With the recent news that Ledger’s customer database from its e-commerce store was publicly dumped onto a hacking forum. We thought it wise to go over some of the popular techniques scammers use to dupe their victims. Here we will go through a list of well-known cryptocurrency scams. Many were not born in crypto, scams have been around since humanity exists. However, bitcoin and cryptocurrencies are popular targets for scammers given the pseudo-anonymous nature. And of course that there is no possibility for a central authority to simply reverse the transaction.
Remember in crypto you control your private key, which means you control your security. The best way to avoid getting caught up in one of these scams is to simply educate yourself. And always be extremely cautious when you read something online. If it sounds too good to be true then it most likely is. If your details are part of Ledger’s leak, then it’s highly likely you will start receiving emails with malicious intentions.
List of Cryptocurrency scams
- Phishing scam: one of the most effective scams worldwide for any industry is to steal a user’s account information. Usually, this is done through a cloned website or software. You should always be mindful of the URL in your browser’s address bar. Scammers may spread harmful links through social media or fake customer support. Many exchanges support Anti-Phishing codes which will appear in any emails to ensure you know they’re genuine.
- Fraudulent mobile apps: Again this resembles a phishing scam only it will be in the form of fraudulent software. Generally, the scammer takes advantage of lax rules on Google PlayStore for Android devices. Most faked apps are Coinbase, MetaMask, MyEtherWallet (MEW), Ledger Live, or Electrum. This also happens in the form of browser extensions for Chrome, Firefox, or Edge. If there is a real app you want to install, always make sure you go to the installation process from the creator’s legitimate website.
- Celebrity giveaways: No Elon musk or Vitalik is not handing out free ETH. And CZ is not giving out free Bitcoin. Don’t be delusional. Generally, the scammer attempts to create a fake social profile that clones the celebrity account. In rarer cases, industry figure accounts have been hacked. Again: don’t be delusional!
- Ponzi schemes: investment scams for cryptocurrency will probably have a very well designed website. They nearly always ask you to deposit a certain amount while promising daily returns of 10% profit. They hope you will deposit more and more, and then they just run away with the funds. Common themes are Amazing Trading Bot, Cloud Mining, or simply promising unrealistic returns. One way to avoid this type of scam is to use common sense: nobody can quadruple your BTC deposit in 3 days. And just stick to reputable exchanges or well known DeFi protocols.
- Hardware wallet scam: many believe that as soon as you use a hardware wallet such as Ledger or Trezor then your funds are 100% safe. This isn’t exactly true and you still need to be on the lookout for scams. For example, scammers may create a fake Ledger Live application that asks you to enter your security phrase. Remember, the legitimate Ledger Live software doesn’t need your wallet’s mnemonic phrase to function: you just click a button on the device.
- Paper wallet generators: number six on our list of cryptocurrency scams, many tutorials on Bitcoin security will suggest creating a paper wallet for long term storage. You generate the wallet details and print out a piece of paper, which you can then store securely. Scammers have taken advantage of this by setting up fake generator websites, where the wallet is in their control. Once you deposit the funds, then they can steal them. Paper wallets should only be used by experienced crypto users!
- The Pump and Dump: this one may be a bit harder to spot because of course projects do pump and dump organically through trading. Especially true for Uniswap offerings where an early investor may buy up a massive chunk of the token’s total supply. To spot what is obviously a scam you will need to do your own research on the project. Such as the team, the whitepaper, and join their community to get a feeling. We suggest being warier of anonymous ICOs. A pump and dump scam to watch out for is a scammer that hides behind a trading signal group. As the group leader, the scammer will claim a Gem token to buy up due to some insider knowledge. Whereas, in actual fact, the scammer has simply bought up a large amount of the coin before you. The group will pump the price and the scammer will dump on you. As a result, if you do decide to join a trading group make sure it has been around for some time.
- The Rugpull: this is a scam technique well known to any DeFi enthusiasts. It involves the token creators implementing a mint() function into the smart contract code. Essentially, it lets them create new tokens which they can then dump onto the market (usually through Uniswap). The price crashes into oblivion and the project leaders disappear into the night. Your portfolio is now worthless. Again the way to avoid this is research. Check token holders on etherscan, is there a wallet address with a suspiciously high balance? Of course, if they use a mint function you won’t know until it’s too late. And some projects do use this function for legit purposes, has the code been audited? If not, does the project’s tokenomics require a mint function? Ask questions in their telegram group, if they ban you well… that’s an answer in itself.
- Airdrop scams: this one sounds very dumb if you understand how cryptocurrency wallet’s work. But scammers know a large number of people do not! For example, if you have always managed your coin on an exchange then you may not understand how private keys work. For a legitimate airdrop, you DO NOT need to give out: private keys, KYC documents, or even email addresses. A legit airdrop may ask you to complete certain tasks such as retweets or joining their telegram group, known as bounty.
- Chargebacks: If you’ve decided to sell or buy crypto on a peer to peer platform. Then make sure you watch out for scammers who try to chargeback the payment. Mostly the scam is done through PayPal, given that PayPal nearly always reverses the transaction when people claim it wasn’t made by them. Another method scammers use is by entering down a payment reference on the bank transfer such as “HDD Drive 2TB” to indicate you’re selling them a hard drive through a platform like Gumtree or Craigslist. They then call their bank and claim the device never arrived. In certain cases, the bank is able to reverse its payment and take back the money you received. You can avoid these scams by not using PayPal and only trading with users with a high reputation.
While we have covered quite a lot of scams on this list of cryptocurrency scams, there are definitely more in existence. Hackers and scammers are very creative so they will always invent more ways of tricking people in the future. Such as when a project is going to go through a hard fork, they may try to clone the whole blockchain to trick you out of your coin. And when it comes to DeFi protocols or hidden token smart contract code, the scam possibilities are nearly endless. If a protocol has not gone through a security audit, then you may want to avoid it or ask them if an audit is on the roadmap. We suggest following defiyield_info and WARONRUGS accounts on Twitter, in our experience, they highlight tokens that may be fraudulent quickly.
Though the real reminder of this whole article is to make it a habit of being skeptical!