Ever since man began living in the community, individuals have invented ways to get without effort and work what someone has earned with great difficulty. Nothing has changed to this day. With the advent of the Internet and later cryptocurrency, it has conditioned fraudsters to adapt to new ways of fraud.
Since it is impossible to make scams go away, we must learn how not to be scammed.
I will try to list these and explain all the ways that fraudsters use today to get your crypto money.
Scams known as Ponzi schemes
This type of fraud was named after Charles Ponzi almost 100 years ago. Although he did not invent it, he definitely made it one of the most popular types of scams.
Its structure is very simple - part of the money of new investors is paid to the old ones while the new ones wait. Everything works until it reaches a critical point when it is no longer possible to find enough new investors to pay off all the old ones. Then the founders and people at the top disappear without a trace.
Old investors are encouraged to invite new investors by getting a certain percentage from their investments. In that way, different levels of investors are formed. The closer the investor is to the top, the more he will potentially earn, but potential earnings can never justify a certain loss of funds when the size of the scheme becomes critical.
Since Ponzi's scheme is divided by levels, we can see that its shape is pyramidal, which is exactly the reason why these types of scams are also called pyramidal schemes.
Ponzi's scheme never makes a profit, but only the illusion of a profit. This illusion is supported by the redistribution of funds from the bottom to the top. This means that this scheme may initially pay out earnings in order to create a false impression of sustainability for new investors and lead them to invest even more funds in fraud.
In order for the Ponzi scheme to justify its existence, it is often disguised in some other business so that the pyramid is not obvious. Note that a large number of pyramid schemes use the term multi-level marketing because pyramid schemes are illegal in the vast majority of countries. Lyconet has been declared a pyramid scheme in Norway, Poland, Italy and many other countries. We leave it to the reader to assess whether it is a fraud or not. Due to the lack of applicable regulations, Ponzi schemes are much easier to perform in the world of cryptocurrencies, especially due to the current influx of a large number of new people who want to deal with cryptocurrencies. They usually hide behind the screen of the
cloud mining companies
What are the "red flags" when it comes to this type of fraud? The first and most obvious red flag is the word "guarantee". We are witnesses that nothing in the world is guaranteed, so in case someone offers you any kind of secure income, you can be sure that it is a scam. Another typical phrase is "no risk", there is a risk. It is present in every aspect of our lives, let alone on the internet. Another sign that this is a Ponzi scheme is the way in which new members are invited to join the project. If you are offered a large percentage for each person you invite and you are promised that you will earn well if you invite enough members it is a Ponzi scheme.
The third sign is the mention of levels in referral programs. A good number of legitimate businesses rely on a referral system to attract more customers, but no business will be concentrated around referral programs, nor will they offer you different levels depending on how many people you call or how much you pay.
The fourth red flag is the mention of Multi-Level Marketing, or any variation on the theme. It is just a synonym for a pyramid scheme with the help of which it tries to justify the existence of a level or level when calling users.
You don't have to notice all these signs to know that this is a scam, just one is enough. Keep in mind that pyramid schemes will always try to be as complex as possible so that it would not be obvious that it is a scam.
Crypto giveaway scam Unlike the previous type of scam, this one is much simpler and easier to perform. While the previous one would require a team of people, this scam can also be reported by an individual. It is a scam that "offers" you to double or triple your funds by sending your coins to a specific address and they will return more. The reason for this amazing opportunity is said to be a giveaway. The reasons for a giveaway can be various. The latest version of this scam states that the reason for the giveaway, that is, the gift of coins, is that this person wants to help his companions due to the global Covid-19 pandemic. All of this was mostly published from the fake profile of some celebrity, crypto project or billionaire to make the scam more convincing. It happened that hackers managed to access the real profiles of celebrities and to place this type of fraud from them. That's how we got the giveaway crypto fraud advertised by Joe Biden, the newly elected president of the United States.
In addition to Joe, there are some other celebrities such as Tesla CEO Ilona Mask, rapper Kanye West and Kim Kardashian.
Fraudsters also tailor their ads to a local target group so that many local celebrities can be seen in them. This type of fraud is very widespread due to the ease of its occurrence, and the fact that they still exist is proof that they are more than successful. All it takes is for the scammer to create a fake profile of a famous person and start posting the scam. Vitalik Buterin, the founder of Ethereum, the second largest cryptocurrency in the world, had to change his official Twitter profile to "Vitalik Non-giver of Ether" to create fake profiles with his character.
You can find this type of scam mostly on Twitter, but it has also started to appear on You tube in the form of a live broadcast of an interview with a celebrity. Some of these broadcasts use You tube’s advertising system, so it’s possible to see some of them as an ad before starting the video you want to watch.
