In today’s world, your cryptocurrency is an incredibly valuable asset to criminals. It’s liquid, highly portable and, once a transaction has been made, it’s almost impossible to revert it. As a result, a wave of scams (both decades-old classics and cryptocurrency-specific swindles) has flooded the digital realm.
In this article, we’ll identify some of the most common cryptocurrency scams.
1. Social Media Giveaway Scams
It’s amazing, nowadays, how everyone seems so generous on the likes of Twitter and Facebook. Check the replies to a tweet with high engagement, and you’ll no doubt see that one of your favorite crypto companies or influencers is doing a giveaway. If you send them just 1 BNB/BTC/ETH, they promise to send you back 10x that amount! It seems too good to be true, doesn’t it? Unfortunately, that’s because it is. That’s a pretty good rule of thumb to apply to many of these scams.
It’s incredibly unlikely that someone is hosting a legitimate giveaway that requires you to first send your own money. On social media, you should be wary of these kinds of messages. They might come from accounts that might look identical to the ones you know and love, but this is part of the trick. As for the dozens of replies thanking said account for their generosity – they’re just fake accounts or bots deployed as part of the giveaway scam.
Suffice it to say, you should just ignore these. If you’re really convinced they are legit, take a closer look at the profiles and you’ll see the differences. You will soon realize that the Twitter handle or the Facebook profile are fake.
And even if Binance or any other entity decides to host a giveaway, the legitimate ones will never ask you to send funds first.
2. Pyramid and Ponzi schemes
Pyramid and Ponzi schemes are slightly different, but we’re placing them into the same category because of their similarities. In both cases, the scam relies on a participant bringing new members with the promise of incredible returns.
In a Ponzi scheme, you might hear about an investment opportunity with guaranteed profits (this is your first red flag!). Commonly, you’ll see this scheme disguised as a portfolio management service. In reality, there’s no magical formula at work here – the “returns” received are just other investors’ money.
The organizer will take an investor’s money and add it to a pool. The only inflow of cash into the pool comes from new entrants. Older investors are paid off with newer investors’ money, a cycle that can continue as more newcomers join. The scam unravels when there isn’t any more cash coming in – unable to sustain payouts to older investors, the scheme collapses.
Consider, for instance, a service that promises 10% returns in a month. You could contribute $100. The organizer then ropes in another ‘client’, who also invests $100. Using this newly-acquired money, he can pay you $110 at the end of the month. He would then need to entice yet another client to join, in order to pay the second one. The cycle continues until the inevitable implosion of the scheme.
In a pyramid scheme, there’s a bit more work required by those involved. At the top of the pyramid is the organizer. They’ll recruit a certain number of people to work on the level beneath them, and each of those people will recruit their own number of people, etc. As a result, you end up with a massive structure that grows exponentially and ramifies as new levels are created (hence the term Pyramid).
So far, we’ve only described what could be a chart for a very large (legitimate) business. But a pyramid scheme is distinct in the way it promises revenue for recruiting new members. Take an example where the organizer gives Alice and Bob the right to enlist new members for $100 each, and takes a 50% cut on their subsequent revenue. Alice and Bob can offer the same deal to those they recruit (they’ll need at least two recruits to recover their initial investment).
For instance, if Alice sells memberships to both Carol and Dan (at $100 each), she’ll be left with $100 because half of her revenue must be passed onto the level above her. If Carol goes on to sell memberships, then we’ll see rewards trickle upwards – Alice gets half of Carol’s revenue, and the organizer gets half of Alice’s half.
As the pyramid scheme grows, the older members earn an increasing stream of revenue as the distribution costs are passed from the lower to the upper levels. But because of the exponential growth, the model is not sustainable for long.
Sometimes, participants are paying for the rights to sell a product or service. You might have heard of certain multi-level marketing (MLM) companies accused of running pyramid schemes in this manner.
