You could be falling for a crypto scam and you wouldn’t even know it. Crypto Scams became ever more brazen and elaborate, and have stolen billions from unsuspecting victims. In this article I’m going to cover some of the most prolific crypto scams that could be waiting for you just around the corner. If you want to be prepared, this is the article you don’t want to miss.
One of the most common crypto scams is the giveaway.
As the name suggests, it’s a scam where free crypto is being given away. More specifically, if you send a certain person online a small amount of crypto, they will send you double, triple or 10X your investment back. These are akin to someone anonymous on the internet offering to send you something for free.
The scam is, of course, not new to crypto. You may recall the famous Nigerian prince emails that people received back in the early days of the Internet.
The main premise there was that someone wanted to send you a lot of money. However, they needed you to first send them a wire to confirm the bank account. Same play, different day,- this is how these giveaway scams operate.
You’ll usually be told to go to some link that will show you a website or a landing page detailing the steps of the giveaway. There will be fake transactions that you can see going through as they try to convince you that people are indeed getting paid.
Most of these scams usually have a timer on them, as a pressure tactic to make you think that you have to act quickly. What this means is that people tend to make decisions in the moment without considering the potential outcome.
These scams are pervasive on twitter, but they’re also well-known features of other social media platforms, like YouTube, Instagram, etc. In the case of YouTube scams, they are usually simple live streams where you’ll have a famous person or group of people, who’ll be participating in a talk. This is all stolen footage with the instructions about how to enter the competition displayed around it.
For those who have never come across these scams before, they can be deceiving. That’s because they have thousands of people who appear to be present in the live streams. However, these are all bots that are controlled by the same scam operator.
As to how these channels are able to get so many subscribers or the verified status. Well, that’s because they are hacked channels.
Hackers commandeer these channels, delete their content, and run the live streams in their place.
Sometimes scammers actually buy ad space on the social media platform they are using.
The reason that these scams are so prolific is because they are profitable. No matter how many spam filters the platforms attempt to install, scam operators will still try to make them work.
How To Avoid
The best way to eliminate this scam is to stop falling for it. It’s incredibly important to understand: no one on the internet is going to give you something for free.
As the name suggests, a rug pull is when someone else pulls the rug from under you. Back In the heydays of ICOs back in 2017, these used to be called exit scams. They rob you of your funds disappear and leave you holding the bag.
While back in 2017 the vehicle for this sort of fraud was an initial coin offering or ICO today, Rug Pulls are quite prevalent in the NFT and DeFi spaces.
In the case of NFTs, the creators will usually get someone to create pretty images, issue them in a mint promise, create an exciting road map, or pay some influencer to shill them. You’d be surprised at some of the celebrities who’ve been shilling these types of NFTs recently.
Once the mint is completed, and the people have their NFTs, the project creators delete all websites, socials and digital communications. They pull the rug and leave you on your behind.
These rug pulls don’t have to happen all at once, of course.
Sometimes you have a so called “slow rug”. In this case, the project developer slowly extricates themselves from the project over a number of weeks or months. Their goal is for the buyers to eventually lose interest and abandon their hopes of moons and Lambos. The slow rug is actually a lot more common than the quicker one and can sometimes be harder to zone in on. That is because you can’t be 100 percent certain that the intent was to defraud.
How To Avoid
You’ll need to be a lot more discerning in the types of NFTs that you buy, or the mints that you participate in.
Some experts suggest that 95% of all NFTs are going to zero. However, there are around five percent that could be highly valuable in the future. If you want to find those, you have to be particularly discerning in your criteria.
DeFi Rug Pull
These scams are a bit different from an ICO or NFT. Instead of sending a protocol money, you have to supply liquidity to the protocol. This liquidity is usually used in a decentralized exchange and you can get pretty attractive returns from supplying said liquidity. During this time, the creators will hype the project so that there’s a lot of demand and hence liquidity in the pool.
This is done using the same paid shill methods that are used for the Rug Pull NFTs.
As more investors buy the hyped cryptocurrency they progressively exchange it for cryptos such as Stablecoins and Ether. When the project is live for a few hours or days, liquidity pools can run into tens of millions or even hundreds of millions of dollars. This is when the rogue developers then strike and extract all the liquidity from the pool leaving investors holding the bag.
The devs are sometimes able to do this because their tokens are not locked the liquidity in the pool, and they still control the smart contracts. These scams are quite common, and according to a report from Chain Analysis, last year we saw a total of 2 billion dollars stolen in these types of fraud.
How To Avoid
This all comes back to a broader due diligence. You need to make sure that you are not locking your funds up in some random protocol. Don’t let those deceptively high APYs fool you!
