· 7 min read

5 Crypto Scams To Be Aware Of

Ponzi Schemes Phishing Emails Fake Exchanges and Wallets Websites Fake Apps ICO Scams

Since the introduction of bitcoin in 2009, there have been a number of scams in existence. Initially, the criminals behind these operations sought to capitalize on a lack of understanding of the underlying principles of digital currencies, as well as financial products, to defraud people. However, as the cryptocurrency market grew and crypto-literacy advanced, the types of scams increased both in frequency and sophistication.

In this guide, you will learn about the five most common scams in the cryptocurrency community you need to be aware of.

Ponzi Schemes

Ponzi schemes were among the first kind of cryptocurrency scams witnessed in the cryptocurrency space. Characterized by the promise of high returns in a short period of time, Ponzi schemes operate by paying their older “investors” with the money paid into the program by its newer “investors”. Using this method, the schemes are able to stay in operation for a long time, in turn convincing their users that they are in fact a legitimate operation.

High Yield Investment Programs (HYIPs) are a type of Ponzi scheme where people are encouraged to join a program with the promise of guaranteed high returns. These - often “guaranteed” - investment returns are usually much higher than the market average. The company offering the investment opportunity will claim to be employing sophisticated investment methods to trade the investor’s deposited cryptocurrency, which are the reason for the high returns. In reality, however, these platforms are using the joining fees paid by new users to placate the older participators.

Bitcoin HYIPs will almost also have an attractive referral package to incentivize users who attract new users into the program. This is done to ensure that there is new money coming into the platform to propagate the deception. In addition, users will find it quite difficult, if not impossible to withdraw their bitcoin holdings from the platform as there are usually some barriers put in place. Once the platform has generated enough funds, it will disappear and make off with investors’ cryptocurrency. A good example of this is BitPetite, which shut down in late 2017 and took off with its victims’ funds.

Another type of Ponzi scheme are Bitcoin MLM schemes. While MLM (multi-level marketing) is a widely considers a legitimate marketing tool by regulators, bitcoin MLM scams are distinguishable because they do not offer an actual product or service. Instead, they work by offering a portion of the joining fee to anyone who can convince a new user to join the platform. While this is a tool most Ponzi schemes will use in addition to other tricks, it can function on its own in order to defraud users who are new to bitcoin and do not fully understand how digital currencies work.

Lastly, another type of Ponzi scheme that criminals use so as to make away with your bitcoin is through fake cloud mining sites. Cloud mining refers to the process through which a person buys a crypto mining contract at a large mining operation, which will then share part of their mining returns with the cloud mining contract holder. This way the individual does not have to manage the logistics of physical running a mining operation but is still able to benefit financial from cryptocurrency mining.

Legitimate cloud mining platforms do exist but it is important to conduct in-depth research before buying a cloud mining contract at a particular provider in order to avoid getting defrauded. Examples for fake cloud mining operations that turned out to be simple Ponzi schemes are Gawminer and ZenMiner led by Joshua Garza. These companies were investigated by the SEC for fraud and Garza was found guilty of defrauding investors of substantial amounts of money.

Garza lured people into buying plans on the mining platforms but the companies did not own the mining rigs sufficient to mine the amounts of bitcoin they were claiming to and thus were unable to keep paying investors when new people stopped signing up.

Phishing Emails

Phishing email scams refers to the process through which a criminal will send out what looks like a legitimate email that contains important information. Usually, this correspondence will include malicious software that has been created to infiltrate the recipient’s system and extract important private information or it will lead users to fake sites that are meant to capture their victims usernames and passwords. This information is then used to defraud their victims.

Phishing scams are prevalent on the Internet but more so within the cryptocurrency space. This is because on most cryptocurrencies, once transactions are done they cannot be refunded as well as due to the pseudonymous nature of the most digital currencies, which makes it easier for cybercriminals to get away with their crimes.

Scammers will send out emails from addresses that closely resemble legitimate addresses from bitcoin wallets or exchanges, usually changing only one letter in the address. This email will inform users of supposed malicious login attempts and urge the recipients to use the links contained therein to change their account information on the platform.

Once the unsuspecting user inputs their login information through the compromised link, the hackers are able to gain access to the users’ account on the wallets or exchanges. They then proceed to take the cryptocurrency held on that platform.

The most recent example of this is the Bee Token phishing scam where scammers sent emails out purporting to offer bonuses to people who would participate in a pre-sale of their token.

Fake Exchanges and Wallets Websites

Phishing scams also exist in the form of fake websites. Tricksters will make web pages that are similar to legitimate digital currency exchanges or wallets with the intention of using login information to rob users. In order to ensure they are visible to their would-be victims, the criminals will usually buy Google adverts. This way the fake page is the first result that comes up when a person searches for their wallet or exchange.

To avoid this, always double check the web address of the page you are on and ensure it has the correct URL. It is also advisable to follow the service provider on Twitter or other social media channels so as to get real-time updates of any relevant happenings.

Fake Apps

Fake mobile applications are yet another method that fraudsters will use in an attempt to steal cryptocurrency. Cybercriminals develop an app that upon a cursory glance appears to be the real mobile version of a well-respected cryptocurrency wallet or exchange. Since the application is on the Google Play store or Apple’s app store, users believe it to be the legitimate version. This is because it is generally believed Google and Apple thoroughly vet apps before letting them into their stores.

However, there have been a number of fake cryptocurrency apps that have defrauded users. These applications often used use the logos of the wallet and provide very realistic screenshots, leading to users depositing funds in the address of the wallet. The scammers then replace the address the wallets use with their own leading to the unsuspecting users inadvertently sending their crypto holdings to the wrong address and therefore losing their coins.

An example of this was the fake crypto exchange Poloniex mobile app on the Google Play store that has defrauded users of their altcoins. Poloniex does not have a mobile application, which cybercriminals saw as an opportunity to capitalise on. There are also other mobile wallet applications that were downloaded over 20,000 times before Google took them down from its app store.

To avoid falling prey to this kind of scam, make sure to download the mobile versions of the wallet from the link provided on the wallets website. It is also important to stay informed of current happenings within the cryptocurrency space and new trends in cryptocurrency phishing scams.

ICO Scams

Initial coin offerings (ICOs), also known as token sales, token generation events and crowdsales, are an innovative new way for startups to raise capital to fund their endeavours by issuing a new digital token to early backers. Due to the fact that ICOs have been known to raise substantial amounts of money combined with the loose regulation within the ICO space, it has become an attractive market for cybercriminals.

Scammers will create an offering that seems legitimate enough so as to attract funds from investors who believe in the future growth of the fictitious company. After sufficient amounts have been raised, the ICO will pull what is called an “exit scam”, disappearing with the crypto funds and leaving little to no trace of their existence.

Examples of ICO scams would be Confido, an ICO that purported to be developing a smart-contract platform, which disappeared with about USD 375, 000 of investors money and the most recent examples of the Prodeum and LoopX ICOs which trolled its investors after exiting with their funds.

To keep yourself from becoming a victim of an ICO scam, make sure to conduct in-depth research on the ICO before investing. Familiarize yourself with the product/service, check the legitimacy of the company behind the ICO and research the project’s founders backgrounds before even considering investing any money in an ICO. Reddit and the BitcoinTalk Forum are good places to start if you are looking to figure out the legitimacy of a project as other community members will most likely already have done some research, which is often shared on these platforms.