Crypto scams are unfortunately still a reality. Wherever there is promise or potential, malicious individuals will try to take advantage. With the cryptocurrency market, there is the opportunity to steal money so scammers are always looking for new ways to trick people into handing them their details or money directly.
To oppose this, security in this space has stepped up, with the weakest link now generally being the user. This is why scams generally look to tackle individual users. These are some of the most common crypto scams to look out for and avoid.
Examples of Crypto Scams
There are a few common types of scams in cryptocurrency. Be sure to keep an eye out for any of these signs.
Fake Admin Accounts
This is a rather simple trick that is used by scammers. They would create an account with a name that looks and sounds like an official admin and send messages to other users asking for details or money under the guise of offering support. Of course, as a supposed admin, it would not seem out of place for them to ask such questions. In addition to this, a common tactic is to scour groups for people asking for support and then use that information in their private message to make it sound legitimate.
Generally, to counteract this, the exchanges or projects will tell users that admins do not message users privately and to report any that do.
Using Airdrops as Bait
Airdrops are a method used by crypto projects to raise awareness and popularity through the distribution of free tokens. With such a tantalizing offer, users may be drawn into any opportunity they receive. This is where the crypto scammers come in. They will contact users about a fake airdrop and ask for the usual credentials necessary, along with some extra details that will compromise the security of their account. Unsuspecting or uneducated users may not realize the scam and hand over this information.
It doesn’t hurt to be skeptical when approached about taking part in an airdrop. Think about the details they are asking for and whether they are completely necessary.
CPU Mining Websites
One tactic used by websites looking to profit from their users is to install code on their website that utilizes the CPU of users to mine cryptocurrency. Unsuspecting users will suddenly find that the website is causing their device to heat up, slow down, lose battery power at a faster rate, or worse thanks to faster degradation.
While some may see this as a potential new revenue-generating option for websites, if it is done without the expressed consent of the user, then it is certainly not an ethical practice. This is known as ‘cryptojacking’ and remains a controversial subject.
Hi @Starbucks @StarbucksAr did you know that your in-store wifi provider in Buenos Aires forces a 10 second delay when you first connect to the wifi so it can mine bitcoin using a customer's laptop? Feels a little off-brand.. cc @GMFlickinger pic.twitter.com/VkVVdSfUtT
— Noah Dinkin (@imnoah) December 2, 2017
Sending Suspicious Files
While it is common knowledge that downloading files from unknown sources is a bad idea, some people ignore this warning. Scammers take advantage of this fact and send files to groups claiming they contain interesting information, or that they are official programs or wallets. If a user downloads this file, it has the potential to be compromised or install viruses and other unwanted things, some allowing them to gain access to personal information and ultimately their personal accounts.
Users should heed the warning to avoid downloading anything from unknown individuals, especially so in crypto groups.
FOMO is a powerful force that can make people take opportunities that they wouldn’t necessarily take otherwise. ICOs, the opportunity to be amongst the first to invest in a new project, can awaken this emotion in many people for better or for worse. In the beginning, ICOs were burdened by scams and still is today to an extent. Fake projects will raise money through this method before disappearing to never actually deliver on the project – this is known as an exit scam. BitConnect is possibly the most famous example of this.
Performing due diligence is key to avoiding exit scams. While it is not possible to be 100% certain, it greatly reduces the risk of being caught out.
The Promise of Cloud Mining
While not all cloud mining services are a scam, it is definitely worth taking the time to investigate first. The concept is that users can pool together money to rent mining machines for cryptocurrencies like Bitcoin. Through this shared mining hashpower, it can be possible to make some profit. However, some providers have been known to implement high fees that greatly reduces profit, despite the high returns that they generally promise. Ponzi schemes can also take this form. Others simply make it difficult or impossible to withdraw the money made.
Again, it is down to the user to research and decide whether a deal is too good to be true. Having a public mining address is a good sign, and having been established for a while are both good signs.
Honeypotting Crypto Traders
The honeypot scam is quite well known. It involves placing a decoy that would draw in users – the honey pot – and when they attempt to seize the opportunity a ‘trap’ activates and so the honeypotter takes the money.
