitimacy of projects and investment opportunities, and maintaining the security of personal data are key steps to preventing crypto fraud. As technology evolves and fraud schemes become more sophisticated, it is essential to remain vigilant and use best practices to protect your investments and digital assets.
