How to detect crypto scam?
Unfortunately, crypto fraud is still a reality. Attackers will try to take advantage of all the places they see promise or advantage. It is certainly still possible to steal funds in the cryptocurrency space, so the fraudsters always look for new ways to trick people – whether by stealing their data or money directly.
Table of Contents
- Crypto Fraud Examples
- What are fake wallets?
- How to avoid cryptocurrency fraud?
- The two most common types of fraud
- How to keep cryptocurrency safe
Crypto Fraud Examples
As we have already mentioned, there are several common types of cryptocurrency fraud. Make sure to be aware of the following symptoms.
Fake Admin Accounts
This is a simple trick scammers often use. They try to achieve their goal by creating an account with a name that looks like the official Telegram group administrator and starts sending messages to other users, asking for account details or money on the pretext of providing support. Of course, the real admins would never ask these questions. In addition to sending messages, the usual tactic is to search for groups of people who request support and then use the information in fake admin messages so that it sounds legitimate. To prevent the flood of these scams, exchanges and wallets inform their users that administrators do not send messages to users first and would never ask for private information.
Using airdrops as a decoy
Crypto projects run airdrops to increase awareness and popularity. The main point of airdrops is in increasing the follower base or brand exposure by distributing free coins or tokens. Users are attracted to the opportunities to receive cryptocurrency for free, so they would go for the majority of offers found. This is exactly where crypto scammers come in. Usually, they are asking for credentials or additional information that would help compromise the security of a taken account. Untrained users may not understand fraud and share this information. Overall, it does not hurt to be skeptical about participating in airdrop launches. Think about the requested data, and whether the questions seem suspicious.
CPU mining sites
One of the tactics used by websites seeking profit from their visitors is to install code that takes advantage of the user’s CPU. Unsuspecting users discover that a site is causing their device to heat up and work slower. The battery, too, loses its power more quickly. Some may see this scenario as a potential revenue opportunity. However, if done without the explicit consent of users, taking advantage of CPU is unethical. This is known as cryptojacking and remains a moot point.
Sending suspicious files
Although it is pretty obvious that downloading files from unknown sources is a bad idea, some people still do it. Fraudsters take advantage of careless users and send files to groups and chats, pretending to be official representatives of cryptocurrency projects. If a file is downloaded, it compromises the computer or installs viruses. Some of them also allow fraudsters to gain access to personal information and, ultimately, wallets or exchange accounts. You should pay attention to the warnings and avoid downloading anything unknown.
Online scammers have long revolved around malware. When it comes to cryptocurrency investments, this poses an even greater threat, given the nature of the field itself. A few months ago, a technical support site called Bleeping Computer issued a warning about malware designed for cryptocurrency addresses in order to monitor their transactions. According to them, this type of malware, known as CryptoCurrency Clipboard Hijackers, works by monitoring the user’s Windows clipboard for crypto wallet addresses. If the address is found, the malware changes it to an address it controls, so that any transferred coins will be received by scammers instead of legitimate recipients.
Exact clones of crypto exchanges, ICO websites, or wallets have been used to steal funds and personal information. You will be surprised to know how many fake websites and URLs have been configured. The rule is – always double-check the URL before entering personal information. Imposter websites will use similar letters and numbers in the URL to make it look real at first glance; For example, scammers can use “n” instead of “m” or swap “0”.
What are fake wallets?
Not only exchanges can be fake: it also comes to crypto wallets. In this case, it is not enough to stand by the most popular brands, since the version to download (especially mobile) can be false. The unofficial MyEtherWallet app managed to appear on the App Store and even become one of the most popular applications. Also, up to three versions of the alleged Poloniex app were registered on Google Play last year – two of them were downloaded around 5,500 times and only then removed from the store. Creating applications of this kind gives fraudsters a unique opportunity to steal credentials and funds: your keys can be copied from the moment they were created.
It is essential to choose a trustworthy wallet from a mobile store and find out what may be the best option for you depending on the equipment, functions, and privacy. Having made this choice, you should always use the official website to download the app.
How to avoid cryptocurrency fraud?
The growth of cryptocurrency space and blockchain applications was undoubtedly exciting. Technological innovation and rapidly developing trading paradigm both continue to attract a large number of people; unfortunately, this also includes a number of bad actors. A crypto investor seeking to make the most of their new opportunities and remain safe from fraud and fraudulent ICO operations might have quite some difficulty. That’s exactly why we outlined some information to help the community identify and avoid fraud in 2020. It is true that people are generally more knowledgeable now than in the past, but new scams are still being committed. How can you avoid them? In order to avoid scams, you have to follow these simple steps:
- Do not use public Wi-Fi access, even if you use additional security features, such as a VPN.
- Enable 2FA for all your accounts.
- Do not store your private key unencrypted. Use the 256-bit encryption service to encrypt the key if you cannot remember it.
- Never use crypto apps with smartphones based on a customized firmware.
- Do not install unverified applications on your computers and phones. You must be sure that your applications do not contain malicious code. The best option is to have a device for working with your money or check it with services, such as VirusTotal
- The only person who needs your secret key is you. Do not let anyone else know it. Always remember phishing scam schemes and be vigilant.
- Use bookmarks for exchange or wallet sites. Some fake sites have URLs that are close to the actual ones and can steal your data.
- Do not store funds on exchange wallets. Cold wallets are safer. In addition, use paper crypto wallets or Guarda wallet and safely store your data.
- If you have a large amount of money, split it between different wallets.
The two most common types of fraud
Fake cryptocurrency exchange apps
Cryptocurrency exchanges are an attractive target for scammers. This is only due to their popularity and relevance, but also because exchanges often do not offer mobile integrations. In this regard, such an “unclaimed territory” acts as a magnet for scammers inventing new malicious programs. The purpose of such malicious software is phishing – an act that allows attackers to take possession of a username and password. Having this info grants them access to the official exchange account. In order not to arouse suspicion among potential users, scammers disguise themselves. How is this possible? You will see the name of the developer, the application icon and the user interface simulating the one from the genuine exchange. To strengthen its position, it can also have a good overall rating thanks to fake reviews and ratings.
Remark: It’s better to use custody free services such as Guarda. Which would never ask you to store funds in it.
Fake cryptocurrency wallet apps
Phishing schemes do not bypass users of cryptocurrency wallets. In this case, attackers will hunt for private keys and mnemonic phrases. Losing access to a wallet is much more problematic for users – a stolen password for the cryptocurrency exchange can be restored using the official exchange, but in the case of a crypto wallet, the private key will be compromised and it will simply be impossible to recover it.
How to keep cryptocurrency safe
In order to maintain the security of your cryptocurrency and not become a victim of fraud, you should:
- Treat cryptocurrency wallets and exchanges on mobile phones with the same caution as your mobile banking application
- Make sure that the official website of an exchange or a wallet really offers the mobile version. The mobile app must be linked to the official site
- Whenever possible, always use two-factor authentication to protect your exchange or wallet accounts with an extra layer of security
- When downloading applications from Google Play, pay attention to the number of downloads, as well as overall rating and application reviews
- AppStore fraud is not very common. However, there may be some cases. Regardless of your application store, always check all the data to avoid losing your funds