One example of this is when a cryptotrader posted a private key to a wallet with $5,000 worth of a token in a chatroom or Telegram group – supposedly by accident. The other users, looking to take advantage of this mistake, used the key to access the wallet that the key was associated with. This wallet had no ETH so if anyone wanted to steal the tokens, they would need to transfer ETH first for use as GAS to facilitate the transaction. The trader, however, put in place a smart contract that sends any ETH funds to another address. The $5,000 worth of ERC20 tokens remained safe while the trader ran off with the ETH.
For most traders, it is unlikely they will be confronted with this scam. These are usually targeted at those with bad intentions in the first place.
Best Safety Practices
It is important for users to make use of all the safety and security features in place to ensure their crypto is safe. These are some safety features provided by KuCoin that will help traders avoid crypto scams.
Google 2FA Verification
Two-factor authentication is an effective way of protecting accounts, requiring a randomly generated, time-sensitive code to be input in order to perform a number of actions. This adds another step to the process which helps deter scammers and help secure funds.
With the release of KuCoin Platform 2.0, the exchange now provides mobile phone and account-binding services. At present, mobile phone binding services are supported in the following nine countries, with more SMS services in other countries being worked on.
Countries: United States, India, Indonesia, Turkey, United Kingdom, Philippines, Canada, Thailand, China.
Emails can be used for verification when a withdrawal request is made or an API is created. This acts as another barrier that potential hackers must overcome.
The trading password is a security mechanism that was added on Platform 2.0. It is a six-digit password that is used for important operations such as transaction, withdrawal, and API creation.
Anti-Phishing Safety Phrases
Email Safety Phrase
To protect users from phishing emails, users will be asked to set the anti-counterfeiting security phrase which will be displayed whenever an email is received from KuCoin. If this message does not appear in the email or is incorrect, it is likely that it is a phishing email.
Login Safety Phrase
Just like the email safety phrase, to prevent accounts from phishing websites, users will be asked to set the anti-counterfeiting security phrase which will be displayed whenever they log in to KuCoin. If this message does not appear or is incorrect, it is likely that it is a phishing website.
Avoiding Cryptocurrency Scams
These are just a few examples of what is out there and a few ways in which users can protect themselves. Vigilance should remain high at all times to avoid falling for any of the tricks currently going around.
Of course, projects that lose their value aren’t necessarily scams. There is the possibility that their MVP doesn't really work out well, the project doesn't have good scalability, they have a poor team behind the project, or they simply not have enough funds or investors. Then there are projects like Dogecoin that are generally seen as joke projects that don’t have a clear roadmap if they have one at all. Yet, projects like these sometimes pump when news related to it is released. It is for reasons such as these why KuCoin emphasizes the importance of researching projects to know their foundations and if they really have value.
The cryptocurrency market is full of opportunity and potential, so there is still good reason to take part in trading. These scams are just a small part of the larger ecosystem that promises to revolutionize many different areas of everyday life.
KuCoin offers a safe cryptocurrency exchange for traders.
Mix. (2018, January 17) How BitConnect pulled the biggest exit scheme in cryptocurrency. Retrieved from: https://thenextweb.com/hardfork/2018/01/17/bitconnect-bitcoin-scam-cryptocurrency/
Nation, J. (2018, September 1) Two Scams Promote Fake Zilliqa Airdrop. Retrieved from: https://medium.com/metacert/two-scams-promote-fake-zilliqa-airdrop-acec99d10d47
Philips, D. (2019, March 24) Malware Alert: Bitcoin Core Copycat On The Loose. Retrieved from: https://beincrypto.com/malware-alert-bitcoin-core-copycat-on-the-loose/
Shen, M. (2018, July 10) Torrent Site Pirate Bay Warns Users About Monero Mining Software. Retrieved from: https://www.coindesk.com/torrent-site-pirate-bay-spells-out-monero-mining-software-use
Wood, A. (2019, February 19) Alleged Bitcoin Mining Scam Reported in Thailand. Retrieved from: https://cointelegraph.com/news/alleged-bitcoin-mining-scam-reported-in-thailand
Zuckerman, M.J. (2018, February 4) Scammers Steal Over $1.8 Mln By Posing As Admins of Seele ICO. Retrieved from: https://cointelegraph.com/news/scammers-steal-over-18-mln-by-posing-as-admins-of-steele-ico