The cryptocurrency market is extremely diverse and full of perils. The fact is that its lack of legal frameworks and oversight makes it a lucrative arena for the activities of various scammers. Ponzi schemes, rug-pull tactics, even outright fraud are commonplace. Market participants often feel helpless when encountering such unrestricted malice, but there are ways they can protect themselves and their funds.
Let us examine the major perils users can encounter by listing the top 5 cryptocurrency scams of 2022. These include Phishing, Registered broker scams, Investment schemes, Unsustainable projects, and the highly popular Memecoins. Combined, these ways of siphoning funds from users are resulting in billions of dollars in damages on a yearly basis, but there are ways they too can be identified, prevented, and even avoided.
In general, cryptocurrency scammers fall into two categories. The first type is socially constructed scams aimed at obtaining private or sensitive data for the purpose of blackmail. The second type assumes that the victim will send cryptocurrencies to a specific digital wallet that has already been compromised.
Phishing scams operate on the basis of a simple mechanism and are one of the oldest methods of deception. They revolve around mimicking the official websites, letters, emails, chats and other types of user outreach channels used by reputable companies. One click on an email or an unverified link is enough to redirect users to a certain site, where personal credentials will be stolen instantly. In the cryptocurrency world, phishing attackers steal cryptocurrency wallet passwords that have been saved on user PCs. After stealing the access information, the scammers gain access to the cryptocurrency account and withdraw it to their own addresses. Such machinations can be carried out not only with a cryptocurrency account, but also with a bank account, Venmo, or PayPal. An important issue in this type of scam is the amount of loss users sustain. If large sums of money are involved, law enforcement agencies will be able to help recover the funds. But in the case of relatively small amounts, there is a big chance the crime will go unnoticed and the user will have to suffer the loss.
Here is an example of a classical phishing scam. In a separate series of attacks, during Yuga Labs’ high-profile Otherside NFT drop in May, the cybercriminals pulled a similar technique by setting up and luring victims to malicious links. They passed these URLs off as the Yuga Labs site. The scammers made off more than $3.7 million.
In order to protect themselves from scams, users merely need to avoid opening any unknown attachments and refrain from visiting suspicious sites through links from unknown sources. Double verification of any incoming communication is vital. Users also need to know that no single reputable company will ever contact its users directly asking for money, deposits, or any other types of activities with personal data or funds.
The second most popular type of scam is the registered broker scheme. Also called the "Ghost Broker", this method consists of presenting one’s self as a registered broker, whose data can be verified and who is a real person. In this way, by creating trust, the scammer forces people to send them funds under the pretext of investing in a cryptocurrency. By the time the users realize that something is amiss, the scammer will have already vanished. Most importantly, the impersonated person will never even know that their identity is being abused for such purposes.
A striking example of a variation of this type of fraud is the “romance scam”. The person who is the victim thinks he/she has a romantic partner in another country, usually found through a sudden email or a dating website. The supposed partner asks for financial help for medical treatment or something similar, and then disappears after the transaction is completed.
The main advice for those willing to protect themselves from scammy brokers and failed romance fraud is to not be gullible and refrain from sending assets to unverified individuals.
Investment schemes. Numerous cybercriminals do not even bother with creating anything new, but use old tried-and-true methods. For example, an attacker can find potentially interested investors and offer them to invest in a hedge fund, network design, creation of a new platform, or anything else. After the investment is completed, the scammer simply disappears. Another name of the given scheme is the rug-pull tactic, which foresees the development of a fictitious project by a group of founders who close down their venture the moment gullible investors have transferred a sufficient amount of money to the designated address.
In order to avoid falling victim to such a scheme, users must first understand that the risk of losing funds is omnipresent. Look for projects that are already developing and avoid "zero" projects.
Some frauds do not start as scams, and some of them are Unsustainable projects. Good examples would be Terra (LUNA), Celsius, and BlockFi. It is likely that they were not designed as scams, but were created in an attempt to do something unsustainable. There are many models of work that fail, because they do not make any financial sense.
In order to avoid falling for scam projects and Ponzi schemes, investors should first research new products and their creators before investing in them, evaluate the development possibilities of the project and its potential growth in advance.
Memecoins. A distinct sub-category of cryptocurrencies that was inspired by a meme from online platforms or a pop-culture joke. Popularity and hype are the main red flags in investing. A prime example was Dogecoin and its dynamics of last year. The token was not designed as a scam, but was rather created to mock BTC and other cryptocurrencies. The problem is that the coin has no definite use cases and should not have one, owing to its mocking nature.
Memecoins are reason in themselves to be skeptical. In addition, investors must always scrutinize any highly-hyped products and be careful when investing in such tokens, since high degrees of artificial interest in a project are certain to result in sudden price drops.
Users are not immune to scams, but they are also not entirely defenseless against the fraudsters and their arsenal of tricks. The lines of defense and the instruments at users’ disposal are based on both experience and professional layers of security designed by services and tailored product providers.
The first tip users should rely on is common sense. The cryptocurrency market is extremely volatile and there is no such thing as easy earnings on it. As such, potential investors should reign in their appetites, as high expectations and headlong rushes into projects lead to inevitable losses. Preliminary research is the first line of defense, since awareness results in caution.
Avoidance is the second tip, especially when it comes to fake apps that are copied one-to-one against real ones. Users need to be especially careful about details and pay attention to the number of downloads, comments, designs, logos, and similar aspects. Good research and reliance on external verification services is crucial in this regard.
Attention and vigilance is the third tip, since the first thing to do is to make sure the URL line of a website starts with “HTTPS” and is secured by a padlock icon. Most fake landing pages do not have it, nor do they have any verified certificates. Vigilance regarding suspicious emails is just as vital, since reputable companies will never reach out directly to clients.
Lastly, users must rely on modern technologies as security layers. Passwords must be created using randomizers to increase their complexity. 2 and even 3 layer authentication is a must for any platform that contains user funds, such as exchanges and wallets. Lastly, use of external service providers for verifying platform credentials or transactions is key, adding a much-needed degree of security and trust.
Any scam or fraud is based only on gaining the user’s trust. Caution is a must on any investment market, as users must be sure to assess the risks and conduct preliminary research in order to avoid losses. Should the allure of a fake website’s promised ROI shroud common sense, reliable verification services should be applied to clarify the situation and provide reasonable grounds for changing one’s perilous course of action. No matter how the market evolves, the basic constituents of awareness, caution and prevention remain constant as pillars of user security.