There have been few trends that have attracted attention in recent years like cryptocurrency. The frenzy of jumping on the next major digital currency to make money is reminiscent of the gold rush of 1849, when more than 380,000 prospectors traveled to California to make their fortunes. While the two markets differ in that cryptocurrency investors can mine their fortunes from the comfort of their homes, there are similarities in the fact that they have both created a hotbed of criminal activity.
Gold and cryptocurrency are proving to be an irresistible temptation for fraudsters looking to exploit the money of satisfied investors. The market at 19and century was riddled with “fool’s gold” while crypto today is also plagued with scam offers, exchanges, phishing campaigns and “pump and dump” scams. In fact, in 2021, fraudsters around the world won a record £10.5 billion worth of stolen cryptocurrency.
Knowing the methods used by cyber bandits to commit cryptocurrency fraud is essential for investors to avoid falling into an empty gold mine.
Hop on the crypto train
With crypto, investors often get caught up in the hype and skip the basics. Some will invest hundreds of thousands of pounds in a currency without really understanding how it works, how their wallet works, what the private keys are for and who actually manages their account. We are all used to how traditional banks work, and while there are some similarities, crypto certainly differs.
With cryptocurrency, each wallet has its own unique private key that can be used to transfer coins – similar to the function of a person’s signature. However, not all wallets are created equal, especially from a security perspective. For many, if your private key is lost or stolen, access to your cryptocurrency could be lost forever as whoever controls the private key has all the power and can issue and move currency digitally. Understanding these basics is crucial, of course, but crypto investors should also be aware of the fraud threats they face. With that in mind, here are three of the scams favored by cyber criminals:
1. Initial Fraudulent Coin Offering
Cryptocurrency projects have initial coin offerings (ICOs) that generate hype around the launch of a new coin. However, scammers can develop a fake ICO that promises investors significant rewards, with very little money or effort. For example, SQUID Coin was an ICO scam that took advantage of the hit Netflix series Squid Game to gain publicity, making creators more than £2.3 million.
Fake ICO makers promise huge returns but keep the lion’s share of the coins in their own wallets, sit back and watch people trade physical silver for their currency. As the coin gains momentum, owners of a fraudulent ICO can sell all of their coins at once and disappear – otherwise known as a “back pull”.
2. Pump and Dump Cryptocurrency Scams
Pump and dump scams cause cybercriminals to pull the rug out once enough money is invested, causing an instant market crash. A group of traders, such as a coin’s founders or associates, will promote a coin using Photoshopped images, false testimonials and misrepresentations to artificially inflate its price. Once the price has risen enough to peak, scammers will sell their shares in one go, leaving buyers with useless currency.
Like the dotcom bubble, it can be tempting to jump into the next hot thing, but it’s important to understand exactly which altcoin you’re buying and why.
3. Running Cryptocurrency Exchanges
Exchanges are another way scammers take advantage. Binance, the world’s largest crypto exchange, handles £58 billion worth of cryptocurrency every day, so it’s clear why the exchanges are such big targets for criminal activity due to the amount of wealth they hold. Users are advised not to keep their cryptocurrency on an exchange – especially if it is a large amount – because they do not have the rights to manage it. However, many ignore this advice.
Billions of pounds worth of cryptocurrency and thousands of user logins have been stolen from exchanges through brand abuse, malicious mobile apps, phishing scams and brute force attacks. Organized crime networks will use these methods to steal credentials and private keys. Once a private key is stolen, the money is transferred to the fraudster’s wallet, leaving the buyer out of coins.
Finding a solution for unregulated cryptocurrencies
While cryptocurrency is currently unregulated, the industry is taking steps to prevent fraud. Exchanges invest in network security and increase their efforts to identify brand impersonation. Given the wealth kept in exchanges, monitoring messages, manually reporting fake accounts and sending withdrawal requests is an almost impossible task. However, advances in artificial intelligence and machine learning allow exchanges to not only detect fraud, but completely eliminate it before it reaches consumers.
Users can also take steps to protect themselves. First of all, it’s critical to keep your private key and credentials to yourself, even if someone seems persuasive. Preparation before any investment is also essential, from researching coins to avoiding anything that seems too good to be true or using online forums to get differing opinions before buying a currency. To protect against phishing, users can take simple steps such as installing antivirus software and not holding large amounts of currency on an exchange.
Looking for a gold mine or leaving empty-handed?
With prices soaring, unprecedented growth and a call to invest, it is clear why many are comparing the crypto craze to the gold rush. Now the crypto boom has opened the door to financial opportunities for coin buyers and scammers. With crypto bandits coming from all over, the industry needs to support and protect buyers from malicious attacks. These crypto investors should also be careful, do their research and take sufficient steps to protect their assets – or could end up with nothing but “fool’s gold.”
About the author: Mark Crichton is the Chief Product Officer at Outseer – the California-based fintech with a mission to rid the world of transaction fraud. He has over 20 years of experience in architecture, implementation, development and strategic consulting in global IT security and payment security solutions.