Scams have unfortunately emerged as a prominent and persistent challenge in the crypto space as bad actors lurk in the shadows. Backed by advanced technology and tools, these scams have become increasingly sophisticated and harder to identify.
So, how can you safeguard your assets and shield yourself from potential threats? Let's explore the various types of scams encountered in crypto and learn how to spot them before it's too late.
TL;DR
Know the red flags: Learn about common scams and warning signs that come with phishing attempts and other fraudulent activities.
Strengthen your defenses: Practice good cybersecurity habits and keep important information — such as your crypto wallet seed phrase — as secure as possible.
Do your homework: Always do your own research before trading new crypto tokens, NFTs, or other digital assets.
The scam landscape in 2024
Scams remain an ever-present threat in crypto in 2024 as established tactics find their way into the sector and criminals think up new ways to use decentralized technology and digital assets to target their victims. Data has shown, however, that 2023 brought a significant decrease in the total value of funds lost to scams, hacks, and exploits.
According to the De.Fi Rekt Report, total crypto losses reached $1.95 billion in 2023, down from the more than $47 billion lost in 2022. Although these improved figures are partly down to increased security measures, 2022's total was inflated by the major collapse of entities including FTX, Terra, and Celsius.
In 2024, the onus is on crypto players to continue to build robust security measures into their offerings and educate users on how they can protect themselves from fraud.
What kinds of crypto scams are out there?
Pig butchering scams
Pig butchering scams see the perpetrator create the fake illusion of friendship or romance with the victim. The aim is to build trust with the victim before coercing them into investing in or trading through a fraudulent platform, with the promise of financial freedom.
The scam gets its name from the idea of fattening a pig for slaughter, as the victim is convinced to hand over more and more of their crypto assets before the criminal disappears with everything.
Romance scams
Romance scams are similar to the pig butchering scam in that they involve a criminal forming a relationship with the victim. However, here, the criminal aims to create the illusion of a romantic and emotional relationship with the victim before creating a false situation where the criminal requires financial support. Today, crypto is increasingly being used as the means of providing this supposed financial support, as transactions are relatively anonymous and irreversible.
Remittance scams
Remittance scams follow a simple premise. The victim is contacted by a supposedly legitimate investment firm asking them to invest a small amount of crypto to eventually unlock a much larger quantity in return. The scammer may then ask for further payment to cover supposed taxes or fees — all part of the administrative process. However, the returns never arrive, and the scammer disappears. This scam relies on fear of missing out (FOMO) on a lucrative financial opportunity and pressure tactics to convince victims to act quickly and without assessing the situation fully.
Phishing scams
Seed-phrase scams and fake websites: Like deceptive doppelgangers, some scammers create fake websites that mimic popular platforms or applications. Always double-check URLs before clicking on them, and never ever give a website your seed phrase.
Email and social media phishing: Beware of scammers posing as well-known figures like Elon Musk on Twitter, offering "too good to be true" deals. If it smells fishy, it probably is. These scams often appear in your mentions, social or Discord DMs, email inboxes, and comment sections. Just like the TrustWallet scam, if someone from a support team reaches out to you and asks for a seed phrase, they're probably trying to scam you. Remember: never give out any personal information or passwords and seed phrases.
Fraudulent mobile apps: Scammers can disguise themselves as popular wallet apps like Trezor, waiting to snatch your hard-earned crypto. Always download apps from official sources and check reviews to make sure the app is legitimate. When restoring a crypto wallet, you'll have to input your seed phrase, so be sure to double-check whenever you download a new app like OKX Wallet.
Malware hidden in downloads: In August 2023, CoinsPaid, a Ukrainian-based crypto payment processor, was hacked for $37 million. An employee was tricked into downloading a test for a job interview, which was fake. The employee installed malware, and the malware breached the CoinsPaid internal system. The bad actors then had access to millions of crypto funds.
Crypto project scams
Imitation/fake projects: Some scams involve projects imitating well-known cryptocurrencies, like the Bitcoin Gold scam. They may appear genuine, but their sole purpose is to deceive you and capture your funds. Always verify the project's authenticity before committing your funds.
Projects with no utility or unrealistic promises: Remember the notorious BitConnect? Projects like these make unrealistic promises and often lack a solid use case. Be cautious of schemes that sound too good to be true.
Pump-and-dump schemes: Groups like the 'Big Pump Signal' Telegram group artificially inflate a coin's value, only to dump it later, leaving unsuspecting traders in the dust. Steer clear of such schemes and avoid the hype. And remember: always do your own research.
