The cryptocurrency space is still teeming with all manner of fraudsters, scammers, hackers and ne’er-do-wells, all seeking to profit illegally in an industry that is still suffering from lack of proper law enforcement. The year 2023 has seen a considerable decline in crypto-related crimes, according to a report by Chainalysis, largely due to the overall slump in liquidity volumes on the market, making it less attractive for criminals. Still, crime still runs rampant throughout the crypto industry and the following is a list of the most common types of fraudulent schemes encountered by users in the market in 2023.
The Investment Manager
Though the given scheme is as old as time and goes back to the dawn of the crypto industry, it is still maintaining its position as the dominant type of crypto scam. By impersonating a successful business manager or investment consultant, the scammer approaches a potential victim and offers them their help in managing or building up a profitable portfolio. Alternatively, the fake ‘investment guru’ offers the victim to manage an existing portfolio in such a way that it will generate double-digit profits.
Such an offer is always accompanied by a convincing lineup of websites, bogus cases, charts, presentations, and even endorsements that make the scammer seem legitimate. Once the victim succumbs to the offers, the scammer asks them to make an upfront fee for their ‘consulting services’. After the victim has made the upfront payment, the scheme can take on two different directions.
- One – the scammer vanishes with the upfront fee, which is usually an inconsiderable sum, ranging from several hundred to a thousand dollars. This approach is mostly applied by budding young scammers who are content with a small taking.
- Two – the scammer can continue playing with the victim by ushering them to a fake website with a balance account that, supposedly, is the vault for the portfolio, which the ‘investment guru’ will manage. Once the victim has transferred their funds to the fake website, the scammer vanishes with a sum that is much larger than the upfront fee. This approach is more elaborate, as it requires more effort and the presence of a convincing fake website.
The original type of crypto scam that takes its beginning from the ICO era of 2017 is still alive and well. This scheme involves the development of a fake project with an idea that the scammers propose and implement on a superficial level. The project offers investors double-digit returns and is usually accompanied by an expensive marketing campaign intended to raise its popularity and position it as a ‘revolutionary’ startup with impressive potential. The scam project can be anything from an NFT collection to a project targeting the implementation of blockchain in logistics, or any other industry.
As a rule, once the investors make their contributions to the project and purchase the fake tokens or NFTs, the project is suddenly closed down and the ‘development team’ vanishes with the funds. The scheme relies on the power of conviction and the gullible nature of the investors who will believe the claims of the marketing campaign, the flashy presentations, and the bold claims, and will not conduct an in-depth investigation into the identities of the founders, or the underlying tokenomics.
The Romance Scam
A cruel and rather rare type scam for the crypto industry that exists on dating websites. The scheme itself revolves around a very long-term plan of finding and romancing lonely and desperate individuals. The scammers impersonate the ‘perfect lover’ by preying on lonely men and women, charming them with sweet-talk and promises of eternal love. Once the victim of the scam is head over heels in love with the scammer’s fictitious personality, the fraudster starts asking for money. The reason can be anything from a donation to an orphanage to help for an ailing relative.
Such scammers make full use of the victim’s sense of guilt and unease to force them to send money to a designated address. Once the victim has sent the money, the scammer vanishes, leaving behind a distraught and broken-hearted person with an empty wallet.
With social engineering schemes becoming more elaborate, phishing is becoming a common occurrence in the crypto space. The scheme involves the scammers sending fake emails to their victims with the purpose of gaining access to personal account details for further penetration into funds storage spaces. The emails usually contain requests for immediate password changes, sent by the support services of credible websites. As a rule, such emails contain a malicious link, which, once clicked on, will either deploy malware onto the victim’s computer, or will lead them to a fake copy of the credible website. The user will then enter their real credentials, which the scammers will gain access to.
Phishing schemes can be easily identified or prevented. The general rule is to never open suspicious emails, since no support service will ever contact users with password change requests. In addition, phishing emails always contain a slight difference in wording from their original source, which can range from the address to the name of the company.
