Sadly, the crypto world is rife with scams and people trying to rip others off. By being aware of the threats out there you’ll know what to look out for and be better prepared to steer clear of suspicious activity.
Phishing Scams
A phishing scam is when a scammer contacts an individual pretending to be from a legitimate business such a crypto exchange, bank, or internet service provider. The contact is often by email but could also be social media, phone call, text message, etc.
The scammer will usually asks the victim to provide or confirm personal details. Alternatively, the scammer may alert you to ‘unauthorised or suspicious activity on your account’. The scammer will usually ask you to confirm your log on details, password, secret answer, etc.
Phishing emails often look genuine, they usually copy the format used by the organisation the scammer is pretending to represent, including their branding and logo.
Phishing emails may contain links which will take you to a fake website that looks like the real deal, but has a slightly different address. If you don’t spot this and enter your details the scammer will have them to use on the legitimate site. It’s always advisable to avoid clicking links and if you do ensure you study website addresses very carefully before entering any details.
You might find scammers set up fake websites with only slight variation from the real one. For example, ‘www.binance.com’, the scammer may use an address like ‘www.binence.com’.
If you do give up personal information by mistake the scammer will use your details to steal your crypto or sell your personal information to others.
Pyramid and Ponzi Schemes
Pyramid and ponzi scams can differ in the fine detail but these types of scams usually encourage reinvesting profits. They nearly always include some kind of referral programs.
The scam works by encouraging an individual to use his/her referral link to invite others to get involved. The more people he/she refers the more money he/she will make. Initially this kind of scheme can be quite lucrative (more so the higher up the pyramid you are) but eventually, the pool of people who are willing to register will run out and the system collapses when there is no longer any more money flowing in.
The people high up don’t want to be held liable so this often ends in an ‘exit scam’. The exit scam will usually start by there website being ‘down for maintenance’ this will ensure people who have money in the scheme can’t access it. This also buys them some time. Next the founding team take the ‘stolen’ money, close their social media pages and cut all communications with customers. They are gone before the realization by customers that they have been ripped off. If the coin in question is traded on other exchanges it will usually fall drastically in price as everyone relies the who thing was a scam. Customers are usually left with a coin that is worthless.
If you are lucky enough to get in (and more importantly out) early you might make money but I’d recommend steering clear of these schemes, they’re has been so many that have ended badly for the majority of investors.
Key Logging
A keylogger does exactly what the name suggests. It logs your keystrokes.
A keylogger can be a piece of hardware that has been physically plugged into a PC but more commonly they are malware or code that has embed itself into the operating system of your computer. There are even types of keyloggers that can work at a lower level than the operating system making them very difficult to discover and remove without in depth technical understanding. A keylogger can be designed by hackers as hidden browser extension and just report on all of the keystrokes that you make through that app. Others manage to infect web pages, so everyone that visits those pages gets their data stolen.
Keyloggers don’t usually slow down your computer so you probably wouldn’t even know one is in operation.
A number of other hardware keyloggers seem to come straight out of a spy movie. These include keyboard overlays, “acoustic keyloggers” that record the sound of a person tapping on a keyboard and work out the tiny difference in the sound that each key makes, and “electromagnetic emission” keyloggers that capture the electric pulses leaking into the air from a keyboard cable.
The best defense against keyloggers is very good anti-malware software and skepticism toward downloading anything over the web. If you have a bad feeling about something don’t download it. Once you download a Trojan it can be extremely difficult to remove it.
The most straightforward way to detect any undesirable software is to look in your Task Manager to check on the processes that are running. Unfortunately, many of those background processes have obscure names. However if you google search the tasks you’ll probably soon find information warning you if one is a virus that is running a keylogger.
Compromised wallets
There are thousands of cryptocurrency wallets to chose from but unfortunately not all are legit. Do your research and chose carefully.
Fake or scam wallets may look like the real deal, but you could be downloading malware to your computer which can allow a hacker to access your account and steal your funds. We’d recommend running some good anti-malware software to check websites before you download anything.
There are also trojan viruses which can change details in your wallet to those of a hacker when making a transaction. This could result in you sending your funds to the hackers wallet rather than the intended destination. Remember, once you have committed to sending funds there is no way to getting it back. Always check your send and receive addresses thoroughly BEFORE you transact, to make sure they are correct and have not been changed in the wallet without you realising.
Private messages on social media
It is very common for scammers to try and contact their victims via social media, often a personal message. A personal message ensures others won’t step in to warn the victim that they might be the target of a scam. Facebook messenger and Telegram are popular messaging app’s scammers may use to try and contact their victims.
We’d recommended being weary of anyone who contacts you via a personal message. Particularly those who offers you investment advice or asks you to send money for a better return.
We try to discourage personal messaging within our social media outlets and advise members to treat any message they receive with some suspicion.
Email threats
Email threats can be aimed at anyone. It’s often a random attack but sometimes the scammer has accessed some leaked information on you and hopes its enough to scare you into falling for the scam.
This kind of scam can vary in details but usually follows these lines.
The scammer will send you an email, often the email will appear to come from your own email address. Don’t panic, it hasn’t, this is a clever trick that anyone can do using certain online tools. (If you want to be sure, check your outbox).
They will usually claim they have access to your email account and this is what they’ve used to send the message. Next they will claim they have installed a program that has been running in the background on your PC for some time allowing them access to your camera and they have video’s of you viewing adult content which they will send to of your contacts on social media if you don’t send them a payment (usually in bitcoin).
These emails can be quite convincing especially if you don’t have an in depth understanding of computing and the tools which hackers have at their disposal.
If you receive an email like this don’t panic. Even if they have access to some limited information about you they don’t have nearly as much as they claim. If the email threat does contain personal information change all your passwords immediately and ensure your accounts are safe.
Fake ICO’s, Tokens, and Opportunistic forks
Each month hundreds of new cryptocurrencies enter the space. These can provide great opportunities for investors looking for the next big thing. Some of these new projects aim to raise funding by initial coin offerings (ICO’s). An ICO is basically a means of crowdfunding in which early investors can buy coins at a reduced price hoping that the price will go up dramatically when the coin gets listed on exchanges.
Whilst some of these projects are legitimate and have a genuine use case a lot do not. Its important to take a few steps to identifying weather or not a coin or ICO is a scam.
Do your own research, the more the better. Don’t take advice from a single source, read information from as many independent sources as you can find.
Read and understand the whitepaper, We’ve seen a lot of whitepapers that are like ‘buzz work bingo’, they are very wordy and sound complicated but when you take a step back they actually have very vague detail.
Get to know the team behind the project. Perhaps the single most important success factor for any ICO or cryptocurrency is the developers and administrative team behind the project. If the project has some names of people who have worked on other successful projects it gives it more legitimacy. Check are the developers on Linkedin.
Depending on how new the project is have a look at their GitHub repositories. Are there regular submissions from more than one source?
How feasible is the project. Is their road map realistic?
Most importantly always exercise caution. If a project looks to good to be true it probably is. If any of the points mentioned ring alarm bells we’d recommend avoiding the project.
Another scam to be aware of are opportunistic forks, these are forks of an existing blockchain, usually bitcoin. (you may want to research blcokchain forks to understand how these work).
Whilst some forks are legitimate, others are scams. The scam works by hoping investors will take an interest the new coin and begin buying it on exchanges. This will drive the price up giving the team behind it (who often hold a lot) change to dump the coins they hold whilst the price is high.