Crypto hacks and exploits have cost people billions of dollars each year. Here’s how to make sure you’re not among them.
If there’s money to be had, con artists will try and take it from you. Crypto is no exception. In fact, crypto is a prime target for scammers who take advantage of the nascent technology and the general public’s lack of familiarity with blockchain tools to position themselves as experts or leaders in the space and gain trust.
Even though in 2022 crypto underwent a dramatic downturn, crypto scams were on the rise. According to data from CertiK’s 2022 “Web3 Security Report,” last year was the worst year on record in terms of value lost from Web3 protocols. Cryptocurrency losses due to hacks, exploits and scams in 2022 reached an all-time high of $3.7 billion – a 189% increase over 2021’s previous record of $1.3 billion.
In this article I’ve rounded up the most common scams to explain what they are and how to identify them so you can protect your wealth.
Bitcoin scams
Bitcoin scams are nearly as old as bitcoin, the first cryptocurrency and the one with the highest market cap. Of all cryptos it is the one with the most name recognition and the broadest adoption – even traditional finance firms such as Fidelity have bitcoin as part of their offerings! Because of this, bitcoin feels “safe” to many new investors and is often the entry point to crypto.
One of the most common scams to target your bitcoin is a phishing scam. The hacker often impersonates a legitimate-sounding service, company or individual in an email or text message and tries to trick victims into revealing their private keys or fool them into sending their bitcoin to the con artist’s wallet.
Avoid getting tricked by checking any sender’s email address and making sure the sites they are linking to are legit. Often, phishing email addresses will slightly misspell a real site – i.e., Gogle.cm instead of Google.com – or send you to a site that contains similar errors, such as coinbase.co instead of coinbase.com. A good habit to prevent going to malicious websites is to bookmark any legitimate sites you use for crypto and use only those bookmarks to visit those sites.
2. NFT scams
Many people new to crypto are finding their way to the space through non-fungible tokens (NFT), whether through collectible sites such as NBA top shot buying a colourful avatar for social media or via as NFT that also serve as a ticket for an event. Sometimes called "digital collectibles" by big brands including Starbucks and Instagram, there are plenty of scammers who target both newbies and old pros in the space.
One scam unique to the NFT space involves forgeries and fakes. When an NFT project, for example Bored Ape Yacht Club, begins to rise in value, scammers will target people looking to “ape” in by creating copycat collections, sometimes( stealing the original artwork and cloning the entire project)to mimic the real, valuable one. While occasionally a blue-chip project NFT gets listed (usually mistakenly) for a bargain-basement price, if you see an NFT from a project for sale at far below market rates (which you can easily check on a site like NFTpricefloo.com), chances are it’s a fake.
NFT marketplace OpenSea verifies that an artwork or collection is genuine with a blue checkmark on the listing page. You can also check past ownership and sales of an NFT. That’s the beauty of the blockchain – if an NFT seems to have appeared out of thin air long after the original mint, that’s highly suspicious because all past transactions are recorded. When in doubt, you can look for the original artist’s Twitter account and message them to ask if it is legit.
3. Social media scams
Many crypto scams originate on social media, especially on Twitter and Instagram. According to a June 2022 report from the U.S. federal trade commission Nearly half the people who reported losing crypto to a scam since 2021 said it started with an ad, post or message on a social media platform.
From giveaway scams to fraudulent “verified” or blue-checked accounts, social media is rife with fraud. Since Elon Musk’s acquisition of Twitter you can no longer simply glance at a blue check after a name and be sure it’s a verified account because any Twitter Blue subscriber can pay for that mark for just $8. Before you trust any advice or ideas from what seems to be a verified account, look at their other posts, how long they’ve been active and how many followers they have. A brand-new account with few followers that seems to only be shilling crypto projects is unlikely to be trustworthy.
One scam unique to social media comes from YouTube, where people set up fake livestreams to bilk viewers out of their crypto. The scammer creates a legitimate-looking YouTube livestream, often using stolen content to boost their authority, and posts links to giveaways or other seemingly tempting content. These links can be malicious phishing attempts or simply direct you to send your crypto for the “expert” to invest. Check the history of the channel, including when it started and the other videos they’ve posted, to avoid being duped. New channel with no videos? Stay away.
4. Ponzi schemes
Many critics call crypto itself a Ponzi scheme For instance, the CEO of JPMorgan Chase, Jamie Dimon, called crypto tokens decentralized Ponzi schemes in 2022. The definition of a true Ponzi scheme, however, is a financial fraud that promises outstanding returns and does so not by actually investing the money it receives, but instead by distributing payouts to early investors with funds from more recent investors.
Crypto is a huge target for Ponzi schemes, which often rely on the “expert” having superior knowledge of a complex and new technology. The experts promise to do the hard work with your money and remove the headache of you having to learn how something like decentralized finance (DEFI) works. One of the biggest warning signs of a Ponzi scheme is “guaranteed” returns of double-digit percentages, a promise no legitimate investment can keep. All investments carry an element of risk and crypto is more volatile than traditional financial instruments. If someone is promising you huge guaranteed returns, the only thing you can guarantee about it is it’s a scam.
5. Rug pulls
Rug pulls are a type of exit scam to which DeFi and NFTs are particularly susceptible. Combine the fact that DeFi removes the intermediaries involved in financial transactions with the relative ease of creating a new token, and you’ve built an environment ripe for scammers to exploit. Fraudsters can easily create a crypto token and get it listed on a decentralized exchange (DEX) without going through any kind of code audit or another type of background check. From January to December in 2022, over 117,000 scam tokens were created , stealing billions of dollars unsuspecting investors
Newly listed currencies often soar in price, and eager investors may use filters like “recently added” or “top gainers” to filter for new, hot coins without doing research on the projects. Once the founders of the fraudulent crypto project feel the price has peaked, they’ll make off with investors’ money, leaving holders with a worthless coin.
In the NFT space, scammers will create entire collections that copy or knock off a well-known collection to entice susceptible buyers. Mutant Ape Planet, a fake play on the legitimate Mutant Ape Yacht Club NFT collection, defrauded buyers out of nearly $3 million promising them rewards, access and other perks before making off with all their money.
The best way to prevent this is to do your research. Follow the steps to thoroughly evaluate any new cryptocurrency or NFT project, especially reading the white paper and looking into who are the founders. No white paper or previous record? Huge warning sign.
6. Crypto romance scams
A scam that didn't start with crypto but has popped up as the space has grown is a long con known as a romance scam, which netted $185 million from victims, the FTC said in June 2022. The con artist sets up fake profiles on dating sites and/or social media sites to entice targets. They may “accidentally” DM you on WhatsApp or other messaging platforms as well, and then engage in conversation. Once the mark has gotten to know the victim, the fraudster will turn the conversation to bitcoin or other cryptocurrencies and convince the person to invest a little money in the token.
Often the sophisticated scam artist will create fake – but convincing-looking – websites as part of a pig butchering scam fattening up the "pig" with small deposits and pretending the victim is netting huge returns until the person is convinced and makes a big deposit. At that point, the scammer cuts ties and makes off with the money after weeks or even months of stringing the target along.
You should be suspicious of any request from someone you haven’t met in real life, but a big, common warning sign that your cyber-sweetheart isn’t in it for love is they refuse to meet face to face or via Zoom or other video conferencing app.