1. Social Media Giveaway Scams
It’s amazing, nowadays, how everyone seems so generous on the likes of Twitter and Facebook. Check the replies to a tweet with high engagement, and you’ll no doubt see that one of your favorite crypto companies or influencers is doing a giveaway. If you send them just 1 BNB/BTC/ETH, they promise to send you back 10x that amount! It seems too good to be true, doesn’t it? Unfortunately, that’s because it is. That’s a pretty good rule of thumb to apply to many of these scams.
It’s incredibly unlikely that someone is hosting a legitimate giveaway that requires you to first send your own money. On social media, you should be wary of these kinds of messages. They might come from accounts that might look identical to the ones you know and love, but this is part of the trick. As for the dozens of replies thanking said account for their generosity – they’re just fake accounts or bots deployed as part of the giveaway scam.
2. Pyramid and Ponzi schemes
In a Ponzi scheme, you might hear about an investment opportunity with guaranteed profits (this is your first red flag!). Commonly, you’ll see this scheme disguised as a portfolio management service. In reality, there’s no magical formula at work here – the “returns” received are just other investors’ money.
The organizer will take an investor’s money and add it to a pool. The only inflow of cash into the pool comes from new entrants. Older investors are paid off with newer investors’ money, a cycle that can continue as more newcomers join. The scam unravels when there isn’t any more cash coming in – unable to sustain payouts to older investors, the scheme collapses.
In a pyramid scheme, there’s a bit more work required by those involved. At the top of the pyramid is the organizer. They’ll recruit a certain number of people to work on the level beneath them, and each of those people will recruit their own number of people, etc. As a result, you end up with a massive structure that grows exponentially and ramifies as new levels are created (hence the term Pyramid).
3. Fake Mobile Apps
It’s easy to overlook the warning signs on fake apps if you’re not careful. Typically, these scams will direct users to download malicious applications – some of which mimic popular ones.
Once the user installs a malicious app, everything might seem to work as intended. However, these apps are specifically designed to steal your cryptocurrencies. In the crypto space, there were many cases where users downloaded malicious apps whose developers masqueraded as a major crypto company.
In such a scenario, when the user is presented with an address to fund the wallet or to receive payments, they’re actually sending funds to an address owned by the fraudster. Of course, once the funds are transferred, there’s no undo button.
Another thing that makes these scams particularly effective is their ranking position. Despite being malicious apps, some can rank highly in the Apple Store or Google Play Store, giving them an air of legitimacy. To avoid falling for them, you should only download from the official website or from a link given by a trusted source. You might also want to check the publisher’s credentials when using Apple Store or Google Play Store.
Even newcomers to the crypto space will undoubtedly be familiar with the practice of phishing. It typically involves the scammer impersonating a person or company to extract personal data from victims. It can take place across many mediums – telephone, email, fake websites or messaging apps. Messaging apps scams are particularly common in the cryptocurrency environment.
There’s no single playbook that scammers adhere to when trying to get ahold of personal information. You may get emails notifying you of something wrong with your exchange account, which requires you to follow a link to fix the problem. That link will redirect to a fake website – similar to the original one – that will prompt you to log in. This way, the attacker will steal your credentials, and possibly your cryptocurrencies.
A common Telegram scam sees the scammer lurking in official groups for crypto wallets or exchanges. When a user reports a problem in this group, the scammer will reach out to the user privately, impersonating customer support or team members. From there, they’ll urge the user to share their personal information and seed words.
Some other security tips include:
- Check the URL of the websites you’re visiting. A common tactic involves the scammer registering a domain that looks very similar to that of a real company (e.g., binnance.com).
- Bookmark your frequently visited domains. Search engines can mistakenly display malicious ones.
- When in doubt about a message you’ve received, ignore it and contact the business or person via official channels.
- Nobody needs to know your private keys or seed phrase.
5. Vested Interests
The acronym DYOR – Do Your Own Research – is often repeated in the cryptocurrency space, and for very good reason. When it comes to investing, you should never take someone’s word for granted on what cryptocurrencies or tokens to purchase. You never know their true motives. They may be paid to promote a particular ICO or have a large investment of their own. Here are some general questions to get started:
- How have the coins/tokens been distributed?
- Is the majority of the supply concentrated in the hands of few entities?
- What’s the unique selling point of this particular project?
- What other projects are doing the same thing, and why is this one superior?
- Who is working on the project? Does the team have a strong track record?
- What’s the community like? What’s being built?
- Does the world actually need this coin/token?