The number of scams and the ingenuity of fraudsters in the crypto industry is endless. In 2021, tens of thousands of people reported financial losses related to crypto scams totaling over 1 billion USD. In 2022, based on various sources, it was around 3 to 12 billion USD. Analysts estimate that in 2023 scammers will steal up to 16 billion USD. It is important to mention that the numbers may not be accurate as many people do not report the fraud to the authorities. Don't get scammed. Read what the goal of fraud is, what tricks scammers use, and how to recognize a scam.
People don't understand blockchain
Newbies entering the world of cryptocurrencies unfortunately have little knowledge of how to safely store their assets. The desire to invest in a new industry combined with low knowledge of this technology is attractive to scammers. Blockchain transactions are irreversible and bypass the traditional financial system. It's convenient for fraudsters.
Unfortunately, scams are one of the reasons why people avoid self-custody and hold digital assets on centralized exchanges. They do not want to become a victim and believe that their asset custodians will not fall for the fraudsters.
All those interested in cryptocurrencies should first familiarize themselves with the basic principles of blockchain and purchase a hardware wallet. You should know how the most common types of crypto scams work. However, this is a never-ending battle, as scammers are creative and keep coming up with new and more sophisticated tricks. They use modern technologies including AI and are always one step ahead.
Why do people fall victim to scams?
Scammers know human characteristics and behavior very well. They know what forms of attack work.
Scammers often create plausible stories and personas that may not always trigger your spam filters. They're quick to exploit current events for their gain.
They can find out that you are waiting for a shipment. They will abuse it, for example, by calling you and trying to get personal information from you, claiming that it is necessary for the delivery of the package.
People are greedy. This human quality can be exploited. The promise of high returns or 'something for nothing' can be very enticing. This is often seen in scams involving fake investments or lotteries.
In the past, we have often seen offers like 'send your coins to the blockchain address X and I will send you back double'. This type of scam is already known, but it can still work well for novices.
Scammers often create a sense of urgency, pressuring their victims to act quickly before they have time to think things through or seek advice. If the attacker manages to make you act emotionally, you stop thinking rationally. This is very dangerous. Urgency can be an indicator of a scam.
Many people believe they're too smart or savvy to fall for scams, which can leave them unprepared and at risk. Believe me, even the smartest of us will fall for a scam. It's always better to be prepared than surprised (and robbed).
Mass attacks and possible consequences
One of the characteristics of scam attacks is targeting as many people as possible. They often spam email boxes and social networks. They know that 99% of people will recognize the scam and not react. However, for them, success is if 1% of people respond.
Let's show one current scam that everyone who uses platform X has probably seen. Scammers add a comment with this scam under almost every post from popular users (influencers) who have the potential for high viewership.
Platform X promised to fight against bots. However, X loses in this effort. Note that the scammer has an account with a blue checkmark (indicating that he is a paying user).
What does the scammer offer you? SyncSwap offers SYNC tokens. You are invited to check if you are eligible to get some tokens. What do scammers want to achieve? It is very simple. For you to click on a fake link.
Note that scammers are abusing airdrop events that have been publicly announced. SyncSwap is an existing service with SYNC tokens. Scammers are abusing an existing event and preying on your greed.
Remember. Scammers create fake airdrops (or make fake copies of those that are publicly known) to lure users into claiming them. This usually involves convincing users to connect their wallets to malicious smart contracts or share their private keys. If you succumb to this attack, you will most likely lose your assets.
The most common types of crypto scams
Scammers almost always have one goal. Obtain confidential, sensitive, or personal information from you. Many crypto scams involve some type of impersonation, along with a selection of carefully crafted lies that are often tailored based on the victim they're targeting. As we have shown above, scammers can exploit current events.
One of the frequent attacks is impersonation.
Attackers impersonate existing accounts on social networks (often on platform X) and try to promote some scam through it. It's easy to create an account that looks almost identical to an existing account of a well-known person, such as Michael Saylor or Charles Hoskinson.
If you are not sure about the message, always check if the account has a blue checkmark and check the number of followers. Also, check to see if the account name is misspelled. Account names must be unique. Attackers are forced to change the account name, at least a single character.
The same applies to URLs. Attackers like to take advantage of your inattention. The most popular DEX in the Cardano ecosystem is Minswap. But what is the URL? Many people may not remember that. They go to Google and want to find DEX. However, Google can present them with a fake URL on the DEX that will look the same as Minswap.
It is convenient to remember the URL of the services you use or to save the links.
Scammers may not attack indirectly through social networks, but also directly, for example by sending you an email with a plausible story. They may even call or text you. In the case of emails, people rely on scams to be automatically filtered out. Failing that, people tend to engage with email.
You may receive an email from the exchange or the HW wallet you use with the request that your funds are at risk and that you must log in to the exchange as soon as possible (the goal of the attack is to obtain login information) or enter a passphrase (the goal of the attack is to steal your assets). Attackers try to create pressure and the assumption that you want to protect your assets.
It's always a good idea to check the official site or account on platform X. There should be all the necessary information if something unpleasant happens. It is always suspicious if someone contacts you with a request that involves the disclosure of sensitive information and no reliable information can be found on social networks.
Remember that you must never, under any circumstances, give the passphrase (seed) to a third party or write it on a website. It is always a scam. A passphrase is a cryptographic secret that only you and no one else should know, as it is the key to your digital assets.
If you provide login credentials to a fake website, the attacker will immediately try to use them and steal your funds. Never rely solely on login and password and always use Two-Factor Authentication (2FA).
If you manage to recognize the attack in time, immediately change your password and contact support (however, they may not respond quickly enough).
Don't be greedy and don't believe that someone will give you something for free. That's not how the world works. If something is too attractive or too good to be true, it is almost certainly a scam.
Remember that tokens can be created very cheaply.
It's easy for scammers to present a project that will seemingly change the world, and you can get rich from it if you buy tokens in the presale. Think back to the ICO mania at the end of 2017. The vast majority of projects are gone, leaving only worthless tokens. Some teams disappeared right after the token sale and didn't even try to pretend they were working on something.
Sometimes tokens may have the same ticker as an existing one. Always be interested in how to distinguish a real token from a fake one. If someone offers you BTC for half the current value, these are fake tokens.
This can also apply to NFTs. If you're interested in a series, make sure you're buying the original and not a fake. Blockchain technology, unlike the Internet, lets you distinguish the real from the fake. However, you need to know how to do it, for example, to be able to find the minting policy ID.
Be suspicious, restrained in the steps you want to take, don't give in to emotions, and don't be greedy. Make sure you have a good understanding of the technologies you use, including DeFi services. Don't be afraid to learn new things and stay aware of what new tricks scammers have come up with.
It is not easy to protect your digital assets. With the advent of AI technology, scammers have a new weapon that they will use. It will be very easy to write a text in any language, imitate a voice, or even create a video in which your partner will ask you to send money quickly because he or she lost his wallet and can't get home.
The fight against scams will never end and unfortunately, you cannot ignore this fact.