Browse Definitions :

Getty Images

9 common cryptocurrency scams in 2022

Cryptocurrency scams are rising, and thieves are using new and old techniques to steal money. Some of the latest scams involve rug pulls, Ponzi schemes and phishing.

Where money is concerned, scams always follow. And the same is true with cryptocurrency.

In February 2022, cryptocurrency exchange platform Wormhole lost $320 million after a cyber attack. In addition to this attack, cryptocurrency scammers have stolen more than $1 billion since 2021, according to a report by the Federal Trade Commission.

Digital currency is a form of currency stored in a digital wallet, and the owner can turn currency into cash by transferring it to a bank account. Cryptocurrency, such as bitcoin, is different from digital currency. It uses blockchain for verification and does not run through financial institutions, so it is harder to recover from theft.

Even though cryptocurrency is a newer trend, thieves are using old methods to steal. Here are some of the common cryptocurrency scams to watch out for.

1. Bitcoin investment schemes

In bitcoin investment schemes, scammers contact investors claiming to be seasoned "investment managers." As part of the scheme, the so-called investment managers claim to have made millions investing in cryptocurrency and promise their victims that they will make money with investments.

To get started, the scammers request an upfront fee. Then, instead of making money, the thieves simply steal the upfront fees. The scammers may also request personal identification information, claiming it's for transferring or depositing funds, and thus gain access to a person's cryptocurrency.

Another type of investment scam involves using fake celebrity endorsements. Scammers take real photos and impose them on fake accounts, ads or articles to make it appear as though the celebrity is promoting a large financial gain from the investment. The sources for these claims appear to be legitimate, using reputable company names such as ABC or CBS with a professional-looking website and logos. However, the endorsement is fake.

2. Rug pull scams

Rug pull scams involve investment scammers "pumping up" a new project, nonfungible token (NFT) or coin to get funding. After the scammers get the money, they disappear with it. The coding for these investments prevents people from selling the bitcoin after purchase, so investors are left with a valueless investment.

A popular version of this scam was the Squid coin scam, named after the popular Netflix series Squid Game. Investors had to play to earn cryptocurrency: People would buy tokens for online games and earn more later to exchange for other cryptocurrencies. The price of the Squid token went from being worth 1 cent to about $90 per token.

Eventually, trading stopped and the money disappeared. The token value then reached zero as people attempted but failed to sell their tokens. The scammers made about $3 million from these investors.

Rug pull scams are also common for NFTs, which are one-of-a-kind digital assets.

3. Romance scams

Dating apps are no stranger to crypto scams. These scams involve relationships -- typically long-distance and strictly online -- where one party takes time to gain the other party's trust. Over time, one party starts to convince the other to buy or give money in some form of cryptocurrency.

After getting the money, the dating scammer disappears. These scams are also referred to as "pig butchering scams."

4. Phishing scams

Phishing scams have been around for some time but are still popular. Scammers send emails with malicious links to a fake website to gather personal details, such as cryptocurrency wallet key information.

Common cryptocurrency scams include bitcoin investment scams, rug pull scams, romance scams, phishing scams, man-in-the-middle attacks, social media giveaways, Ponzi schemes, fake exchanges and fraudulent employment
These are some common cryptocurrency scams.

Unlike passwords, users only get one unique private key to digital wallets. But if a private key is stolen, it is troublesome to change this key. Each key is unique to a wallet; so, to update this key, the person needs to create a new wallet.

To avoid phishing scams, never enter secure information from an email link. Always go directly to the site, no matter how legitimate the website or link appears.

5. Man-in-the-middle attack

When users log in to a cryptocurrency account in a public location, scammers can steal their private, sensitive information. A scammer can intercept any information sent over a public network, including passwords, cryptocurrency wallet keys and account information.

Anytime a user is logged in, a thief can gather this sensitive information by using the man-in-the-middle attack approach. This is done by intercepting Wi-Fi signals on trusted networks if they are in close proximity.

The best way to avoid these attacks is to block the man in the middle by using a virtual private network (VPN). The VPN encrypts all the data being transmitted, so thieves cannot access personal information and steal cryptocurrency.

6. Social media cryptocurrency giveaway scams

There are many fraudulent posts on social media outlets promising bitcoin giveaways. Some of these scams also include fake celebrity accounts promoting the giveaway to lure people in.

