Crypto scams have become a major avenue for financial crime. In America alone, citizens lost over $5.6 billion in 2023, according to the Federal Bureau of Investigation (FBI). The funds lost due to crypto scams account for almost 50% of the total funds lost to financial fraud, even though only 10% of fraud complaints are crypto-related.
While crypto markets go through volatile cycles, these statistics show that the rising trend of scammers using crypto to steal money has steadily increased.
In this article, we’ll look at the most common types of crypto scams, how to identify red flags, and how to avoid and report these scams.
Understanding Common Types of Cryptocurrency Scams
While no two crypto scams are exactly the same, they can be grouped into several categories. Becoming familiar with these categories can be a good starting point for learning how to avoid crypto scams.
Bitcoin scams come in many forms. Some of the most common include phishing and social engineering, fake exchanges and wallets, pyramid and Ponzi schemes, and fake giveaways.
Fake Giveaways
Every day, countless fake videos and social media posts impersonating famous figures like Michael Saylor or Elon Musk attempt to steal crypto from unsuspecting users. With the advent of AI deepfakes, some of these videos can appear very real.
These scams often take the form of a “free giveaway,” asking users to send crypto to a certain wallet address and promising that they will receive even more crypto in return. Once users send crypto to the scammer’s wallet, it’s gone forever.
Fake Wallets or Exchanges
Sometimes, scammers imitate a real wallet or exchange to trick users into depositing funds. Instead of going to a legitimate wallet or exchange, the funds arrive at an attacker’s intended destination. To avoid these scams, be sure only to download software wallet apps from verified providers, buy hardware wallets directly from their manufacturer, and use well-known exchanges.
Phishing and Social Engineering
Phishing and social engineering scams are common in crypto, using fake messages, websites, and emails to steal sensitive information. Phishing typically involves mimicking legitimate platforms to trick users into sharing credentials, while social engineering manipulates people into revealing private details through fake support messages or urgent alerts.
Avoiding unusual links and verifying URLs can help protect against these attacks. Be sure to double-check that all emails are legitimate, and remember that no one from an exchange, hardware wallet manufacturer, or crypto platform will ever ask for your login credentials or seed phrase.
Ponzi and Pyramid Schemes
Ponzi and pyramid schemes also thrive in crypto, promising high returns but ultimately unsustainable. Ponzi schemes use funds from new investors to pay earlier ones, while pyramid schemes push participants to recruit others. Both lead to losses, and warning signs include “guaranteed” profits or pressure to bring in more recruits.
Pig Butchering Scams
“Pig butchering” scams involve fraudsters building trust over time, often posing as friends or romantic partners, before convincing victims to invest in fake crypto platforms. Once the victim is “fattened up” by investing more, the scammer vanishes with their funds. Be wary of unsolicited investment advice and relationships pushing financial decisions.
Fake Customer Support Accounts on Social Media
Fake customer support accounts are rampant on social media. They often ask users to “verify” their wallets by sending crypto. Always contact support through official website channels, not through unsolicited social media messages.
How to Identify Red Flags in Crypto Scams
Scammers often use high-pressure strategies, promises of quick returns, and deceptive communication to lure people in. Fake platforms can be trickier to spot but often share certain traits, like lack of transparency or concerning user reviews. Below, we’ll look at some specific red flags to help you spot scams before they catch you off guard.
Common Tactics Used by Scammers
Promises of High Returns and Guaranteed Profits: Scams often promise unusually high or guaranteed returns with minimal risk. Be cautious if someone claims you can double or triple your money quickly—legitimate investments come with risks, and there’s no way to guarantee profits.
Urgent Calls to Action and Pressure Tactics: Scammers frequently create urgency, telling you to “act now” or risk losing a one-time opportunity. Genuine investments rarely require you to decide on the spot, so take the time to research and verify information.
Unusual Sender Addresses and Poorly Formatted Emails: Phishing emails and messages from scammers may have unusual sender addresses or formatting errors, like typos, odd punctuation, or inconsistent fonts. If something seems off, don’t click links or respond before double-checking.
Signs of Fake Platforms
Some indications that a platform could be fake include:
Lack of Transparency and Anonymous Founders: A legitimate crypto project typically has clear information about the team, including names and backgrounds. If founders are anonymous or little information is available, it may be a red flag. Research whether key team members have verifiable histories in the crypto industry.
User Reviews Indicating Suspicious Behavior: Negative reviews mentioning issues like missing payouts, sudden withdrawal limits, or pressure to invest more should raise red flags. Search for reviews and feedback on external sites, and be cautious if you can’t find reliable, third-party information on a platform.
