The easiest way to get rich quick is to avoid loosing money along the way...
Every time a new world-changing technology is released unto the masses, inspiring, industrious individuals inevitably start thinking of positive ways to use it. On the other hand, some individuals straight away starts planing how this technology can be used for their own under-handed gain. In the internet’s case, for every exciting new invention, we’re forced to contend with at least 10 "Nigerian prince" scams.
After all, we can now send and receive large amounts of money pseudonymously over the internet without the involvement of banks or governmental bodies. We are essentially transporting money between alphanumeric strings, with no name, address or identifying details attached.
The irony is, cryptocurrencies are technically very safe and efficient. Due to the “crypto” portion of cryptocurrencies and the blockchain itself, transactions themselves are incredibly secure. This means that the most vulnerable part of the crypto landscape is the human element, which is therefore the target of most scammers.
Despite all of the technology and security measures cryptocurrencies adhere to, familiar and low-tech tricks such as spoofing and impersonation are now the most effective way to scam money from unsuspecting users. Now more than ever, it’s important to ensure that your crypto funds are being sent to the intended recipient rather than an attractive or deceitful proposition.
When someone envisions an online impersonation scheme, they might conjure up an image of a man in sunglasses and a dark hoodie, surrounded by monitors of neon green “Matrix” code.
In reality, online impersonation can be pretty low-tech. We’ll explore some frequently-seen schemes, from the easy-to-spot to tricky to catch:
In the first case, you would be contacted by someone whose name does not match up with the real person. I bet a lot of you have been contacted by scammers on Telegram. Names or emails may be an obvious jumbled mess of letters and numbers. If this is the case, this is a likely and obvious scam.
Example: “Yes, my Telegram name is wrestlingfan316, but I am really Bill Gates and I need to verify your account number in order to send you money.”
The more advanced attempt is a step-up from a scammer who claims to be someone else, since the impersonator will go through the effort to make a realistic-sounding ID.
The regulation of names on chat programs or social media is more popular, but not ubiquitous. This means a scammer can potentially set their name to “Bill_Gates” or “Microsoft_Bill” without credentials to back it up. There’s no guarantee that a party is actually who their username claims to be, unless there is some sort of verification process that shows official accounts like the “Blue Check” on Twitter. Be careful when you receive a suspicious, unsolicited message without verifying the name first.
Example: “My Telegram name is Bill_Gates. Only the real Bill Gates would have this name, so I must be him!”
Another attempt is when scammers impersonating usernames with look alike letters...
The official username is “Bill,” which is spelled with a pair of lowercase L’s. The imposter “BiII” was able to create an account with what seems like the same username, instead using a pair of upper-case i’s to create the username.
Unfortunately, this “look alike letter” spoofing is a low-tech, but highly effective impersonation trick that many buy into without conducting their own verification check.
This method can be used in spoofed email domains as well, giving correspondence a seemingly “official” appearance. For example, using an upper case “i” for a lower case “L” can make a “@GoogIe.com” and “@Google.com” email domain virtually indistinguishable.
Another easier-to-spot method would be to swap, add or jumble letters of a well-known domain. If you aren’t paying close attention, an illegitimate email from “Mircosoft” might appear to be coming from “Microsoft.”
Example: “Hello! This is biII@mircosoft.com! I have some money to transfer to you, all that’s required is some details!”
While paying attention to senders is important, the messaging and content can easily tip you off of suspicious activity. Always on the lookout for the following:
- Spelling, formatting and grammar mistakes
- Correspondence from official sources should be spell-checked and well-written. While “pobody’s nerfect,” multiple blatant grammar and spelling mistakes should raise concerns.
- If it sounds too good to be true…
- A sales team representative is offering you a 50% discount, for a limited time only! That’s great, but is the deal realistic? Lavish offers are often an attempt to hook people’s trust.
- Unsolicited contact
- It’s certainly not unusual to receive marketing emails, but if someone was looking to impersonate an email address, this is a prime opportunity to do so. Out of the blue promotions don’t need to be written off as a complete red flag, but due diligence should be performed before sensitive information or funds are exchanged.
- Use your instincts
- This is the most intangible advice we can offer. Flags may involve the overall tone of a conversation, insistence or pressure to move forward, or inconsistencies with stories and claims. Regardless, if something feels “off” to you, you have the right to pull out of a deal or to simply stop communication.
- Play sketchy games, win sketchy prizes
- This should be self-explanatory. If you are pursuing illicit activities, or seeking giant profits with little to no investment, your chances of being scammed will go up exponentially.
Beyond any obvious scams (Let’s say you were able to spot “Mircosoft” and cut off communication with “BiII”), there are a few steps that you can perform to verify an identity.
- When verifying, do not click a link, or use a contact provided in the email chain. Any of these methods may be doctored by the nefarious party.
- Depending on the size of the organization, responses may take some time, but be patient.
- Ask for verification and make sure it meets your standards.
At any point, you have every right to request a method of verification. This can include placing key details on a site’s official channel or having a phone call via an officially listed number/extension.
- Real sources should never protest an identity check and will likely have some method of verification.
- It’s up to you to determine if the evidence you’ve received is sufficient. Don’t be afraid to ask for additional verification if it does not meet your standards.
Do you have any examples of scammers you have come across, feel free to write them in the comments.
Please follow, comment and shear my blog.
And a big thanks for any likes and tips.
Get free EOS: https://coinbase.com/earn/eos/invite/3w5t7vhp
Get free Stellar: https://coinbase.com/earn/xlm/invite/c6t4kzb7
Get free Orchid: https://coinbase.com/earn/oxt/invite/wy3hf75c