Crypto Scams: How to Spot & Avoid Them
Cryptocurrency – commonly referred to as crypto – is a digital currency system that enables secure payments online. Denominated in virtual tokens, these non-physical types of payments can be exchanged for products and services online.
Despite transactions lacking the legal protections of traditional credit and debit cards, and payments usually being irreversible, these electronic currencies have experienced a boom in popularity, with big-time investors and the general public now holding cryptoassets.
But where there is opportunity to invest, there is also opportunity for online fraudsters to orchestrate scams…
What are Crypto Scams?
Cryptocurrency fraud, as with most other common forms of investment scams, occurs when cyber criminals steal money, via means of bogus schemes and practises, from unsuspecting victims hoping to secure legitimate investments in digital currency.
How to Spot a Crypto Scam
To successfully avoid scams, you first need to understand the various forms that are circling the internet – plus how they operate. When it comes to crypto scams, there are several key types to be watchful for, including:
- Phishing Scams. Phishing is an extremely common form of scam whereby unwitting users are led to malicious websites via bogus emails, text messages, search engine listings, social media, and even telephone calls. As with most scams, the end goal is to swipe PII (personally identifiable information) and logins in order to assume identities and steal finances/crypto. Never engage with unsolicited contact; always scrutinize copy, language and hyperlinks (for hidden URL redirects), along with sender addresses and attachments, keeping in mind that fraudsters can and do impersonate authentic crypto companies, including their technical support staff.
- Fake Websites. Also referred to as ‘spoof’ websites, these are exactly what they sound like. By pulling content (copy, images, etc) from a legitimate company’s site – such as startup firms – cyber fraudsters can create a malicious duplicate version. The scammer’s goal is often to harvest confidential data in order to exploit a victim’s identity and finances, and or place harmful malware on their device.
- Fake Investments. If you’re being offered an unbelievable investment opportunity, scepticism is your ally – especially if the offer appeared out of nowhere. Scammers lurk on the internet in hopes of stealing and mining cryptocurrency, and often come bearing guarantees. Be on guard for fake ICOs (initial coin offerings), unrealistic opportunities, requests to send crypto/traditional currency, and anyone asking for your crypto wallet’s private keys.
- Fake Mobile Apps. Even though most dubious apps get quickly ejected from major platforms – such as the Apple App Store and Google Play – there’s time enough for crypto investors to fall prey to scammers. Key characteristics include typos and poor grammar, along with logos and imagery that seem rushed, inauthentic, or just a little ‘off’. Never be in a rush to download anything that could potentially wind up being harmful.
- Giveaway Scams. Something-for-nothing scams – particularly on social media – have been frequent in the tech headlines. Cyber criminals create fake celebrity/entrepreneur accounts and proceed to inform users that their crypto can be doubled – simply by sending the contents of their digital wallets to them. But it’s all too good to be true, of course; in addition to stealing unsuspecting users’ crypto, orchestrators may also request that confidential information be sent prior to the ‘giveaway’.
- Social Media Scams. The platforms we use for digital chin-wagging are also where fraudsters hang out. Since anyone can post just about anything and setup a fake account (posing as a celebrity/revered entrepreneur), you should never take anything on face value alone. Scrutinize posts and tweets, plus any accounts you follow, and never engage with any messages requesting/encouraging you to send cryptocurrency.
- Coinbase Scams. Coinbase is one of the most recognized cryptocurrency exchange platforms on the planet, and online fraudsters are no stranger to this fact. Phishing emails claiming to be from Coinbase often feature attachments containing hidden malware, or will encourage users to click bogus hyperlinks that lead to malicious websites.
- Ponzi/Pyramid Scams. These illegal schemes use collected funds from new investors to pay existing ones – but since no real investment exists, these schemes fall apart rather quickly, meaning you’ll likely wind up with your cryptocurrency being stolen. The bottom line: don’t invest, don’t get involved.