Best Practices to Avoid Cryptocurrency Scams
Users can take some practical steps to help avoid crypto investment scams. Many of these measures involve verifying details and practicing good personal cybersecurity overall.
Conducting Due Diligence and Verification
The phrase “do your own research” (DYOR) has become popular in the cryptocurrency space for a reason. Before getting involved, many pitfalls can be avoided by thoroughly researching a project, platform, or investment. Doing so takes some time but isn’t too complicated. You can do things like:
- Investigate the community: Most legitimate crypto-related topics have communities full of verified users talking about the subject. These can be found on social media, review sites like TrustPilot, and even forums or comment sections of the organization itself.
- Verify email addresses: A simple Google search can verify many official emails. For example, if you receive an email allegedly coming from Coinbase that looks suspicious, simply Google the sender’s full email address. If it’s been associated with a scam in the past, there’s likely to be material about that on the first page of results.
- Don’t be swayed by social media: While social media can sometimes be a useful source, it’s often used as a prime manipulation tool for crypto scams. Just because influencers are hyping something or appear to have a lot of activity surrounding it doesn’t necessarily mean it’s legitimate. In fact, many scams start this very way.
Remember to only use well-known wallets and established exchanges with a verified history.
Crypto Security Best Practices
Enacting cybersecurity best practices for your personal devices and accounts can help you protect yourself from Bitcoin scams. Some of the basic steps that anyone can take today include:
Enabling multi-factor authentication (MFA): Use MFA for your virtual accounts wherever possible. MFA makes it much more difficult for hackers to access your data, as logging in requires both a predetermined password and a unique one-time password (OTP). Common targets for hackers include social media accounts, emails, gaming accounts, and financial accounts. Be sure to also use strong, unique passwords for each account so that if hackers gain access to one login, they don’t gain access to anything else. Password managers can make dealing with multiple complex passwords much easier.
Multi-Signature Wallets: For those with significant crypto assets, multi-signature wallets add a layer of protection by requiring multiple parties to approve a transaction.
Avoid using public Wi-Fi: Public Wi-Fi networks are notoriously insecure, especially if they’re not password-protected. Anyone can access these networks, monitor activity, and potentially steal your data. To stay safe, consider using a personal Wi-Fi hotspot on your phone when online away from home. Virtual private networks (VPNs) can also be useful, particularly when accessing financial data or making transactions. A secure VPN creates an encrypted tunnel for your web traffic and allows you to spoof your IP address and location by routing traffic through the VPN’s servers.
Never share important information: Don’t share important details with anyone you don’t trust with your assets. In most cases, there won’t ever be a need to share personal financial information with anyone. If someone asks for information that could be used to gain access to your accounts or asks for a crypto wallet seed phrase, it’s almost always a scam.
Use a virtual machine (VM): Users wanting to go the extra mile to protect themselves can start running a virtual machine on their personal computer. A VM creates an isolated environment on your host device: a computer within a computer, so to speak. If anything malicious happens inside the VM, it’s very difficult for contamination to spread to the rest of your computer. Note that this only protects against things like downloading malware or other direct forms of hacking; a social engineering attack, for example, could still be carried out against someone using a VM.
How to Report Cryptocurrency Scams
Hopefully, you never encounter or fall victim to a cryptocurrency scam. But if it does happen, reporting the incident can help others avoid the same scam and increase the odds of bringing the perpetrators to justice.
Steps for Reporting Scams to Authorities
If you’ve encountered a cryptocurrency scam, reporting it can help protect you and others. Start by reporting the fraud to regulatory authorities, like the Federal Trade Commission (FTC) or your country’s financial protection agency, which often have dedicated online forms for these cases. Next, report the scam to your service provider, whether that be an exchange, DeFi platform, or wallet provider.
In addition to reporting, you can take steps to protect the rest of your personal accounts as soon as possible. Scammers often note susceptible victims and choose to target them repeatedly. To be prepared, you can freeze your credit, change your passwords, and keep an eye out for suspicious activity.
Wrap up on crypto scams
But by recognizing common schemes and staying alert, you can protect yourself against crypto investment scams. Schemes like phishing attacks, Ponzi schemes, fake platforms, and fake giveaways—often identified by promises of guaranteed returns, high-pressure tactics, and poorly formatted communications—can help you avoid them.
Take proactive steps to stay safe by applying secure practices like two-factor authentication, thoroughly researching projects, and double-checking communications for authenticity. Staying vigilant and proactive about security will help you navigate the crypto space more confidently and protect your investments from falling prey to scammers.