The crypto world has its share of dishonest people seeking to trick you out of your crypto, but with a little information you’ll be able to avoid the most common scams.
Blockchains offer borderless, irreversible, and relatively anonymous transactions with no third parties. While these are some of crypto’s greatest benefits, they also pave the way for scammers to take advantage of those who let their guard down.
While there are various types of crypto scam, they almost all try to get the user to give up their private keys, or else to transfer funds to another address. Scammers can be highly creative in the different ways they try to achieve this. Being armed with a little knowledge about common scams can ensure you don’t become a victim.
The term ‘phishing’ refers to posing as a trusted party, such as a well-known company, and using this trust to obtain sensitive user information such as login details and financial data. In the crypto world, the aim is usually to trick the victim into giving up the private keys to their wallets, or sometimes usernames and passwords to a crypto exchange.
This often takes the form of an email that includes a pitch for a crypto investment, a security ‘warning’, or a reminder to update a wallet. It will include a link which takes the user to a website, where they will be prompted to enter their private key. Once they do so, their funds will immediately be stolen from their wallet.
Any request to enter your private key into a website should ring alarm bells.
You read about a fantastic-sounding crypto investment opportunity on social media. The team behind the project are veterans of the crypto space and have a cool vision for a new DeFi project – it might be a whole new protocol, a fork of another successful dApp, a series of NFTs, or something else. There’s a big Discord of fans, all raving about the potential of it.
You’re convinced by the marketing and buy into the project. Not long later, news breaks of a suspicious transaction. All the funds committed by investors have been withdrawn from the team’s wallet. The team themselves (who always remained anonymous) aren’t answering any messages. In fact, the project’s official social media accounts have been deleted. The team – and all the money they raised – are gone for good.
The odds of a project ending in a rug pull are significantly lower when the team is publicly known.
Pig Butchering Scam
This is a particularly unpleasant scam in which the perpetrator strikes up a relationship with the victim, often via a dating app or social media community. Once they have built trust – described as fattening the ‘pig’ in the scam – they begin to discuss hot crypto investment opportunities. The victim is directed to an exchange or other crypto website, which is often a convincing replica of a legitimate exchange or dApp. The aim is, again, to get the victim to transfer funds to the site, or to enter their private key – at which point, the ‘pig’ has been ‘butchered’.
The scammers may string the victim along further, exploiting their trust by posing as helpful customer service representatives and convincing them they need to send more funds to pay various taxes and fees before they can withdraw their imaginary profits.
Unsolicited messages about investment opportunities on social media should be treated with extreme caution.
Pump And Dump
Twitter is on fire with the Next Big Thing in the crypto world. YouTube influencers are giving their technical analysis and all the signs are pointing in one direction: up.
Everyone else seems to be piling in and making tons of money. You put in a little and it just keeps going. The excitement hits fever pitch; the charts are going vertical but community members are predicting prices two or three times higher still. So you FOMO in with a bigger stake. The price goes up even more, but then…
Freefall. A big holder has cashed out right at the top. Suddenly there are no more new buyers and everyone is rushing for the door, desperate to limit their losses. The market has cratered, and your investment is worth a fraction of what you paid for it.
Pump and dumps can occur organically, but are often engineered by large holders.
Woah! Alan Mosk, one of the wealthiest men in the world and a vocal crypto supporter, is giving away free coins! Just follow him on Twitter, send 0.1-0.5 ETH to the address on his profile, and he’ll send back twice as much! There are lots of messages thanking him already, so it must be true – but the offer is ending in the next 30 minutes, so you’d better hurry!
Of course, if you send crypto you won’t get anything in return except for an expensive lesson. The social media account is either a fake copy, or it’s a real influencer’s account that has been hacked. The messages of thanks that help lure people in are also the accounts controlled by the scammers.
This is an extremely common scam – despite the fact that no one actually gives crypto away like this.
How To Avoid Common Scams
There are several precautions you can take to ensure you are not a victim of these and other common crypto scams.
Safeguard any sensitive information
- Type the name of crypto services you use into the URL bar. Do not Google them (fake sites occasionally show up in the search results).
- Only use legitimate, well-established, trusted and compliant exchanges.
- Do not click on any links you have been sent by email or on social media. There is a good chance they will lead to fake sites designed to steal your crypto.
- Check the site URL before you enter your user name and password. Fake sites often have subtle misspellings or unusual TLDs.
- Never, ever give up your private keys, even on an apparently trustworthy site. MetaMask and other wallets shouldn’t keep asking you to re-enter your seed phrase.
Check who you are dealing with
- Be very wary about anyone who makes unsolicited contact with you online.
- Project team members should never ask you for funds, and often have a policy of not sending you a DM unless you first make contact.
- If you see a message posted by a well-known social media account, make sure it really is from the person you think. The account may have been hacked, or it could be a copy. Again, look out for misspelled names.
Do your own research
- Never rely on financial ‘advice’ from anonymous influencers or community members. Even if they are legitimate (i.e. aren’t trying to sell you a scam product) they are probably not impartial and may be trying to pump the market.
- Check out the team’s track record. Do they have relevant experience?
- Anonymous teams aren’t always a bad sign, but public teams find it harder to disappear without consequences.
- Read any material they have published and seek opinions from a range of sources.
Up your security game
- Use cold storage and hardware wallets for large amounts of crypto.
- Use 2FA for exchanges and other trust-based services.
- Scan your computer for malware regularly.
- Consider keeping a device that is only used for crypto, if possible.how