- Extortion/Blackmail Scams. These scams don’t beat around the bush unlike other more overtly deceptive types. A user will typically receive an email from a fraudster threatening to publish compromising data unless a ransom is paid in cryptocurrency. For instance, the sender may claim to have sourced embarrassing photos or confidential info. The thing is, even if they are telling the truth, it’s best to not get involved with cyber criminals – after all, there’s no guarantee that they won’t release the data anyway or come back with more threats.
- Employment Scams. There are a few different forms of employment-orientated scams, but these commonly involve a fake job offer posted by an impersonated legitimate recruiter. Users who have publicly listed their resumes will be approached; the scammer then requests that confidential information be provided, along with a crypto payment, in order for training for the offered position to begin.
How to Avoid Crypto Scams
Getting tangled in cyber crime’s sticky web can lead to all kinds of financial loss, reputational damage, stress and heartbreak. While there are numerous ways to evade scams, the importance of possessing preventative knowledge cannot be stressed enough.
And so, with a mind to deny scammers by looking before you leap, always keep an eye out for the following characteristics/elements:
- Listen to your Gut. Crypto scams can be pretty convincing, but if you’re experiencing any feelings of unease and doubt, it’s wise to put some distance between your fingers and your phone/keyboard before proceeding any further.
- Ignore Unsolicited Contact. Life is full of unexpected opportunities, granted. But if you receive an unsolicited email/message/call about an investment, it’s a red flag situation – especially if you’re unfamiliar with the company.
- Too Good to be True. When it comes to websites and services, be sceptical of any that guarantee big returns/specific results.
- Grammar & Spelling. If you encounter a distracting/notable amount of spelling/grammar/tonal errors on a website or email, you’re probably dealing with a scam. A reputable, professional company would not publish rushed, poorly produced content. It’s just that simple.
- Fake Websites/Apps. As we discussed above, always be on the lookout for bogus websites and apps; telltale signs are misspellings and grammar, along with uncanny/rushed logos and images. And don’t forget to check for sneaky URL differences in the address bar, along with ‘https’ encryption.
- Pressure Tactics. If a claim/opportunity is being pushed in your direction in a way that makes you feel uncomfortable, you’re almost certainly dealing with a scammer. Invest with a clear head only – and only when you’re good and ready.
- Don’t Reveal PII/Logins. If an unsolicited message asks you to reveal PII or usernames and passwords – via email, text or during a call – never comply, no matter the reason they give. Out-of-the-blue contact has long been a strong indicator of bona fide scams.
- Wallet Protection. When you invest in cryptocurrency, you’ll require a digital wallet with private keys. If a company/individual ever asks you to reveal these keys, never respond – it’s highly suspicious and more than likely a scam.
- Social Media Scepticism. Be sceptical about any too-good-to-be-true ads and contact (especially unsolicited) that you may receive on social media. Keep in mind that cyber criminals commonly exploit the influence of celebrities and corporations by creating fake accounts and endorsements.
- Investigate, Research. Uninformed/blind optimism creates greater potential for disappointment, failure, and even ruin. So remain vigilant and curious, and never accept what you see without digging further. To develop a clearer picture, research the organization, check consumer protection websites, and don’t be afraid to send emails and make some calls. If you still have reservations, why not ask your peers (friends, family, colleagues) for their opinions?
- No Trust, No Transaction. If you’re harbouring any doubts – no matter how large or small – never commit to making a financial transaction.
- Learn Your Craft. By investing some time in learning about cryptocurrency and the mechanics of this new sector, you’ll be doing yourself a big favour. You won’t be guaranteed financial success, of course – but you will be more dialled in, and as a result, better at spotting scams.
Use a Web Safety Tool. Online security apps, such as Total WebShield, were built to protect users from online threats such as those relating to Phishing. Features include malicious website blocking and tracker/pop-up blocking to strengthen both privacy and overall security.