The goal of any phishing scam is to extract sensitive information from you. This information is most often passwords, private keys, PINs, seed words and all other information relevant to your login to a service such as electronic banking, web wallet or stock exchange.
This type can be simple, but also very sophisticated depending on the skill of the fraudster. There are several ways a scammer might try to get to your essential information.
In the case of cryptocurrencies, the sites of popular exchange offices and web wallets are imitated. They use similar web addresses as the original site and look like an identical copy of the real site in every way. A moment of inattention is enough to enter your login information on the fake site of the service that you use regularly, so always check the address bar of your browser before entering the code of your account. Scammers try to make the addresses of fake sites as similar as possible to the original ones. Most often, sites with a changed top-level domain or extension appear. Instead of .com at the end of the site you can see .io, .net .xyz and many other extensions. You can also see another www added after the one already printed www.
If all domains are already occupied, fraudsters will subtly change the name of the site in the hope that you will not notice it.
Links to these sites can reach you in a variety of ways. One of the variants is that you receive a notification to your email address to set something up on your account with a link to a malicious site. The email must also be fake and will be similar to the company's official email. That is why it is important to compare the email address from which you received the email with the company's email on the official website, which you can manually type in the address bar. You may see a fake site as the first to be offered when you do a Google search for a service. This is because Google uses the first few places as advertising space and anyone who wants can set up the desired site if they pay enough. This is used by fraudsters to put their fake site ahead of the real thing. You can identify these results by the fact that it is written in small letters "ad", emphasizing that it is an advertisement.
image source : BleepingComputer
It is a good practice that even if you get a real site as an advertisement, always click on the one that is not advertised. This reduces the risk of accidentally entering a fake site at some point. Another good way to check if a site is real is to check it with a service called Wayback Machine. On this service you can see all previous versions of a site. In case there is only one version of the site that has recently been created, it can be a sign that it is a fake site or some kind of scam. On the other hand, it is a good sign if you can see that a service has been working for many years.
Wallet phishing scams
In the case of software wallets, there are apps that look like your wallet, but in fact only forward your private key or seed words directly to hackers. You can find these malicious applications on all variations of the official sites of a wallet. Fake sites are complete copies of the originals, they even contain fake comments and ratings. Like fake login pages, these sites often use Google ads to appear as the first result of your search. When downloading the software wallet, make sure the site address contains suspicious characters and is nicely written. Also, download updates to your wallet exclusively through your wallet or from your wallet's official website.
Some scammers will try different ways to get in touch with you. From email, via Twitter, Facebook, Instagram, Telegram and WhatsApp and Youtube comments. If you have anything related to cryptocurrencies posted on your social media profile, there is a chance that you have already been contacted by so-called fund managers with an offer for some kind of cooperation. These profiles send earnings offers, and all you need to do is share your login information, seed words and private key with them. As soon as you do that, your funds will disappear and your profile will block you. Do not correspond with them. As soon as you see what the profile is about, log in and block. It is important that you report your profile so that the social network can react and remove the profile as soon as possible.
If you were involved in crypto 2017, you must have noticed a large number of ICO projects. Many of these projects were scams, and the projects would disappear as soon as a certain amount of money was collected. The nature of cryptocurrencies makes the return of funds almost impossible, and finding the culprit even more difficult. Some of the ICO scams managed to steal more than a few million dollars. In the last few months, we have had a new variation of this scam. These were DeFi projects that promised huge and unsustainable interest rates. If enough funds were raised for a smart contract, the funds would disappear along with the entire project. The best way to avoid investing in a bad project is to research it as well as possible. Make sure the team behind the project is made public. See if there are profiles with the same names on LinkedIn and other business platforms. Investigate if the same team already had a project and what is happening with that project now.
Don't trust online ads Anyone can rent advertising space online.
Sites that offer advertising space try to filter the content that is displayed on their pages, but there are omissions. The fact that a project has managed to be advertised on a well-known crypto portal does not mean that it is not a potential fraud. A site that offers advertising to such projects is not responsible for their actions. So take every ad with a grain of salt. One option is to simply install an adblocker on your browser if you don’t already have one. This way you will solve the problem of advertising potential scams, and at the same time you will avoid advertising fake phishing sites during searches.
A few more tips Use 2FA (two-factor authentication) on all accounts and on all services that support it. This is an important thing because it additionally protects you in case your code for a service becomes compromised. Avoid SMS authentication, if possible, due to the possibility of SIM swap attacks. With this attack, hackers can gain access to your phone number as well as incoming messages that are used to log in to a service. Among the applications for 2FA, Google Authenticator and Authy are popular. If for some reason you want to use another 2FA application, make sure it is safe by checking the ratings and comments on the Play Store or AppStore. 2FA means that you will have one more step when logging in to your favorite services, which can sometimes be irritating, but if you care about the security of your accounts, 2FA is absolutely necessary.