You also want to make sure that the authors of the smart contract don’t still have control over it. This is something that would allow them to extract the liquidity and run off with your funds.
Beyond that, the due diligence that you should be doing for a DeFi project should not be any different from that you’d be doing on any other crypto project. One of the best ways to avoid potential scams is, of course, to make sure that you’re not investing in any shitcoins.
These are not exclusively related to crypto and have existed before. Phishing targets important user details, such as passwords and credentials, in order to access important services.
Phishing first started popping up in the crypto space when it was used by hackers to get access to people’s exchange, account details, and steal their funds from there. However, given how secure these exchanges have become recently, the phishing schemes have evolved to start targeting users directly through their cryptocurrency wallets.
Perhaps, one of the most damaging of these is when they’re able to successfully fish your private keys. This could happen because the scammers have exfiltrated the keys from your device. But it’s more likely when you have voluntarily given over your private keys.
One of the most common ways of doing this is for the hacker to fool you into handing over your mnemonic seed words. These are usually used to recover your wallets and they are never requested unless you’re resetting your wallet. There is a number of ways in which this can be done.
Perhaps, one of the most common is, when you’ll visit a website, where it’ll ask you to insert your seed phrase in order to access it. This is, of course, a scam, as you should never need to insert your seed phrase to send funds from a wallet.
If you ever land on any website that asks you for your seed, navigate away ASAP.
Also, leaving your seed phrase on your PC in an electronic form is a bad idea. You may even be doing this without knowing it, as some IOS Metamask users learnt recently.
Another method of fishing your funds involves the attacker actually giving you their seed word. In this instance you are usually being duped into going to a fraudulent website when trying to download a new wallet.
When you go through the process on this fraudulent site, the attacker will give you a seed, which you think is yours, but is in fact theirs.
You’ll then use this seed to set up a new wallet which unbeknownst to you is under the scammers control. The moment that you have sent funds to the wallet the scammer makes off with them.
Sometimes these fake wallet phishing schemes are able to also buy ad space on google so that their links are presented before those of the real wallet themselves.
So here’s a quick rule of thumb, never click on the ads.
That is because it’s easy for a scammer to buy some ad space on keywords. It’s a lot harder for them to organically rank above that of the original site itself.
There’s another really sinister NFT- related fishing method, that’s become quite popular recently. This is where a malicious dApp masquerading as a legitimate one will get you to unknowingly approve token spends.
Essentially, when you connect your wallet to these dApps, and authorize them to spend on your behalf, that’s exactly what they do.
Except not in the way that you want it. This has happened to a surprising number of NFT holders. For example, last year this Ape collector lost access to 16 high-value, NFTs or roughly 2.2 million dollars when he approved a phishing contract. This also happened more recently when it was disclosed that the official board Ape instagram account was hacked and a phishing link was posted.
The hackers were trying to take advantage of the hype around virtual land sales and required the users to connect their wallets, to claim. Of course, this would have given the hacker token spend approvals that would have allowed them to make off with the contents.
How To Avoid
There are plenty of other examples of phishing attacks, which are too numerous to mention. How do you avoid them? First, you have to be very careful which dApps you’re giving authorization to. You need to make sure that before you sign any transaction, you are on the official website of the dApp, and not a malicious one. It’s also wise to make sure that you’ve not approved some dodgy smart contracts in the past. Now you can easily check this thanks to special tools.
This is when a scammer will try to get you to part with your crypto by impersonating someone else.
The reason why these scams can be quite successful is because they try to take advantage of someone else’s reputation, a reputation that inspires trust in others.
These impersonators are everywhere and on nearly every social platform.
For example, these scammers may ask someone to DM them or reach out directly to the person that commented with a DM. There are accounts that reply to the comments, with a number asking people to Whatsapp them. When you do this, the scammer will usually say that they have some sort of investment scheme, where you can double your money.
When you send them the money, they tell you that they have successfully generated your profit.
However, there’s a catch, you have to send them a withdrawal fee or pay them their cut of the profits.
These scammers are also extremely prolific on social media, including Telegram, Twitter, and others.
For those who don’t know what ponzi schemes are, the simplest explanation is when you rob Peter to pay Paul. Essentially, you create a system where you sustain payouts from an investment scheme of some sort by bringing more money in from a stream of new investors. Ponzi’s have been around in the traditional financial system for over a century and have sometimes led to some of the biggest losses in generations.
These ponzi schemes have taken on new life in the crypto space and there have been thousands that have come and gone over the years. The reason why these are able to grow so quickly in this space is, because of the opaque nature of the markets. People tend to believe that there really is a cloud mining package, or a lending scheme with believable daily returns.
