Loading...

Cryptocurrency Fraud

 

Cryptocurrencies have surfaced as an alternative to the legacy financial system, offering a way for those interested to “opt-out” and assume full control over their finances. To achieve these goals, some cryptocurrencies are decentralized, thoroughly trust-minimized, permissionless, and censorship-resistant.

The same traits that lend this new asset class its appeal and clout make it a perfect vehicle for fraud.

 

The Cryptocurrency Industry is Fertile Ground for Scams

The creativity of cryptocurrency fraudsters knows no bounds, and though some of their efforts are sophomoric and easy to avoid, they do manage to scam many people out of their hard-earned dollars, euros, and pounds. Every year, people lose several billions of dollars to cryptocurrency fraud.

The methods crypto scammers use are so diverse that it is impossible to keep tabs on them. It makes sense, however, to take a closer look at a few of their most effective and outrageous methods, so one develops an understanding of how these cybercriminals operate.

 

Exploiting Hardware Wallet Vulnerabilities

The crypto sphere touts hardware wallets as the safest solution for storing cryptocurrencies. Hackers often target online, “hot” wallets and exchanges successfully. Taking crypto funds offline and storing them in a “cold” wallet does indeed seem like the perfect solution.

That said, hardware wallets have a surprising number of vulnerabilities. The multi-word seed-phrases they use are at the root of such vulnerabilities. Scammers buy hardware wallets, give them away and pre-configure them with seed phrases they hide under a scratch card. The new owners of the wallet then use these cards to configure their devices, thus giving the scammers access to their funds.

Hardware wallet users are also exposed to a wide range of email-based phishing attempts. Irresponsible hardware wallet manufacturers have been known to store detailed information on their buyers in online databases that make juicy targets for hackers.

Once they gain access to the emails, phone numbers, etc., of the wallet holders, scammers bombard their victims with a wide array of emails, looking to get them to reveal their private keys.

 

  • Blackmail attempts to threaten some action against victims while requesting a ransom. Such attempts hardly make logical sense since paying the ransom would only turn the victim into a more inviting target in the future, instead of getting him/her off the hook.
  • Emails pretending to originate from the manufacturer of the hardware wallet may tout firmware upgrades or may threaten service cessation, if the victim does not take action, revealing his/her seed-phrase. Such phishing attempts aim to strike fear and spark urgency to resolve a non-existing problem.
  • Some emails promise rewards in the form of free cryptocurrency. All they require from the victim is the seed-phrase of his/her hardware wallet, granting full access to the contents of the wallet to the scammers. Such emails bank on the greed of the victim, and as such, they are surprisingly successful.
  • Emails promising investment opportunities or promoting various get-rich-quick schemes, again, rely on greed, and are, therefore, very dangerous.
  • Imposter websites work hand-in-hand with email phishing. They lend credibility to the claims in the emails, getting wallet users to give up their seed-phrases to head off an impending problem. Such websites may pose as the official website of the hardware wallet provider, a prestigious exchange, etc.
  • Although they look and act like the site the victim thinks he/she is visiting, they land an underhanded pitch at one point or another, aiming to extract information or payment.
  • Some emails alert victims to an impending unauthorized withdrawal from their hardware wallets. To block the supposedly fraudulent action, the victim needs to provide his/her seed-phrase to a site posing as the official site of the device manufacturer. Such scams work hand-in-hand with imposter websites.
  • Other emails claim that there is a significant incoming coin transfer to the wallet that needs the approval of the victim. To approve it, the victim will have to disclose his/her seed-phrase sooner or later. After that, there will indeed be a transfer taking place on the wallet, but it will be an outbound one, from the victim to the scammer.

How to Prevent Fraud

Hardware wallet makers, or anyone else, have no business knowing your seed-phrase. That is information for you to know, and no one else to ever find out. If someone asks you for your seed-phrase, this entity requests unfettered access to your hardware wallet, nothing more and nothing less. 

You never have to approve a crypto transfer for it to land in your wallet. That is not how cryptocurrency and bitcoin transfers work. Even if someone sends you funds by mistake, they will land in your wallet without the need to approve anything. You only need to approve outgoing transfers.

Most hardware wallets are standalone devices, and they work without the need to connect to the internet as long as you do not send funds. The manufacturer cannot shut down the service. All it could do is discontinue the software you may need to manage your digital assets, but it cannot shut down your device.

