Let’s be honest, while blockchain technology is fascinating and crypto enthusiasts assure each other that they’re ‘in it for the tech’, the crypto space is packed with people looking for investment opportunities. This means the market is laced with greed, giving bad actors an ideal environment to craft several nefarious crypto scams.
In a recent trip to the Next Block Expo held in Warsaw, the DailyCoin team met up with Igor Haleta, CEO of QMALL, a popular Ukrainian crypto exchange. Immediately drawn in by his humility and passion for customer security, Haleta primed us on the most common types of crypto scams he’s seen and how to avoid being a fraudster’s unlucky victim.
Table of Contents
What Are Crypto Scams?
Crypto scams are a devious tactic fraudsters use to steal your digital assets, like cryptocurrency or NFTs. They vary in complexity, with some being simple messages in your inbox to professional fake websites and celebrity impersonations that look just like the real thing.
Less obvious scams don’t target you directly, instead, they try and steal sensitive information like your seed phrase or private keys, giving crypto scammers access to your crypto wallet. These types of crypto scams are harder to identify but can have disastrous consequences.
Common Crypto Scams
Before getting started in cryptocurrency investment, it’s imperative that you learn to recognize the different types of crypto scams. Over $3B in crypto assets were stolen through hacks and scams in 2022, with most of these extortions being preventable and avoidable.
Let’s review the most common scams you’re likely to come across while making crypto investments.
Impersonation Investment Scams
If you’ve ever seen Elon Musk or Jeff Bezos, the founder of Amazon, promising a Bitcoin (BTC) or Ethereum (ETH) giveaway on Twitter I can guarantee it’s a giveaway scam. While impersonation is one of the laziest types of crypto scams, you’d be surprised how many people lose their precious digital currency in this way. In fact, the Federal Trade Commission (FTC) reported that $417M USD was lost to fraud on social media alone.
Impersonation scams come in many different shapes and sizes. Sometimes scammers pretend to be crypto influencers or blockchain founders like Vitalik Buterin or Charles Hoskinson asking for our Ether. Other times, they’ll play the role of investment managers who promise to trade your crypto for you to earn guaranteed returns.
From fake celebrity endorsements to romance scams on dating apps, impersonation scams are everywhere. The crypto space is no different.
How to Avoid
Anyone promising to double your crypto investment on your behalf is always a scam. Never send any funds to anyone, especially an account impersonating influencers or celebrities.
Pump and Dump Schemes
Pump and Dump schemes are operations run by insider groups within the crypto space that artificially manipulate crypto asset prices. These pumps are generally coordinated with false information and are designed to make other crypto investors FOMO into trending coins, only to have the manipulators dump on new buyers.
How to Avoid
Pump and Dump schemes are difficult to recognize until after they’ve happened. They usually occur on cryptocurrency exchanges with thin order books, making price pumps more volatile. As a rule of thumb, you should always do your due diligence and research when investigating any price pump to know if it’s caused by genuine interest.
A Rug Pull is a broad term in the blockchain that can be applied to a few different types of scams. A Rug Pull is a term used to describe a team that abandons a crypto project, leaving its investors with valueless crypto assets in their digital wallets.
What a lot of beginners don’t realize is that Rug Pulls have various levels of severity.
A Hard Rug is the most violent kind of Rug Pull you can have the misfortune of experiencing. Hard Rugs are exclusive to DeFi protocols, so if you’re keeping your coins on a cryptocurrency exchange these shouldn’t be a risk to you.
DeFi users often deposit their tokens into staking contracts or yield farming protocols to earn crypto rewards. By depositing crypto assets into these pools, you’re actually giving the dApp control over your assets. If the team behind these dApps abandons the project and disappears with deposited funds, we call this a Hard Rug.
But that’s not the worst of it. Some dodgy protocols will ask you to sign a crypto transaction that approves the spending of the assets stored in your crypto wallet. If you’ve unknowingly signed these transactions, these scoundrels can move the tokens in your wallet without your knowledge.
A Soft Rug is what typically happens when a crypto or NFT project ‘rugs’ its community. This refers to a case when the team simply abandons the project and leaves its investors wondering what could’ve possibly gone wrong.
When a crypto project pulls the plug, they usually remove any liquidity pools that they might have created on decentralized exchanges. This means that token holders can’t even sell their crypto assets to try and recuperate what’s left of their investment.