This is part of the design, the more believable the stream of daily returns, the more likely people are to invest and, as all good ponzis do, these people are initially paid. This further creates the perception that it has to be true.
I mean, money in your hands must mean that something is legit, right?
Many of these ponzi schemes also rely on current members, referring them to their friends and family for additional rewards. These are called multi-level marketing or mlm schemes, and they are perhaps one of the biggest red flags that something could be a ponzi scheme.
However, with the advent of DeFi, the line between ponzi scheme and legitimate lending protocol sometimes becomes blurred. Some projects implement tokenomic structures that make selling the token or unstaking a coin economically disadvantageous.
This creates an artificial demand, as people are dissuaded from ever selling. Moreover, the returns of those who are invested can only be successfully maintained if more people join the staking protocol.
How to avoid
So how do you avoid falling for a ponzi scheme? Well, it helps to take all of these guaranteed return investment opportunities with a healthy dose of skepticism. You need to ask yourself how these potential returns compare to the market average.
If they’re consistently above that, then it should attract suspicion.
You also need to understand how exactly these returns are being generated. The more complex is the explanation, the more likely is that you are dealing with a scam. In fact, some of the biggest ponzi schemes in the world had investment theses that were incredibly hard to understand or pin down.
Pump & Dump
The name really says it all it’s when insiders or other market participants will attempt to pump token, increase its price until a point at which this starts gaining attention, this will then create the perception that it’s a token of interest on the market, and others will then jump in once that occurs.
Though, those who bought before will dump said tokens on the unsuspecting bag holders. It’s a form of market manipulation, that’s sometimes used in the penny stock space. However, given how easy it is to move low cap cryptocurrencies and the perceived anonymity that comes with it, the crypto markets have become rife with them. Now these pumps are usually well coordinated in places such as telegram, groups and you’ll find a lot of these.
If you search for them, the participants in these groups will usually find a target cryptocurrency, accumulate the coins and then promote the pump to their subscribers.
This pump is usually set to happen on a particular day at a particular time. Sometimes, these participants will also try to coordinate off of telegram and show the token on other social media platforms.
It’s worth also pointing out that it’s not always unsuspecting users that get burned by these pump and dump scams. Sometimes the participants themselves, those late to the pump, will be dumped on. It also goes without saying that it’s completely illegal and i would highly advise you to avoid all of these types of groups.
How to avoid
How do you spot some pump and dump action in the wild? Well, there are a number of rules of thumb that you can use a box ticking exercise if you will.
Firstly, these pumps tend to happen in low cap altcoins that you’ll find below page 200 on CoinMarketCap. These are usually easier to move, given that smaller buying pressure is more likely to push them up.
Secondly, you’ll want to observe exchange listings.
If it’s only listed on shady centralized exchanges, or on dexes, then it’s more than likely easy to pump. Moreover, those taking part are less worried about getting busted because of the fact that they may not have been required to complete KYC.
Thirdly, if you notice that there’s some sort of pump in the price taking place in a relatively unknown token, and you can’t find an exact reason why this could be happening, then it’s more than likely.
Another strong giveaway that something could be a pump and dump is analyzing previous volumes and trading activity. If the token has been in the doldrums for months, but over the past few days volume has slowly begun to pick up, this could be a clear sign of earlier accumulation.
Remember that the pump operators will have to buy these tokens before they pump them. These accumulation waves are what you need to be looking out for.
So if you see a coin moving and it meets all of these characteristics, then don’t FOMO in unless you want to get wrecked. That’s it for my list of the top scams out there. I hope that it’s able to help you avoid falling victim to any of them and do share this with as many people as possible so that they can also avoid the heartache of lost coins.
A scamming technique known as “pig butchering” — a reference to how a target is “fattened up” before being butchered or slaughtered — that began in China is now spreading across borders and languages, evolving into a global fraud. In Chinese, it’s known as “sha zhu pan”, which translates to “pig butchering” in English. It’s essentially a cybercrime including relationship and investment fraud. The offender builds a relationship with the victim over months, frequently romantic but not necessarily, similar to fattening a pig, before enticing them to invest in a fake company and, metaphorically, slaughtering the victim.
Con artists on dating apps and social media groom targets for weeks to get them interested in investing in cryptocurrency, forex, gold, and other commodities. The scammers do not directly ask for money, instead, they drive victims to a fake investment website or app that they control. The scammers persuade and harass victims into depositing more money into their own “account” inside the fake platform using a variety of ploys in the name of “customer service”. In the end, the victims are not able to withdraw their money.
How to avoid
The best way to avoid this scam is to not fall for it. Research the proposed investment platform carefully, and make sure it is legit before investing anything in it.