 

Fake Exchanges, Exit Scams

 

While most digital assets are decentralized to some degree, investors can only buy them through exchanges, which are, for the time being, centralized bottlenecks. For now, the regulatory standing of most cryptocurrency exchanges is murky at best. Some exchanges may turn out to be traps, which is why cryptocurrency experts caution against keeping significant funds in exchange accounts.

Exchange scams may use imposter websites as well. They hijack the reputation of well-known exchanges to allay the suspicions of their would-be victims.  

How to Prevent Fraud

Fake exchanges are relatively easy to spot. If a suspicious entity offers too-good-to-be-true discounts on bitcoin, it is a fake exchange. Also, take a look at the URL of the website on which you land. If it does not begin with HTTPS, it is an unencrypted, unsecured connection exposing you to theft.

 

Imposter Mobile Apps

Posing as a legitimate cryptocurrency  business is not a “privilege” reserved solely for websites. Scammers create mobile apps posing as legitimate, getting users to download them from Google’s Play Store or the App Store. Through these apps, fraudsters then convince their victims to “invest” with them or to hand over the private keys of their software- or hardware wallets.

 

How to Prevent Fraud

Make sure the mobile apps you browse do indeed belong to the entities to which they claim to belong. Look for misspelled app names, brands, and poorly written promotional copy. Read into the user reviews. If you suspect foul play, do not download the app.

 

Social Media and Cryptocurrency Fraud

Social media has emerged in recent years as the greatest perpetrator of misinformation, half-truths, and manipulation. If we add cryptocurrencies to that mix with their pseudo-anonymity, and borderless and permissionless nature, the result is an online environment where scams thrive.

Scammers have been impersonating celebrities for one reason or another since the dawn of social media. In recent high profile attacks, they took over the real, verified accounts of various celebrities, encouraging the followers of these people to send them cryptocurrencies, and receive more back. This spate of scams was highly successful due to the trust the said accounts commanded at the time.

 

How to Prevent Fraud

Nobody is giving you cryptocurrencies for free. And that means nobody. Do not believe anything too good to be true, especially if it comes from social media.

 

ICOs, MLMs, and Pump-and-dumps

Acting as the engine of the 2017 crypto boom, the ICO craze allowed everyone to back the blockchain project of his/her choice, unhindered. While the ICO boom did create a few potentially useful projects and solidified the standing of some altcoins, it also acted as a free-for-all for scammers.

Scores of people, including celebrities from all walks of life, pulled off pump-and-dump schemes, scamming would-be early investors out of millions upon millions of dollars.

This quirky period in the history of the crypto industry put the creativity of scammers, hackers, liars, and run-of-the-mill con artists on full display. The scams of this era covered various shady altcoins that some people chose to promote using the power of their celebrity status within the crypto world. Exit scams abounded. Multi-level marketing techniques and pyramid schemes made their way into ICOs, convincing many through these time-tested methods to give up their hard-earned dollars.

It may seem like the golden age of crypto fraud is upon us. But thanks to experts like CNC Intelligence Inc., scammers can now count on that knock on the door.

Cloud Mining

 

It seems that cryptocurrency fraudsters have not left any stone unturned. As their peers were phishing, hacking, deceiving, and lying their way to crypto riches, some scammers figured they would turn cryptocurrency mining into another scam angle.

They began offering “server space” to those who wanted to take part in cryptocurrency mining, striking up “lifetime contracts” featuring fixed costs and unrealistically good returns.

Although there were legitimate cloud mining operations that mostly failed to yield any profits, scammers hijacked the idea through Ponzi schemes that resulted in considerable losses for all those involved.

 

How to Prevent Fraud

 

Any cloud mining service that is profitable would not need to be rented out, since it is generating money.  It essentially would be a money-making machine, therefore, logically, no one is going to rent out cloud miner for less than they could make by running the mining software themselves.  

Therefore, any “service,” “investment,” or business opportunity offering cloud mining, should be avoided.

 

In Summary

 

One of the traits that scammers love about cryptocurrencies and Bitcoin, in particular, is their allegedly untraceable nature. Once they steal the funds, fraudsters figure that the victims cannot recover them.

Experts like CNC Intelligence Inc. can, however, reliably trace hundreds of thousands of digital assets. They can also identify the holders of the wallets where the stolen funds land. Recovery specialists liaise directly with law enforcement officials to facilitate the recovery of misappropriated assets.

It may seem like the golden age of crypto fraud is upon us. But thanks to experts like CNC Intelligence Inc., scammers can now count on that knock on the door.