Still Effective Crypto Scamming Tactics

Picture of Vitalik Buterin, used for scamming

The cryptocurrency market is full of scammers because it’s relatively new, complicated technology backed by tons of hype. It’s easier to fool someone into giving you crypto than invest in your fake real estate — and unfortunately many have.

The reason stealing crypto is becoming such a hobby is that it is untraceable and unrevokable. As soon as you issue the payment — it is gone. We are going to have a look at scamming techniques — from simple to “brutal force”.

Hacking essentials

In essence, every hacking is based on psychology — you need to know the mindset of those you want to hack.Hackers don’t start by breaking down a wall — that is their last resort. They have to first test if there are any doors or windows left open. That is why knowing the mindset of the victims is so important — what have they neglected? If you have 10 strong passwords and one weak — that weak one can become the backdoor to compromise all the strong ones too. Thus, it is important to keep your guards up 360.

The simplest form

One — unfortunately — very efficient technique is abusing our laziness. We see the picture of celebrities or Telegram channel admins, but do we also see the small (actually, missing) badges too? We see goolge.com links and @VitailkButerin accounts and sometimes fail to pay attention that they contain typos, which are not there by mistake.  Just look at this link on Etherscan to see how new victims fall for scam every single minute, despite all warnings.

It is believed that these scammers make $5,000 every day.So rule #1: always verify who you are dealing with.

Spoofing and phishing

Phishing gets one level more sophisticated when you actually expect something. A “Change your password now” email seems much more relevant when you were trying to make changes to your account than when it lands unexpectedly. Or if the email comes from someone in your organization, you are much more likely to trust it (something that is unfortunately very easy to create with email spoofing). So rule #2 in the words of Mad-eye Moody: constant vigilance!

Scam ICOs

Another “popular” scam method is through fake ICOs. This one usually involves lot more effort — after all scammers have to fake a white paper, setup a fake website and come up with a fake blockchain idea that will change the world. This process also involves paying for ads or hiring people on fiverr — all to make it look authentic. There have also been reports of identity thefts to make the team behind the project look legitimate. One way to really verify the validity of the ICO is to make sure the project makes sense — if it does, chances are that the project could do much better actually executing, than just do a scam exit. This article sheds some light on what blockchain is good for, and what it isn’t. Also, check their whitepaper, their github repos and their background.

Hacking your computer to steal your keys

If your private keys fall in the wrong hands, you’re screwed. There is no “customer support” you can turn to, to get your account back. For this, the hackers would need to install a virus or a spyware on your computer. That’s why many people print their keys or use hardware wallets to make sure there is no “physical” trace of the keys on their computers.

Exploiting bugs in contracts

Infamous cases such as the DAO hack have crippled otherwise promising projects. Blockchain is still very young but also very complex. As with every new technology, there is still a long way to go before all the necessary tools and kits have been developed to aid developers in their quest to write robust code. This report and this report show how fragile even legitimate projects are, let alone fake honeypot projects designed to take your crypto away.

Brutal force!

If all of the above do not work, then there is still one danger left; pure brutal force! While this one is not hacking by nature, but it still relies on the features of crypto: untraceable and irreversible transactions. There have been news on people getting robbed using real violence, keeping the victims captive and forcing them to transfer their cryptos to the attackers address. One way to cope with these attacks is to keep your earnings obscured — use a new bitcoin address for all transactions and it would be very hard to link all of them back to you.

Closing Thoughts

Hacking is all about people. It always starts with simpler methods and builds up to more complex. We cannot rely solely on technology to solve these issues and warn us in advance. Remember; before being in your wallet, the hackers have already been in your head. Keep them out.

In case you liked my article, feel free to clap — it helps me get more exposure. Thanks!