In the context of blockchain and cryptocurrencies, controversial projects like OneCoin, Bitconnect, and PlusToken have come under fire, with users taking legal action against them for allegedly operating pyramid schemes.
See also: Pyramid and Ponzi Schemes.
3. Fake Mobile Apps
It’s easy to overlook the warning signs on fake apps if you’re not careful. Typically, these scams will direct users to download malicious applications – some of which mimic popular ones.
Once the user installs a malicious app, everything might seem to work as intended. However, these apps are specifically designed to steal your cryptocurrencies. In the crypto space, there were many cases where users downloaded malicious apps whose developers masqueraded as a major crypto company.
In such a scenario, when the user is presented with an address to fund the wallet or to receive payments, they’re actually sending funds to an address owned by the fraudster. Of course, once the funds are transferred, there’s no undo button.
Another thing that makes these scams particularly effective is their ranking position. Despite being malicious apps, some can rank highly in the Apple Store or Google Play Store, giving them an air of legitimacy. To avoid falling for them, you should only download from the official website or from a link given by a trusted source. You might also want to check the publisher’s credentials when using Apple Store or Google Play Store.
See also: Common Scams on Mobile Devices.
Even newcomers to the crypto space will undoubtedly be familiar with the practice of phishing. It typically involves the scammer impersonating a person or company to extract personal data from victims. It can take place across many mediums – telephone, email, fake websites or messaging apps. Messaging apps scams are particularly common in the cryptocurrency environment.
There’s no single playbook that scammers adhere to when trying to get ahold of personal information. You may get emails notifying you of something wrong with your exchange account, which requires you to follow a link to fix the problem. That link will redirect to a fake website – similar to the original one – that will prompt you to log in. This way, the attacker will steal your credentials, and possibly your cryptocurrencies.
A common Telegram scam sees the scammer lurking in official groups for crypto wallets or exchanges. When a user reports a problem in this group, the scammer will reach out to the user privately, impersonating customer support or team members. From there, they’ll urge the user to share their personal information and seed words.
If someone learns your seed words, they’ll have access to your funds. Under no circumstances should they be revealed to anyone, not even legitimate companies. Troubleshooting issues with wallets does not require knowledge of your seed, so it’s safe to assume that anyone asking for it is a scammer.
With regards to exchange accounts, Binance will never ask for your password, either. The same is true of most other services. The most prudent course of action if you receive an unsolicited communication is not to engage, but rather to reach out to the company via the contact details listed on their official site.
Some other security tips include:
- Check the URL of the websites you’re visiting. A common tactic involves the scammer registering a domain that looks very similar to that of a real company (e.g., binnance.com).
- Bookmark your frequently visited domains. Search engines can mistakenly display malicious ones.
- When in doubt about a message you’ve received, ignore it and contact the business or person via official channels.
- Nobody needs to know your private keys or seed phrase.
5. Vested Interests
The acronym DYOR – Do Your Own Research – is often repeated in the cryptocurrency space, and for very good reason.
When it comes to investing, you should never take someone’s word for granted on what cryptocurrencies or tokens to purchase. You never know their true motives. They may be paid to promote a particular ICO or have a large investment of their own. This goes for random strangers all the way to popular influencers and personalities. No project is guaranteed to succeed. In fact, many will fail.
To be able to assess a project objectively, you should be looking at a combination of factors. Everyone has their own approach to researching prospective investments. Here are some general questions to get started:
- How have the coins/tokens been distributed?
- Is the majority of the supply concentrated in the hands of few entities?
- What’s the unique selling point of this particular project?
- What other projects are doing the same thing, and why is this one superior?
- Who is working on the project? Does the team have a strong track record?
- What’s the community like? What’s being built?
- Does the world actually need this coin/token?
Malicious actors have no shortage of techniques for siphoning funds from unsuspecting cryptocurrency users. To steer clear of the most common scams, you need to remain constantly vigilant and aware of the schemes used by these parties. Always check that you’re using official websites/applications, and remember: if an investment sounds too good to be true, it probably is.