Crypto is exciting but also has a lot of traps and scams that newcomers and even advanced users can fall into. In this blog post, we’ll talk about some of the most common and easy-to-fall-for scams. We want to help you become aware of the risk and what you can do to mitigate those risks as much as possible.
Many of the scams we’ll discuss today have existed since before crypto, but there’s an important difference: in crypto, there’s no undo button or customer service to call. And since crypto is global and anonymous, it’s easier for scammers to get away after they’ve stolen a victim’s money.
When it comes to avoiding crypto scams, knowledge is your best defense.
Let’s get started.
- 1 Crypto Ponzi schemes: get rich quick scams
- 2 Fake crypto apps
- 3 Ransomware emails
- 4 Crypto phishing and impersonation scams
- 5 Crypto pyramid schemes
- 6 Top 10 tips for avoiding crypto scams
- 6.1 1. Avoid propositions that seem too good to be true
- 6.2 2. Do your research before downloading a new crypto app
- 6.3 3. Send money only to people you can trust
- 6.4 4. Keep your passwords to yourself
- 6.5 5. Stay away from fraudulent links and websites
- 6.6 6. Be cautious of new crypto projects without solid reputations
- 6.7 7. Make sure your passwords are secure
- 6.8 8. Use 2-factor authentication
- 6.9 9. Make sure that your system permissions are set correctly
- 6.10 10. Don’t be rushed into making a decision
- 7 A few final thoughts
Crypto Ponzi schemes: get rich quick scams
There are lots of dishonest people promising incredible investment opportunities and even giving away free crypto. One of the most common scams goes like this: “Send me 1 Eth, and I promise to send you back ten times the amount!” You might also encounter incredible investment opportunities offering guaranteed returns or new cryptocurrencies, which are guaranteed to skyrocket in price. Some of these offerings will even pose as professional portfolio management companies.
There’s a good chance these are fake or Ponzi schemes.
Deception tactics used by crypto Ponzi schemes
You can easily encounter Ponzi schemes on social media, dating apps, messaging apps, or email. Scammers have all kinds of tricks to get their scams seen by lots of people.
One common tactic is commenting on social media posts by reputable crypto companies and influencers. They do this because they know that by replying to the comments of big accounts, some people will see the scam and fall for it. When you see posts like these, it’s not uncommon to see replies from other accounts saying they made lots of money or received free crypto. These are fake accounts that are part of their scam to trick unsuspecting users.
Sometimes, scammers will even pose as celebrities and influencers with fake accounts. It even happens that real celebrities promote crypto scams! Sometimes they get tricked, but sometimes they get paid to promote projects they don’t know are scams.
How to avoid crypto Ponzi schemes
The best advice will be just to ignore and block anyone approaching you via social media, email, or dating apps offering free crypto giveaways or investment opportunities that sound too good to be true.
Fake crypto apps
Another way scammers can try to steal your money is by creating apps that trick people into thinking they’re a professional crypto company. But these fake apps are designed specifically to steal your crypto assets. They might have a professional-sounding name, a nice logo, and a slick design, but it’s all fake. Sometimes they try to confuse people by posing as well-known companies. Some apps even use clever techniques to make their way to the top of Apple and Google’s app store rankings.
Once they’re gained a victim’s confidence into thinking they’re legit, there are several ways these apps scam people.
The tricks fake crypto apps use to fool users
- The first is by making it look like you’re using your credit card to buy crypto when in fact, the money goes straight into their pocket.
- The second is by giving you fake addresses which you think are generated from your private key but, in fact, belong to the scammer. When people send money to these addresses, it goes straight into the scammer’s pocket.
- Another method is to trick victims into entering their seed phrases to recover their wallets. When the fake app has your private key, it’s game over. They move your crypto to another account, and it’s lost forever. Some wallets like ZenGo do not have a private key to share, so this will reduce your vulnerability to this type of scam.
How to avoid fake crypto apps
To avoid fake apps, make sure to always download them from a trusted source and from the original site (versus searching just on the app store). Make sure the app developer is a legit company.
Sextortion emails are pretty common and are intended to scare you. Most of the time, these will end up in your spam, but once in a while, you might get a long email from an unknown person claiming that they are a hacker and they’ve accessed your webcam to unsuspectingly film you doing something when you were alone (You know what I’m talking about). They will threaten to send the video to all your contacts unless you send a Bitcoin ransom to their account.
We’re not saying it’s impossible for someone to get access to your webcam, but it’s pretty unlikely, and there’s a high chance that this scammer has sent the same email to millions of people. But even if just a handful of folks fall for it, the scammers can make a decent amount of money.
How to protect yourself against ransomware emails?
The best thing you can do is delete these emails. If you’re worried about your personal privacy, consider using a webcam cover. Make sure your webcam permission settings don’t allow your browser to access your webcam. Also, check that your computer and mobile devices are free of viruses, and always perform the latest software security updates. Additionally, consider using a different password for all your accounts, and you can use a password manager to keep them safe. And enable 2-factor authentication whenever it’s possible to do so. The best place to start is your email, social media, and any accounts which relate to crypto.