However, when someone clicks on the giveaway, they are taken to a fraudulent site asking for verification to receive the bitcoin. The verification process includes making a payment to prove the account is legitimate.

The victim can lose this payment -- or, worse yet, click on a malicious link and have their personal information and cryptocurrency stolen.

7. Ponzi schemes

Ponzi schemes pay older investors with the proceeds from new ones. To get fresh investors, cryptocurrency scammers will lure new investors with bitcoin. It's a scheme that runs in circles, since there are no legitimate investments; it is all about targeting new investors for money.

The main lure of a Ponzi scheme is the promise of huge profits with little risk. There are always risks with these investments, however, and there are no guaranteed returns.

8. Fake cryptocurrency exchanges

Scammers may lure investors in with promises of a great cryptocurrency exchange -- maybe even some additional bitcoin. But in reality, there is no exchange and the investor does not know it's fake until after they lose their deposit.

Cryptocurrency uses blockchain for verification and does not run through financial institutions, so it is harder to recover from theft

Stick to known crypto exchange markets -- such as Coinbase, Crypto.com and Cash App -- to avoid an unfamiliar exchange. Do some research and check industry sites for details about the exchange's reputation and legitimacy before entering any personal information.

9. Employment offers and fraudulent employees

Scammers will also impersonate recruiters or job seekers to get access to cryptocurrency accounts. With this ploy, they offer an interesting job but require cryptocurrency as payment for job training.

There are also scams when hiring remote workers. For instance, North Korean IT freelancers are trying to capitalize on remote job opportunities by presenting impressive resumes and claiming to be U.S.-based. The U.S. Department of the Treasury issued a warning of this North Korean scam targeting cryptocurrency companies.

These IT freelancers seek projects involving virtual currency and use access for the currency exchanges. They then hack into the systems to raise money or steal information for the Democratic People's Republic of Korea (DPRK). These workers also engage in other skilled IT work and use their knowledge to gain insider access to enable the DPRK's malicious cyber attacks.

Learn more about continuous employee background checks to protect organizations.

How to protect bitcoin and cryptocurrency

To protect against cryptocurrency scams, here are some of the common red flags:

  • promises for large gains or double the investment;
  • only accepting cryptocurrency as payment;
  • contractual obligations;
  • misspellings and grammatical errors in emails, social media posts or any other communication;
  • manipulation tactics, such as extortion or blackmail;
  • promises of free money;
  • fake influencers or celebrity endorsements that seem out of place;
  • minimal details about money movement and the investment; and
  • several transactions in one day.

Protect digital wallets from scammers by practicing good digital security habits such as strong passwords, using only secured connections or VPNs and choosing safe storage. There are two types of wallets: digital and hardware. Digital wallets are hosted online and have a higher rate of getting hacked. Hardware wallets store information, such as the cryptocurrency wallet and keys, offline within a device.

Cryptocurrency is not insured by the Federal Deposit Insurance Corporation, so keeping it safe is vital. Never give wallet keys or access codes to anyone.

Next Steps

6 best cross-chain bridges in 2022

How is cryptocurrency valued?

NFT wash trading explained

Dig Deeper on Security management

SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or ...

  • What is cybersecurity?

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • Android System WebView

    Android System WebView is a system component for the Android operating system (OS) that allows Android apps to display web ...

SearchCIO
  • privacy compliance

    Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or ...

  • contingent workforce

    A contingent workforce is a labor pool whose members are hired by an organization on an on-demand basis.

  • product development (new product development -- NPD)

    Product development, also called new product management, is a series of steps that includes the conceptualization, design, ...

SearchHRSoftware
  • talent acquisition

    Talent acquisition is the strategic process employers use to analyze their long-term talent needs in the context of business ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

  • hybrid work model

    A hybrid work model is a workforce structure that includes employees who work remotely and those who work on site, in a company's...

SearchCustomerExperience
  • Salesforce Trailhead

    Salesforce Trailhead is a series of online tutorials that coach beginner and intermediate developers who need to learn how to ...

  • Salesforce

    Salesforce, Inc. is a cloud computing and social enterprise software-as-a-service (SaaS) provider based in San Francisco.

  • data clean room

    A data clean room is a technology service that helps content platforms keep first person user data private when interacting with ...

Close