Giveaway schemes are situational types of scams that arise in the market in times of excessive hype surrounding a popular project. Once a major project starts selling its tokens, or a celebrity endorses it, the scammers deploy fake accounts and websites, claiming that they are distributing giveaways. The scheme leverages the phishing approach, as it will usher users to share their bank account or crypto wallet details. Once the scammers get access to such details, they will act to empty the balances.
As a rule, giveaway scams rely on the fact that users are careless and seldom follow the official accounts of the celebrities in question. The scammers never shy away from making bold statements to attract more users and readily copy the credible accounts of the celebrities in full to seem legitimate.
Impersonation and Deepfakes
Impersonation schemes are closely related to the ‘investment manager’ approach described earlier. However, the scammers can impersonate literally anyone, including such media personalities as Elon Musk, as was the case with the infamous Bitcoin scam that advanced the fake TeslaCoin project.
The development of artificial intelligence has taken impersonation scams a step further and allowed the fraudsters to literally copy anyone they wish using deepfake technology. By using AI and video manipulation, the scammers can shoot videos with celebrities and media personalities to promote fake projects or address targeted users directly with requests to send money.
The Ponzi scheme is an age-old type of scam that still thrives in the crypto industry. The scheme itself relies on attracting investments from a wide range of people with promises of exuberant returns. With no product or service backing it up, the scheme relies on the power of conviction and visibility of profitability by paying new entrants their interest using the money of old investors.
The Ponzi scheme is non-viable and has nothing to do with either legitimate business or legality. A clear giveaway of a Ponzi scheme is the promise of above-market returns, which are accompanied by calls to attract more participants in return for additional income on the basis of a proportional scale implemented as a multi-tiered tree of investors.
Anything from fake websites to fake NFT project sites are being deployed by scammers to attract trusting users to make their contributions. The scammers routinely launch fake marketing campaigns to promote fake exchanges, which call on users to make early-bird deposits in exchange for supposed bonuses and access to advanced features. Such websites have no functionality and act only as veneers to seem legitimate and attractive. Once the users make their deposits, the scammers claim that the funds and bonuses will be available upon launch of the website and the opening of trading.
The launch date always coincides with the sudden shutdown of the project website, at which point the scammers withdraw all of the users’ funds from the fake website’s deposit address and vanish.
A rather exotic, but still active type of scam is the fake job offer. In this case, the scammers impersonate a recruiting agency or HR manager who approaches the victim with a job offer. The offer is usually tailored for the victim based on their profiles available in social networks like LinkedIn. The scammer makes the offer sound interesting for the victim to make sure the latter agrees to go ahead with the commencement of the contract.
The ensuing phase of the scam involves the scammer sending the potential candidate a requirement to pay for mandatory job training that will be required for the position. Though few agree to such a move, once the victim makes the payment, the scammer instantly vanishes with the funds.
The Pump and Dump
A classic from the ICO era, the pump and dump scheme can revolve either around a fake project or a legitimate one.
Under the first case scenario, the scammers launch a fake project and start promoting it aggressively through marketing, making it seem attractive and profitable to attract as many users as possible. Once a critical mass of investments has been made the project token has been ‘pumped’, the scammers shut down the project, collapsing the inflated prices on the worthless token.
Under the second case scenario, the scammers monitor the market in search of aspiring new projects that are gaining popularity. The scammers then exert considerable effort to raise both awareness and hype around the project through forums, communities and even the media. Once the price of the project token has been increased and the scammers have accumulated a sufficient amount of them, they instantly sell off their hoarded tokens at the highest value and crash prices, leaving other investors with losses.
Good Old Extortion and Blackmail
The crypto space is teeming with extortionists and blackmailers, who skillfully make use of ransomware – a type of malicious software that is installed on a victim’s computer. Once the virus has penetrated the victim’s system, it can either freeze the computer or gain access to personal files or account details. The scammers then contact the victim with a request for ransom in exchange for release of the personal files or resumption of the system’s operation.
Such schemes can also extend to blackmail, with the scammers demanding the victim to pay for continued maintenance of their privacy. This usually concerns cases when hackers have gained access to files of a personal nature and blackmail the victim with threats to make them public.