fbpx
Products BitCheck Exchange Earn Clubs XRAY Company About Contact Career Newsroom

Anti-Fraud, AML and Fund tracing

Bitcoin Scams: 6 Common Crypto Frauds and How to Stay Safe

If you read about Bitcoin and cryptocurrencies primarily from the mainstream media, you would be forgiven in thinking that any kind of involvement in Bitcoin could result in you getting scammed. Indeed, “Bitcoin” and “scams” are increasingly being used together often to describe almost any fraud related to cryptocurrencies. The fact is, however, the vast majority of these reported“bitcoin scams” have nothing to do with Bitcoin at all, they’re just unethical people doing unscrupulous things. This article will break down the most common scams, and explain how you can thwart them and secure your digital assets.

This article will break down the most common scams and explain how to thwart them and secure your digital assets.

Scammy and worthless cryptocurrencies

The most common “Bitcoin scam” is the “worthless cryptocurrency scam”, which ironically doesn’t involve any Bitcoin at all. Rather, these scams promote a coin or token designed to enrich the project founders at the expense of latter coin holders. Targeting first-time users in the space, the pitch goes something like this- “All the money to be made on Bitcoin has already been made. If you want profits you need to invest in the next big thing. Oh, and coincidentally this coin I just heard of is the next big thing.”

It’s a scam targeting the newbies. Remember that cryptocurrencies come in all shapes and sizes. Many of them have no hope of reaching the heights of Bitcoin and will never make an appearance even in the top 100 cryptocurrencies by market cap.

It is relatively easy now to create a new cryptocurrency like Bitcoin and many blockchains are open source. For example, Dogecoin started exactly this way- as a joke coin based on Bitcoin (with some important differences). And Dogecoin suddenly became extremely popular after the billionaire Elon Musk publicly supported it.

To properly evaluate the prospects of a coin or token, you must look at various aspects including scarcity, the team behind the project, and the token’s utility. Ensure that one party does not hold an overwhelming majority of the tokens, and that these tokens cannot be printed up at will. Weighed against these criteria, many blatant scams like OneCoin and the infamous Bitconnect would stack up very poorly.

Credential Phishing

Having an account on a cryptocurrency exchange, you must be particularly wary of emails requesting you to reset your password or login. If the email has a click-bait style title like “click here for 10% off Bitcoin’’, it is very likely to be a scam.

Differentiating a phishing email from a legitimate exchange originated email might sound complex. It is generally advisable to launch the website or app directly to check if the message is sent by the exchange. Remember, to protect your digital assets and personal data, do not easily provide your password or click the link without double-checking. Another strategy to thwart credential phishing involves using password managers and/or 2FA. We will discuss it in more detail later.

Malware

Malware and trojans are some of the most common ways hackers steal data for identity theft. Infected computers leak data and for the longest time, this has been concentrated on identity theft.

Today, malware is specifically designed to compromise crypto wallets and take away digital assets. I generally recommend novice users store their crypto on reputable exchanges, like Coinbase, Binance, and XREX. There are too many cases of individuals either losing their keys or unable to access their digital assets due to feeble memories or computer damage.

Malware is designed to compromise crypto wallets and take away digital assets. Novice users shall store their crypto on reputable exchanges, like Coinbase, Binance, and XREX.

Ransomware

Another problem of course is ransomware — malicious softwares that infect your computer and displays messages demanding a certain amount of money to restore your system and your data. This class of malware is a criminal money-making scheme that can be installed through deceptive links in an email message, instant message, or website.

We don’t yet know the true cost of ransomware worldwide, but according to the FBI’s Internet Crime Complaint Centre (IC3) report in 2017, two thousand ransomware complaints cost victims over $2.3 million.

Generally, this scam commences once you mistakenly install a program from a non-trusted source like BitTorrent. Soon you may find your Downloads or Desktop folders locked or encrypted. When you try to open it, the message pops out demanding a certain amount of funds in Bitcoin or another cryptocurrency be sent to an address they provide. The best prevention for these scams is to avoid downloading files from non-trusted sources.

In-Person Peer-to-Peer(P2P) Transactions

Buying or selling bitcoin in person is generally a bad idea. When conducting Peer-to-peer(P2P) transactions especially in cash, the other party may try to convince you to meet in person. Don’t do it! You might be exposed to an extremely risky environment. It’s highly recommended that you use a P2P escrow platform, such as XREX’s Bitcheck, to ensure both sides are protected.

Pyramid Schemes

A scam operation based out of Nigeria Operation N-Fiverr was dismantled by the XREX crypto threat research team recently. The bad actors attracted victims by pitching them through various high-interest rate crypto investment platforms. These scammy platforms promise returns ranging from 25% in 30 hours, to up to 45% return after just 72 hours. Those returns are not sustainable and when the victims apply for withdrawal, the second scam would commence where the victim would be asked to further deposit 10% to 20% of the earned profits before withdrawal, as “per company policy.”

Needless to say, the victim never receives their funds back and with minimum deposits beginning at $400, you can clearly understand how these scam sites can be very profitable for these bad actors. The best way to identify these scams is from the outsized returns they promise. The returns guaranteed by the scammers and the so-called investment platforms are just not possible for legitimate investments.

Being Safe: Wallet Security

Before using a particular crypto exchange or wallet, check certain basic features to ensure the exchange practices secure the management of hot and cold wallets. Common industry practice is to store the majority of system funds offline in cold wallets, the enterprise version of the Ledger Nano for example. A trust-worthy exchange will also try maximum efforts to avoid transactions going through what the industry refers to as “dirty wallets”.

For example, “Risk level detector” is a special feature on XREX crypto-fiat exchange. XREX works with world-class AML partners, including CipherTrace, TRISA.io, S&S, and CDA (crypto defenders alliance) to ensure top security for its users. When a user deposits and withdraws Bitcoin and cryptocurrencies, XREX will scan the address and show if the address is safe, suspicious, or dangerous. Top security is very important when you start crypto trading.

“Risk level detector” is a special feature on XREX crypto-fiat exchange. XREX works with world-class AML partners, including CipherTrace, TRISA.io, S&S, and CDA (crypto defenders alliance) to ensure top security for the users.

Using a Password Manager and Enabling 2FA

One recommended best practice for safety while trading or investing is to ensure that you use a third-party password manager, like LastPass or Dashlane. Given the number of online accounts most people have, remembering passwords has become a real chore and many reuse the same password across multiple services. A vast amount of data breaches are caused by easy to guess, stolen, or reused passwords, and password management apps are fast becoming the first line of defense against this.

If you are doing any sort of financial transactions, crypto trading, or bill payments, you should activate the two-factor authentication (2FA) feature present on most sensitive applications.

If you are doing any sort of financial transactions, crypto trading, or bill payments, you should activate the two-factor authentication (2FA) feature present on most sensitive applications. Detailed instructions will usually be within the app, normally the procedure involves downloading and installing the Google Authentication app and scanning a QR code. Whenever possible, try to avoid SMS-based 2FA as it has proven to be a less secure option.

Conclusion

Many bad actors will take advantage of those unfamiliar with the best practices in using the latest technology, such as Bitcoin, cryptocurrencies, and blockchain. This list of common Bitcoin scams is by no means exhaustive, but if you stay wary of the above scams and remain vigilant, your experience with Bitcoin can be very positive and set you on the path to some real gains in the market.

Reference:

  1. A History of Ransomware Attacks: The Biggest and Worst Ransomware Attacks of All Time

More from Anti-Fraud, AML and Fund tracing

Editor’s Picks