Crypto Scams: An Overview - Part 2
This article is a continuation from the Crypto Scams: An Overview – Part 1.
What are more of the most common crypto scams?
Social Media Scams
Blackmail Scam and Ransomware
Fake Cloud Mining
Social Media Scams
Social media scams may attempt to impersonate a celebrity, or professional crypto personality in an attempt to use credibility to make victims think offers are legit.
They may also hack a real social media profile – such as high-profile individuals including Jeff Bezos, Barack Obama, and Elon Musk, and used those accounts to ask their followers to send a certain amount of crypto assets in exchange for a higher payout.
Promise of free crypto, extraordinary gains, airdrop, or a “once in a lifetime” opportunity. Typically requiring an upfront deposit with a higher “guaranteed” return.
Fraudulent crypto exchanges which appear to be legitimate but in fact steal customer funds, private keys, or crypto.
Resulting from the lack of regulatory oversight that most traditional brokerage firms are subject to.
Investors should be careful with exchanges that operate outside of top-tier jurisdictions such as the UK, United States, Japan, or Australia.
Fraudulent Exchange Examples
In 2017, BitKRX was created and represented as a cryptocurrency branch of the largest and legitimate South Korean platform Korea Exchange (KRX). Using KRX's goodwill, BitKRX made investors believe in the project and eventually lost money.
Reported fraudulent exchanges according to Bitcoin.com:
01crypto, Btc-cap, Capital-coins, Coinquick, Cryptavenir, Crypto-banque, Crypto-infos, Cryptos.solutions, Cryptos-currency, Ether-invest, Eurocryptopro, Finance-mag, Gme-crypto, Gmtcrypto, Good-crypto, Mycrypto24, Nettocrypto, Patrimoinecrypto, and Ydconsultant.
Ransomware & Blackmail
Ransomware is malware designed to lock computer systems demanding payment in crypto to unlock the “hostage” systems. Crypto blackmail is any sort of threat accompanied by a demand you pay money to a cryptocurrency address. Like traditional blackmail, it’s a “pay up in crypto or we’ll do something bad to you” threat.
Ransomware & Blackmail Examples
WannaCry - In the year 2017, ransomware WannaCry affected 150 countries and spread to over 230,000 computers worldwide. Ransomware demanded to be paid in Bitcoins. Substantial financial impact globally, and $4 billion estimated worldwide financial loss incurred.
Colonial Pipeline - On May 7, 2021, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack. With the assistance of the FBI, Colonial Pipeline paid the requested ransom (75 bitcoin or $4.4 million) within several hours after the attack. The FBI eventually recovered 63.7 of the bitcoins (approximately $2.3 million) from the ransom payment.
Email saying “I know you cheated on your wife,” or other compromising information demanding Bitcoin to not leak the information.
Fake Cloud Mining
Fraudulent crypto mining companies that promise unusually high returns for investing in crypto mining. Some are secretive about their operations with no proof of mining equipment. These fake cloud mining companies lure investors with false promises and steal investor funds.
Fake Cloud Mining Examples
No relevant pictures of their mining hardware and data center or proof of mining equipment.
Public mining address: No public bitcoin mining address or no user selectable pool. When you buy hashing power from a cloud mining company, you should be able to direct the hashing power to a mining pool of your choosing.
Unlimited processing power: The amount of GH/s you can sell is limited by the amount of mining hardware available.
Cloud mining Ponzi and pyramid schemes: Frauds set aside funds and use initial funds from clients to make payouts to again give an illusion of respectability and honesty that then will generate more clients. They show a Bitcoin address that they make payouts from that is verifiable. One day the address stops paying.
No option to withdraw earnings: If a website offers to rent hashing power without providing a clear way to withdraw your earnings, it is likely a scam.
Company registration: A number have done so in London to give the illusion of prestige – but the Directors are often registered as foreign residents where identity requirements are easily faked.
Domain name ownership: A legitimate business in this space should make their contact information readily available. This applies to domain name registration, as well. Anonymous or concealed domain names are likely scams.
No endorsement from any ASIC miner vendor: Legit cloud mining companies have a lot of very expensive hardware and the ASIC vendors who supplied them will gladly make a public post or acknowledgment to show that the company in question is one of their customers.
Scammers use a promotion: For example, videos using fake representatives and offices – again with no proof of equipment.
Things to look out for
Avoid engaging with unknown characters in social media who might be promoting a certain project without first double-checking their identities and whether they are who they say they are.
Block and flag spam any emails coming from unknown addresses that are asking for your wallet’s information or prompting you to access your crypto exchange account through an unverified link.
Consider participating in initial exchange offerings (IEOs), which are projects promoted via formal and regulated exchanges.
Only invest money that you can afford to lose.
Do your own due diligence on any project you would like to participate in, existing or new. This includes investigating:
Who are the members of the developing team?
Who is backing the project (institutional participation)?
What is the track record of senior developers?
Is the content on the website legit or plagiarized?
Does the company have an active social media following?
Things to Remember
- In most cases, if it’s too good to be true it probably is.
- A service that requires an upfront deposit without financial transparency is likely a scam, especially if unusually high returns are promised.
- If you don’t have to KYC to use the platform, it may not be in compliance with current regulations.
- Double and triple check with multiple sources to verify information.
- Use 2-factor authentication
- Use a cold wallet
- Stick with established providers
- Always double-check addresses
- Never share your wallet private keys with anyone
Thanks for reading part 2 of this series. Keep in mind this is not an exhaustive list of crypto scams but gives a solid overview of common crypto scams and historical examples.
Until next time,