How to Avoid
As someone who does a lot of on-chain trading, I’ve come close to being rugged more times than I can count. Build yourself a meticulous framework for due diligence and always do your own research thoroughly before investing in any crypto project.
You can avoid Rug Pulls by only investing in ‘doxxed’ teams with public identities. This means that if they abandon a project they can still be chased down by law enforcement and government agencies like the FBI. As an added protection, revoke any permissions after connecting to dApps using revoke.cash and check that liquidity pools on DEXes are locked.
Cloning websites into compelling and believable fakes is easier than ever these days. Scammers will create a fake website that looks like an exact replica of popular dApps like Uniswap or AAVE and try and get you to deposit your crypto into their smart contracts.
Fake websites are also used to host initial coin offerings (ICOs) that promise to give investors early access to relaunched, new cryptocurrency or non-fungible tokens.
How to Avoid
Always double-check the domain name, or URL, of every site you visit in the crypto space. Make a habit of only getting links from official sources, like a crypto project’s Twitter page, because some fraudsters run Google Ads to make their fake websites appear in your google search.
Trading via API
Third-party trading bots use APIs to operate trading algorithms through crypto exchanges. API trading gives other people access to your funds. While this doesn’t necessarily mean that they’re going to steal your crypto and leave your wallet address devoid of life, they could use your funds to trade in Pump and Dump schemes.
How to Avoid
Fortunately, this one’s easy to avoid. Don’t use APIs when trading and you won’t give away access to your funds.
Ever received unsolicited messages from random accounts on social media platforms? What about an unknown Telegram or Discord account asking you to visit a website or download a white paper to your device? If so, that means a scammer is phishing for your data.
Phishing scams are a massive cybersecurity risk, both in the cryptocurrency industry and outside of it. Phishing links target all kinds of sensitive information, like your credit card details or bank account.
How to Avoid
Never open or download any files to your phone or computer if you don’t know who they’re coming from. It’s likely that these files are intended to infiltrate your device and steal sensitive information that is used to access your crypto wallet, like a seed phrase or private key.
As an added measure, you should report phishing attempts to the Internet Crime Complaint Center.
Ponzi schemes, like Ruta Ignatova’s Onecoin, promise you the world. By definition, Ponzis are an investment scheme where old investors are paid with the oncoming funds from new investors, who are then encouraged to go out and source new investors. This kind of scam is also called a pyramid or multi-level marketing (MLM) scheme.
The issue with these scams is that they can be hard to recognize until it’s too late. In some cases, a Ponzi scheme might look like a great investment opportunity in an exciting new company with glowing testimonials. OneCoin investors certainly thought so before the crypto queen disappeared with $4B worth of investor’s funds.
How to Avoid
Again, due diligence and thorough research are a must when it comes to keeping yourself safe in the crypto space. Ask yourself how these businesses are generating revenue. Are they offering unique products and services, or just empty promises that money will appear if you just bring more people to the investment scheme.
How To Protect Yourself From Crypto Scams
While there are bad actors aplenty and several types of crypto scams in the blockchain industry, setting a few ground rules can protect you from almost all of them. Let’s review the biggest red flags to be on the lookout for and how to safeguard your crypto assets:
- Never send anyone your cryptocurrency, no matter how much they offer you in return.
- Always conduct thorough due diligence and do your own research.
- Revoke token approvals after using DeFi applications.
- Don’t click any links you receive in unsolicited DMs.
- There’s no such thing as free money. If it seems too good to be true, it probably is.
On the Flipside
- Trading cryptocurrencies launched by anonymous developers can provide outlandish gains, just look at Shiba Inu or PEPE. However, the chances of hitting these moonshots are like winning the lottery so chances are you’ll need to suffer hundreds of rug pulls before finding a winner.
Why This Matters
The blockchain industry is plagued with so many different types of crypto scams that sometimes it’s hard to keep track of them all. Take the time to learn what all these cryptocurrency scams look like and protect yourself and your crypto assets.
In most cases, no. Once the scammed crypto has left your wallet, it’s almost impossible to get it back. That’s why learning to prevent crypto scams should be one of the first things you learn in the space.
Yes and no. Are scammed crypto can be traced on followed on-chain; however, it’s very difficult to link wallets to a real identity if the scammer stays anonymous.
The major crypto scams that we see the most often are impersonation scams and phishing attempts. Phishing scams are arguably the most dangerous, because they aim to seize control of your entire wallet, rather than just asking for you to send crypto to their wallet address.