back

Bitcoin scam – how to distinguish it from real business?

5.1.2019
bitcoin scam

Bitcoin scam remains a very serious threat to both finances of cryptocurrency users and to dynamics of development of this future-grounding technology. How to stay safe? Let’s find out.

I will not spare you the bitter truth: the great majority of successful scams is a result of user’s negligence, naivety and laziness. Perhaps swallowing the bitterness of the medicine will save you from tasting poisonous flavours of being a scam victim.

What are bitcoin scam red alerts?

 

1. Phishing

Phishing becomes number 1 method used by hackers. Be suspicious – double check e-mails supposedly from an ICO / cryptocurrency wallet / financial institution. Verify URLs. Don’t click strange or unexpected links. If not sure, always assume it is a scam. Never send sensitive data.

Phishing is so popular among cybercriminals, because great profits can be gained in short period of time and with relatively low effort, e.g. on 01/31/2018 an attack was launched on BEE and within only one day 1,000,000 USD was stolen, making it one-third of total amount of tokens sold by BEE. How? Take a look at the picture below. You can easily imagine, how devastating that must be to the entity’s reputation.

When you get an e-mail with a link, double check URL SSL certificates. Wallets, exchanges and ICOs should have their own certificates – you can check it by clicking a padlock icon in URL bar. There are three kinds of certificates: DV (Domain Validation – a basic one, only domain gets validated), OV (Organization Validation – more advanced validation, company details are checked along with a domain) and EV (Extended Validation, also called full validation – marked by visible company name and green colour in URL bar).

source: https://www.cyren.com/blog/articles/cryptocurrency-phishing-attack-nets-over-1-million-in-a-few-hours

 

2. Fraud

There are very strong indicators you should run: anonymous (or like anonymous) people behind the project, copied whitepaper, no answers to difficult questions, to good to be true promises, no roadmap, here and now, only today! opportunities and hastiness in execution.

In the biggest scam in history 660,000,000 USD was stolen*. Pincoin has promised to investors 40% ROI monthly in MLM model and people actually believed it. Even if you are not going to engage in an ICO investment, remember, that same rules apply to all cryptocurrency world (if not the whole world in general). You may also check Giza and Mining Max, the latter being typical fraudulent ICO, with 250,000,000 USD raised and only 70,000,000 USD used for the operation, with the rest of funds vanished.

Do not get frivolous, counting imaginary profits. Good scams are designed to make your excitement cloud your judgement. Don’t do wishful thinking, do your homework instead – doubt and verify. Do not give an ICO benefit of the doubt. Sometimes you’ll make false positive error and miss a chance you’ve identified as a scam. Deal with it. That’s the price for protection from false negative errors and giving away your money to thieves.

* – https://techcrunch.com/2018/04/13/exit-scammers-run-off-with-660-million-in-ico-earnings/

 

3. Malware

If a stranger says the sweetie he gives you taste wonderful and you’ll feel amazing after taking it – do not, unless you are hungry for disaster! Some malware can potentially be most devastating for you – all your money in all your bank accounts is in stake, your privacy, all high confidence data you have on your computer. Malware is a high level category name and it includes, among others: viruses, backdoors, trojans, spyware, ransomware. One characteristics they have in common is that they require user’s action – they do not install by themselves. So malware author’s objective is to trick you into ignoring common sense and safety rules and install it. Use Sandbox / HIPS.

What should you do? Install good antivirus (e.g. Bitdefender, Norton or McAfee) and update its database regularly. Never open files from an unknown source. Never open suspiciously looking e-mails. Use firewall. Update your software. Use HTTPS at all times.

 

4. Fake wallets & exchanges

There is a lot of them. Always check for wallet’s or exchange’s name in search engine, adding “scam” or “fake” word. Without taking precautions you may end up funding a thief. How does this bitcoin scam work? You send your BTCs to a wallet or exchange and never see them again. Sometimes your funds disappear after sometime. As the rule of thumb: more anonymity, more risk. Therefore, check wallets, exchange ratings and always remember to double-check the URL you’re using (see the first paragraph of this article!).

 

5. Pyramides & Ponzi schemes

This one is relatively easy to recognise. If active acquisition of new investors by currents investors is a core growth idea, it’s a scam. Also, you could expect unbelievable promises of astronomic profits. For extraordinary claims demand extraordinary proofs. More bold the statements, more likely it is scam. Do the math. Are numbers possible and likely? Or miracle-based?

For example, Plexcoin promised 1300% of ROI and raised 15,000,000 USD**. Investors were very fortunate – SEC has frozen the funds. However, it happens rarely. The founder was jailed. Another famous one is Bitconnect – just seeing their promotional video should make you very cautious:

https://www.youtube.com/watch?v=21kGmCsJ5ZM

** – https://motherboard.vice.com/en_us/article/qvzkx7/plexcoin-scam-founder-sentenced-to-jail-and-fined-10k

 

6. Hacks

Very little you can do about those. Mostly it’s exchanges / big systems that get under attack, not you individually. The least you can do is verify exchanges credibility by asking, if they had their code audited by professional auditors.

The most famous attack of that sort was hacking into Coincheck’s mainframe. Shocking 530,000,000 USD stolen***.

*** – https://asia.nikkei.com/Spotlight/Bitcoin-evolution/Japan-s-Coincheck-to-gain-license-after-500m-hack

 

7. Exit scam

The distinguishing feature of this scam is that for some time service is delivered and at some moments a founder disappears with user’s funds.

Biggest exit scam was conducted by BitConnect****, also a Ponzi scheme. Another – LoopX, with founder running with 4,500,000 USD of raised money*****. After completing the ICOs fifth round, Facebook, Twitter, YouTube and Telegram accounts of LoopX, as well as the website, were cleared and disappeared from the Internet.

**** – https://thenextweb.com/hardfork/2018/01/17/bitconnect-bitcoin-scam-cryptocurrency

***** – https://www.zdnet.com/article/loopx-pulls-exit-scam-walks-away-with-4-5m-in-investor-funds