The latest report is live: Read the Outseer™ Q4 2021 Fraud & Payments Report

What Is Cryptocurrency Fraud?

Cryptocurrency is a type of digital currency that exists electronically. Cryptocurrency fraud is becoming more common and exists in many forms:

  • Scam offerings
  • Ponzi Schemes
  • Traditional Theft
  • Pump and Dump schemes

Spotting cryptocurrency fraud can be tough, especially in the fast-paced world of decentralized finance. While there are many opportunities and promising projects, the cryptocurrency world is largely unregulated, making it a hotbed for cybercriminals.

Before we explore how cryptocurrency fraud works, let’s cover the basics of how most cryptocurrencies work.

Cryptocurrency Basics

Understanding the very basics of how crypto works is half the battle to securing your cryptocurrency. Many scams exploit beginners who don’t have a solid understanding of how their wallet works, what private keys do, and who actually has control over their cryptocurrency.

In traditional banking, we have secure physical places where our money is stored, like the bank or a safety deposit box. With cryptocurrency, the person who controls the private key can move and spend the currency digitally.

If your private key is lost or stolen, access to your cryptocurrency could be lost forever. You can think of this private key as your unique signature that is required any time you want to move or spend your cryptocurrency.

Each wallet has its own unique private key that can be used to transfer coins. Not all wallets are created equal, especially from a security perspective.

Hot Wallets

Hot wallets are wallets that are connected to the internet. They are convenient for trading, swapping, and spending, but have a higher chance of being compromised by cybercriminals due to their connectivity and online access. Browser-based wallets such as MetaMask are great for holding small amounts of currency but aren’t an ideal place to store large sums of cryptocurrency.

Cold Wallets

Cold wallets exist offline and are a better option for storing large amounts of cryptocurrency for the long term. Cold wallets aren’t ideal for those looking to spend their coins frequently or trade throughout the day since it takes longer to perform a transaction. Those looking for a cold wallet can purchase a hardware wallet like the Ledger, or even create a paper wallet for free.

Exchanges

There’s a saying in the cryptocurrency community, “not your keys, not your coins.” When users keep their cryptocurrency on an exchange, they don’t own the rights to control that currency. This means if the exchange is hacked or decides to scam its users, any cryptocurrency stored on that exchange can be stolen.

Keeping large amounts of cryptocurrency on an exchange is incredibly risky. Users should consider moving significant amounts of coins off the exchange as soon as possible. Exchanges are massive targets for cybercriminals due to the amount of wealth they hold. Billions of dollars worth of cryptocurrency have been stolen from exchanges through phishing scams, brute-force attacks, and outright fraud.

With the basics out of the way, let’s look into some particular instances of cryptocurrency fraud, and explore ways to prevent it.

Examples of Cryptocurrency Fraud

Scam Initial Coin Offerings

Similar to an Initial Public Offering (IPO), cryptocurrency projects have ICOs during launch. ICOs are exciting because getting in on a big project early could lead to incredible returns. Unfortunately, scammers can spin up a fake ICO with very little money or effort.

Many scam ICOs promise massive returns and take advantage of current trends. For example, SQUID coin was a scam ICO that leveraged the popularity of the Netflix series Squid Game to gain exposure.

The creators of a scam ICO hold a majority of the coins in their wallets and watch as more people exchange dollars for their coins. On paper, scam ICOs can look incredibly profitable with massive “theoretical” returns. Oftentimes there is very little liquidity in the market, meaning even if a coin holder is up 1000%, they can’t exit their position.

Owners of a scam ICO sell their lion’s share of coins as the scam continues to gain traction or simply sell off all their coins at once and disappear. This is called a “rug pull” or getting “rugged.”

You can avoid Scam ICOs by doing the following:

  • Research the team and review their whitepaper
  • Checking the blockchain to make sure no single wallets hold a majority of the currency
  • Use community tools that audit new coins and track scams
Pump and Dump

Pump and dump scams are similar to scam ICOs but can happen multiple times with the same cryptocurrency. Majority owners of a particular currency will attempt to hype up a coin and artificially drive the price up. False claims, photoshopped images, and fake testimonials can all lead to a sharp rise in price as investors try to get in early. As the price reaches its artificial peak, the scammers dump their coins all at once, causing the market to crash.

You can avoid pump and dump scams by doing the following:

  • Researching claims extensively before buying
  • Using open forums like Reddit to get different opinions
  • Avoiding projects with too-good-to-be-true promises
Ponzi Schemes

Ponzi Schemes rely on a steady stream of new investors in order to pay artificial returns to early adopters. One of the most infamous Ponzi schemes in the world of cryptocurrency was Bitconnect, which marketed itself as a high-yield investment program.

Bitconnect ultimately collapsed after reaching a near $500 high. Founders of Bitconnect made off with close to $2 billion before the price plummeted to under one dollar. While many called out Bitconnect as a scam before its collapse, not all Ponzi schemes are as obvious.

Here’s how you can avoid cryptocurrency Ponzi schemes:

  • Avoid projects that use multi-level marketing tactics
  • Be suspicious of promises and wildly large returns
  • Avoid projects you don’t fully understand
Theft

There are also organized crime rings that target large wallets and exchanges. Cybercriminals often use phishing campaigns to gain access to secure networks and computers. Phishing works by tricking users into clicking a link and entering their information into a malicious clone of a legitimate site. Cybercriminals can steal credentials and private keys using this method.

In some cases, keyloggers, spyware, and trojans are used to silently monitor networks for signs of cryptocurrency wallets or access to exchanges. When the user accesses their wallet, the private key is stolen and their funds are moved to the scammer’s wallet.

You can avoid cryptocurrency theft by doing the following:

  • Installing antivirus software
  • Never sharing your private key
  • Keeping large amounts of cryptocurrency in cold wallets (offline)

How Can Crypto Exchanges Prevent Cryptocurrency Fraud

Exchanges are arguably one of the biggest targets for cryptocurrency fraud, as a single compromised system can scam thousands of users at once. Not only do exchanges need to invest in network security, but they also must protect their brand from impersonation.

As traditional brute-force attacks become more difficult, scammers are now doubling down on brand impersonation, phishing attacks, and rogue mobile apps to steal information and funds from unsuspecting users.

Exchanges and official project pages are continuously at risk of being impersonated on social media, email, and domain registration. Even just a few successful brand impersonation attacks can impact the trust between the customer and the brand.

Manually reporting fake accounts, sending takedown requests, and policing messages is a nearly impossible task. Thankfully, exchanges now leverage advancements in artificial intelligence and machine learning to not only detect fraud but completely shut it down before it reaches customers.

Meet Outseer

Outseer FraudAction automatically stops phishing, rogue apps, and brand impersonation attacks by continuously monitoring and defending your digital presence. Through a combination of machine learning and anti-fraud triage, Outseer immediately takes down malicious sites and accounts before they reach your customers.

Even with the fast-paced nature of crypto fraud, the Outseer Global Data Network can stop new threats by leveraging the telemetry from millions of transactions across multiple industries worldwide.

By seeing what others can’t, we stop fraud long before a transaction ever occurs. To learn how you can protect your customers through the power of frictionless fraud prevention, request a free demo today.

Mark Crichton

Chief Product Officer

With over 20 years’ experience in architecting, deploying, developing and strategic consulting within the realm of global IT security and payment security solutions, I am uniquely positioned with real world practical experience, knowledge and a reputation for being resolutely focused on consumer needs, strategic advantage and driving to a solution that maximises competitive advantage.

My passion with technology is defining and creating a seamless user journey, fusing technical know-how with an understanding of current business issues, to help achieve business goals through technology.