Crypto phishing and impersonation scams
Phishing is a scam that has existed for decades in which scammers impersonate a person or company to steal data from their victims.
How do crypto phishing scams work?
Phishing scammers use several methods to trick their victims, which might involve emails, phone calls, fake websites, or messaging apps like WhatsApp and Telegram.
Every phishing scam is different, but a lot of the time, the bait is an email, phone call, or a message telling you there is something wrong with your crypto wallet or exchange account. They will say that you need to update your password, that your account has been hacked, or that you need to provide some personal information, and you will probably need to click a link or button which takes you to a fake website.
When you enter your username and password into these fake sites, the scammers steal them and use them to login into your real account, where they are free to steal your crypto.
How to avoid crypto phishing scams
Some phishing scams will ask you to share your private key or seed phrase. But you already know that you should NEVER share that with anyone. Even when speaking with a customer support agent of a legitimate company. NEVER EVER share your private key or seed phrase.
Your best protection against phishing scams is knowledge and prudence. You need to know that companies will never ask you for your password in an email. Always check the URL of the website you’re visiting since scammers will use URLs that look similar to real companies.
For example, they might try to lure you to click on http://zenngo.com instead of https://zengo.com.
As a general rule, if you have any doubts about a message, ignore it and contact the business via their official channels, or if it’s a person, contact them directly.
Crypto pyramid schemes
Finally, the granddaddy of all scams: Pyramid schemes. We all know how these work; a con artist comes up with a new way to “achieve financial freedom and personal happiness.” They recruit lots of people to work for them, who themselves recruit other people, and so on. New recruits always have to pay a membership fee or buy ‘packages’ that can reach thousands of dollars. Members are promised commissions on sales, which tickle up the pyramid, making the top-level goons rich in the process, and leaving the low-level victims out of money. But it all collapses when people start to realize they are being duped, and people lose faith they will make any money.
In one famous crypto pyramid scheme called OneCoin, victims were sold different packages which corresponded to varying amounts of a fake cryptocurrency. Billions of dollars were stolen from victims, and some of the leaders of this scam are still wanted by the FBI and other authorities.
Red flags that will help you to spot pyramid schemes
- Claims of guaranteed returns and promises of “financial freedom” and the potential to make thousands of dollars per month with no work
- Sleazy-looking founders with slick haircuts, and flashy suits, sipping cocktails at the beach or driving expensive cars.
- Big flashy seminars with thousands of attendees praising the leaders in something which feels like a cult.
Top 10 tips for avoiding crypto scams
1. Avoid propositions that seem too good to be true
Never trust anyone on social media, messaging apps, or dating apps suggesting you should invest money in a project. This has become one of the most common ways people lose money in crypto.
2. Do your research before downloading a new crypto app
When downloading crypto apps, always check the source, the links you click, and the reputation of the company. Remember that Google is your friend. If you’re unsure about a company or app, do some research about its reputation before using it.
3. Send money only to people you can trust
Never send funds to someone you do not completely trust, and always verbally verify addresses before sending a transaction. Transactions are irreversible.
4. Keep your passwords to yourself
Immediately stop talking to anyone asking you to share your login and password, your private key, or your seed phrase.
Don’t click on links asking you to share your password or private keys. Always check URLs, so you’re certain you’re accessing a company’s real website and not a fake one. A good idea is to bookmark websites you visit frequently.
6. Be cautious of new crypto projects without solid reputations
Be extra careful when engaging with or investing in new projects with no reputation. Always do your research about a project and its team before making any decisions that involve money. The risks are much higher there.
7. Make sure your passwords are secure
Use a different password for all your accounts and use a password manager to keep them safe. Examples of reputable password manager apps are LastPass, 1Password, and Dashlane, or if you’re using Apple devices, consider using the built-in keychain.
8. Use 2-factor authentication
Enable 2-factor authentication whenever it’s possible, especially for your email, social media accounts, and crypto-related accounts. Don’t use SMS-based 2FA because it’s not the safest option. Use a one-time-password-based 2FA like Google Authenticator or Authy.
9. Make sure that your system permissions are set correctly
Keep your system permissions in check on your mobile devices and computer. Go to the settings and remove any unnecessary permissions. And make your system always up-to-date and free of malware or viruses.
10. Don’t be rushed into making a decision
Take your time, and do not operate under stress. Most bad decisions and irreparable mistakes are made when people are in a hurry. Always stop, think and focus before making a transaction.
A few final thoughts
All of this might sound like a lot, and you may be hesitant about getting into crypto. But if you remain cautious, stay zen and make decisions based on rational judgment rather than emotion, you’re already doing the biggest part of protecting yourself online and on your crypto journey.