Cast your mind back to mid 2020, where among the continued uncertainty around the COVID-19 pandemic and what the end of the year could look like, an incident involving several high profile Twitter users raised the issue of cryptocurrency scams.
In that incident, a bunch of (mostly) teenagers were able to hack into Twitter and send tweets from some major accounts including Elon Musk, Barack Obama, Joe Biden, Bill Gates, Jeff Bezos and both Kim Kardashian and Kanye West. Companies such as Apple and Uber also posted the tweets, as around 130 accounts were affected, though only 45 were believed to have been used to tweet the scam message.
The issue here was that the accounts were used to promote a scam related to cryptocurrency, claiming that the sender would double the value of any bitcoin the user sent to the given wallet. Those tweets linked to a cryptocurrency address, and unsuspecting users saw what appeared to be quite the appetizing deal.
After all, the price of cryptocurrency, and Bitcoin in particular, has fluctuated over the years, but at the time of writing the price of Bitcoin is on the rise once again, exploring new valuations. According to Bitcoin FOMO, an investment of $1000 one year ago would be worth $4769 on the day of writing.
No security solution will be able to protect you from willingly sending your money to a scammer, so make sure you know what you’re investing in. Using a hardware wallet, you can keep the keys to your crypto offline, and learn to ignore and report scammers by following the tips below.
It’s easy to see the attraction of investing in cryptocurrency, and that creates an opportunity for scammers: people want to get more for their money, making it easy to lure them in with appetizing rewards.
With the UK’s Financial Conduct Agency (FCA) naming cryptocurrency scams as the most searched for investment and pension scams, it is well worth being aware of how scams are created and what they look like.
Specific to cryptocurrency, Which warns that a scam can take many forms, including:
- “A fake cryptocurrency which does not and will not ever exist”
It is also easy to make a real cryptocurrency for the sole purpose of marketing it and selling it to investors.
- “A bogus investment which promises to put money in a legitimate cryptocurrency”
The common form this takes is that scammers will offer to multiply any coins you send them, as was the case in the mass Twitter scam.
- “A dangerous website link that then downloads malware onto your computer”
Cryptojacking, as this is known, is an easy way for criminals to generate income by mining cryptocurrency on unsecured computers.
If you meet a scammer it often opens on seemingly friendly or professional terms. Using email or direct messaging, criminals impersonate exchanges, individuals, or companies like Trezor. Avoid responding to them.
Jack Mannino, CEO at nVisium, a Virginia-based application security provider, said “the economics of hacking suggest that attackers will continue to gravitate towards digital currencies as they increase in value and become more prevalent in our daily lives.” It’s an easy form of moving money anonymously, and just as easy to make the money disappear.
Thomas Beek, senior cybersecurity specialist at Digital Shadows, a provider of digital risk protection solutions, said: “Cryptocurrencies are continuing to soar in popularity, which means the chances of succumbing to a crypto-based scam are growing too. Although scams involving cryptocurrencies are nothing new, the tactics adopted to trick unsuspecting users are increasing in sophistication.”
With the above in mind, what are the best ways to spot a cryptocurrency scam?
1 — Anything which seems to be too good to be true probably is. This is pretty standard advice for any sort of scam or fraudulent activity both off and online, but it is all too easy to throw caution to the wind when a good opportunity appears.
2 — Did the message first appear in your junk mail folder? Email software can be very good at spotting scams and junk mail messages, and uses signatures to better filter that type of message. Even if an email evades the filter, check the sender’s address is legitimate and not a variation of the real thing. If you get that far and are ready to click, don’t overlook step one.
3 — You’re contacted directly and unexpectedly. Companies that contact you directly and without your knowledge should be treated with scepticism, especially if you are being asked to part with your money or your data. Many investment scams will pressure you into making a decision fast, so think before you act.
4 — Is the company offering this opportunity actually real? An easy way to determine if a company offering a cryptocurrency opportunity is genuine is to check if it is registered. In the UK, a firm must be authorized and regulated by the FCA to do most financial services activities, so check to see if they are registered with the FCA by visiting the link and searching for them. Other countries have similar registries, and information about the company should be researched from various sources.
However, the FCA does warn that some cryptocurrencies are simply not regulated in the UK and therefore buying, selling or transferring these crypto assets falls outside its remit. The records of registered crypto companies kept by the SEC in the USA are particularly thin. Companies that sell regulated investments with an underlying crypto asset element may need to be authorized by a regulator like the FCA to do so, meaning a cursory search will help avoid unexpected surprises.
5 — Don’t believe it just because a familiar name is associated with it. Many cryptocurrency fraud campaigns use social media to promote themselves, and often use images of celebrities to better promote their offerings. In the UK, the likes of journalist and campaigner Martin Lewis and comedian Jim Davidson have been used to promote cryptocurrency offerings in their adverts and emails.
Those emails and adverts often link to websites which appear to be professional, with the firm behind the offering claiming to have a local address, but are often based in a country with more relaxed regulations.
The FCA warns that scam firms can manipulate software to distort prices and investment returns, and are known to suddenly close consumers’ online accounts and refuse to transfer the funds to them or ask for more money before the funds can be transferred.
6 — Ask for advice online. If you are not in a position to be able to ask someone in person for advice, there are plenty of options online to check if something is genuine or not. Use channels like Twitter, YouTube and Facebook to search for other people’s experiences on a certain cryptocurrency provider.
There are many Reddit communities where users share their experiences using Bitcoin, and it can be an excellent resource for beginners seeking useful advice on avoiding scams. Be wary, however, of anyone who reaches out in private messages; more often than not, they will have an ulterior motive.
If in doubt about anything, do not interact with the suspected scam. Which magazine offers key advice which really summarizes the issue: “If you don’t understand a cryptocurrency or an investment, avoid it. Do not hand over any money.” The problem is that cryptocurrency has a strong reputation as an easy way to make money, and too many people are being lured in by that premise and overlooking the warning signs. Be aware of the risks and potential pitfalls, and use the tips above to help you make the right decision.
Every social media platform lets you report posts for suspicious links or spam. If you identify a scam in the wild, try to report it so as to minimize its effect on other users. If everyone does this, the whole community benefits.
No need to leave feeling that all these people get away with this sort of fraud, however. The Twitter teen hackers were found guilty. And, in a case from two years ago Randall Crater was charged for his alleged participation in a scheme to defraud investors by marketing and selling fraudulent virtual currency. More recently, three men were arrested in December in connection with a cryptocurrency mining scheme that defrauded investors of $722 million. Responses to these crimes will likely become smarter and quicker as the industry grows.