It seems each day brings another crypto startup (including ICOs), another altcoin trying to earn its place in a quickly growing market. As at 12th June 2020, CoinMarketCap tracks 2,674 publicly traded cryptocurrencies, and there are more on the way. This figure is up by over 200% in just 2 1/2 years.
These coins can be bought and sold on dozens of different exchanges and stored in one of 1000+ digital or cold storage wallets. The proliferation of these entities has added a great deal of confusion to the already complex “getting started” process, and this has created an ideal environment for scammers to thrive. Scams have pervaded the space between users and legitimate crypto service providers, but they can be avoided by being familiar with their tactics and following a few simple rules.
Common Cryptocurrency Scams
Scams can be broken down into the following categories, by order of prevalence.
Phishing is the fraudulent attempt to obtain sensitive information such as credit card details, usernames and passwords by individuals or organizations disguising themselves as a trustworthy entity in electronic communications.
Phishing can be further divided into several different types, but ‘spear phishing’ is the biggest threat and involves directly attacking an individual through malicious emails or similar avenues. Spam filters have helped reduce phishing success to an extent, but to be 100% safe, do not open emails from anyone you do not know.
If the email title is ‘clickbaity’ in nature, that is all the more reason to delete it without opening. Furthermore, do not follow links from any email unless it was sent at your request (i.e. activation email for an account you just signed up for) or you were otherwise expecting it.
Phishing may also be done through a more indirect approach where malicious links are disseminated via social media. If you stumble across links or articles representing something that is too good to be true, it likely is. Avoid anything that looks like spam, especially those posts advertising “daily Bitcoin revenue” with “photo evidence” of legitimacy asking you to post a particular word for more info. Those are dead giveaways.
If you plan on participating in any ICOs, exercise extreme caution, as this is the most common environment for phishing scams. Take CoinDash for example, who’s ICO was hacked within minutes, resulting in $7 million (37,000 ETH at the time) in stolen Ethereum. The hacker accomplished this by hacking the CoinDash website and switching the wallet address to his/her own, thereby redirecting all of the investment funds.
Another infamous phishing ruse, discovered by Comparitech.com in 2017, involved channeling users to a malicious website through Google’s search engine. ‘Bitcoin mixing’, when searched on Google, returns the site as the top result. Many of the links found within, directed users down a path of stolen Bitcoin and regret.
Malware differs from phishing in that it generally requires a download or other means of initiating specific executable code. Once activated, it will gather sensitive information from your online engagement as you go through your daily routine, logging into accounts and entering passwords etc. This information is then harvested and used to access your accounts without your permission or knowledge.
Malware may present itself in several different forms, the most common being a Trojan horse. This type of malware derives its name from the Greek story of how one of the greatest ancient cities was infiltrated and destroyed by a hollow horse full of soldiers. Similarly, Trojan horse viruses commonly act as backdoors allowing remote access to a user’s personal information.
When downloading wallet software or other crypto-related software, ensure you are doing so through official channels only. Malware has been known to be integrated into fake or infected wallet downloads. Downloading an infected wallet will generally lead to loss of all funds deposited.
Watch out for malicious apps as well, even from well-respected outlets like the iTunes store. As far back as 2015 an app called LocalBitcoins was discovered to have been set up for the express purpose of stealing Bitcoin. It was removed from the store soon thereafter, but a few users were affected.
Get-rich-quick scheme – “Money Flipping” Scams
“Money Flipping” Scams or Doubling Scams are easily identified and easily avoided by that virtue. These scams involve a “trust trade” whereby the scammer claims to double/multiply your investment over a very short timeline, sometimes overnight. Anyone foolish enough to participate will quickly find that the other party never intended to follow through on the promise, and be left empty-handed.
Flipping scams are commonly advertised on social media. Again, if it looks like spam and is too good to be true – ignore it.
Pump and dump
Pump and dump scams start when a group of people overhype a particular altcoin for the purpose of making a rapid return on investment. Prior to hyping the coin, they initiate a sizable position only to dump it immediately once their target price is achieved. Anyone that is not an early participator will realize heavy losses as it is sold off.
These can be easily avoided by doing intensive research prior to initiating a new altcoin position, collecting information from multiple authorities, and only using trusted, well-known sources.
Scams and traps permeate the internet, but they are often easily identifiable and avoidable if you know what to look for.
Keep these tips in mind, and never fall victim to scammers again!