Exchange and wallet scams
Fraudulent exchanges: Unscrupulous individuals might set up fake exchanges to lure users. Stick to well-known, reputable exchanges that transparently communicate their Proof of Reserves, such as OKX, to protect your assets.
Fake wallet apps and services: MyBigCoin is one example of a fake service with empty promises designed to steal user funds. Always research wallet providers and look for trustworthy recommendations. If you're looking for a new self-custody wallet, we recommend trying out the OKX Wallet.
Initial Coin Offering (ICO) scams: ICOs can be an exciting and rewarding opportunity, as with any new project in crypto, but they also carry big risks. Be mindful of the pitfalls associated with them and make sure you do your due diligence on what these ICOs are promising. Scams like PlexCoin and Centra Tech are prime examples of ICOs gone wrong. Look for transparent information about the team, realistic goals, and a well-written white paper.
Best practice to avoid getting scammed
Secure or self-custody your digital assets
Use reputable wallets and exchanges: Trustlessness is crucial in the crypto world. Stick to well-established wallets and exchanges with strong security measures in place that transparently communicate their Proof of Reserves or open-source their security models.
Enable two-factor authentication: Add an extra layer of security to your accounts (including everything from social to email) by enabling two-factor authentication (2FA). It's a small step that can make a massive difference.
Research projects thoroughly
Check team credentials and project history: Investigate the background of the project's team members and their past accomplishments. A solid team is the backbone of any successful project.
Examine the project's white paper: A white paper is like a project's blueprint. Make sure it's well-written, comprehensive, and outlines a clear vision and plan. If it doesn't make sense or sounds too good to be true, it might be a scam.
Analyze tokenomics and use cases: Dive deep into the project's tokenomics and use case. A strong project should have a practical purpose and a clear plan for token distribution. If a token distribution is extremely concentrated among founding members or doesn't have a clear lockup plan, this may be a sign of a pump-and-dump scheme.
Be cautious with communication
Verify the source of emails and messages: Scammers often pose as official representatives from big companies, such as the CEO of OKX. Verify the sender's authenticity before engaging or sharing any sensitive information, and always reach out to the customer support team if you receive any phishing attempts.
Avoid sharing sensitive information online: Keep your private keys and seed phrases to yourself, and try and store your passwords offline. Treat them like your most valuable secrets.
Be skeptical: Many of today's fraud tactics involve emotional manipulation. Be cautious and skeptical of any unsolicited contact you receive from strangers through social media or messaging apps, and always question the individual's motives.
Monitor your assets
Keep track of your assets: Regularly review your portfolio and stay informed about the projects you're involved in. Better yet, take your crypto off exchanges and into a self-custody wallet for higher security.
Stay informed about the crypto market: The crypto landscape evolves rapidly. Keep yourself updated on the latest news and developments to make informed decisions. We recommend following reputable news sources and leading social media accounts in the crypto space.
Educate yourself: essential reading
Educating yourself on the threat of crypto scams is one of the most powerful ways you can protect yourself and others from falling victim. Below is a list of additional resources we recommend you explore to learn about modern crypto scams, how to avoid them, and how to report them.
The U.S. Federal Trade Commision's consumer advice on cryptocurrency and scams.
Cyber security experts Kaspersky provides dedicated crypto safety guidance on its blog.
The Cryptocurrency Compliance Cooperative provides an avenue to report a cryptocurrency scam. The incident will be taken forward by law enforcement and blockchain investigators.
Educational platforms like Coursera and Udemy offer insightful courses on crypto security, self-custody, and identifying scams.
The final word
While the crypto world is full of opportunities, plenty of threats exist. By staying vigilant, practicing good cybersecurity habits, and doing thorough research, you'll be better equipped to navigate this exciting landscape safely. Remember, it's essential to take responsibility for your assets and always stay on guard.
© 2024 OKX. Tento článek smí být reprodukován či distribuován ve své úplnosti, případně z něj lze použít výňatky do 100 slov, ovšem za předpokladu, že je to pro nekomerční účely. U každé reprodukce či distribuce celého článku musí být viditelně uvedeno: „Tento článek je © 2024 OKX a je použit na základě poskytnutého oprávnění.“ U povolených výňatků musí být uveden název článku a zdroj, a to např. takto: „Název článku, [místo pro jméno autora, je-li k dispozici], © 2024 OKX.” Z tohoto článku nesmí být vytvářena odvozená díla ani nesmí být používán jiným způsobem.