The rising value of cryptocurrencies promises huge returns for investors and cryptocurrency mining “fortunes” have echoes of the 1850s gold rush. In this lawless and unregulated crypto world, the risk of falling victim of fraud is very high as fraudsters often have the upper hand. However, ESET, a leading company in proactive threat detection, claims that common rules for fraud prevention apply here as well. Everything you read on the Internet should be carefully scrutinized and verified, and if you avoid believing the hype you will have a great chance of staying safe.
Between October 2020 and May 2021, nearly $80 million (71 million euros) were lost in the United States as a result of thousands of cryptocurrency-related scams, according to the FTC. In the UK, the figure is even higher: police say victims lost more than £146 million (€172 million) in the first nine months of 2021.
According to ESET, scams around crypto assets are on the rise due to:
- There are few to no regulations governing the cryptocurrency market for investors, compared to the traditional stock market.
- The enormous interest means that the topic is used by criminals to launch phishing campaigns and scams in general.
- The high prices of cryptocurrencies attract consumers who dream of getting rich quickly.
- Social media helps amplify rumours, real or fictional.
- There is also the lure of mining cryptocurrencies for money, which scammers can use to trick users.
The most common scams according to ESET are:
- Ponzi Schemes: This is a type of investment scam where victims are tricked into investing in a nonexistent project or “get-rich-quick scheme” that, in effect, does nothing more than line the scammer’s pocket. Cryptocurrency is ideal for this,as fraudsters are always creating “cutting edge” technologies that are not well specified to attract investors and generate higher virtual profits. Falsifying data is easy when the money is virtual anyway.
- Pump and dump: Scammers encourage investors to buy crypto assets in little-known cryptocurrency projects, based on false information. The price of the assets subsequently rises and the scammer sells his own shares, earning a handsome profit and leaving the victim with worthless shares.
- Fake celebrity endorsements: Scammers hijack celebrity social media accounts or create fake accounts, encouraging followers to invest in fake schemes like the ones above. In one case, some $2 million was lost to scammers who even used Elon Musk’s name on a Bitcoin address, to make the scam look more trustworthy.
- Fake exchanges: Scammers send emails or post messages on social media promising access to virtual money stored on a cryptocurrency exchange. The only drawback is that the user usually has to pay a small fee first. The Exchange never exists and your money is lost forever.
- Fake apps: Cybercriminals fake legitimate cryptocurrency apps and upload them to app stores. If installed, it could steal personal and financial data, or plant malware on the device. Others may trick users into paying for nonexistent services, or try to steal logins from a cryptocurrency wallet.
- Fake press releases: Scammers are sometimes able to trick even journalists or opinion leaders into replicating false information. This happened twice, when legitimate news sites wrote stories about big-name retail companies preparing to accept certain cryptocurrencies. The fake press releases these stories were based on were part of pump-and-dump schemes designed to increase the value of crypto assets held by fraudsters in those cryptocurrencies.
- Phishing/spoofing: Phishing is one of the most popular forms of deception used by scammers. Emails, text messages, and social media messages are spoofed in an attempt to make it appear as if they were sent from a legitimate and trusted source. Sometimes that “source”-for example, a credit card provider, abank or a government official – requests payment for something in cryptocurrencies. It will always try to convey a sense of urgency so that the user acts quickly and without thinking.
“Cryptocurrency scams are generally related to virtual money stored in a cryptocurrency exchange. On numerous occasions, scammers manage to steal funds from these Exchanges, sometimes stealing hundreds of millions. In general, the affected companies promise to reward their innocent clients, but there are no such guarantees for the victims of crypto fraud”, comments Camilo Gutiérrez Amaya, Head of the Research Laboratory of ESET Latin America.
ESET provides the following tips to avoid being scammed:
- Never provide personal data to an entity that is contacted without being requested, whether by email, text message, social networks, etc. It may even look like a friend, but it could actually be a cybercriminal who has hijacked an email or social media account. If it is suspected that this may be happening, it is necessary to communicate by an alternative means to verify the legitimacy of the contact.
- If something seems too good to be true, it usually is. Treat any investment scheme with suspicion.
- Activate two-step authentication (2FA) on all cryptocurrency accounts you have.
- Discard any investment “opportunity” that requires an upfront payment.
- Never download apps from unofficial stores.
“The world may have gone crypto crazy, but there is no need to join in hastily. It is important to keep a cool head and see beyond the trend. The best weapon to combat fraud is disbelief. Unfortunately, we live in an age where not everything we read on the Internet is true, and much of it is explicitly designed to mislead us. That is why it is important to keep systems up to date, install reliable security solutions, have double factor authentication in all our accounts and be sure before accepting or entering our personal data in different places. Education and prevention are key allies to keep information protected”, concludes Gutiérrez Amaya from ESET.