The continuous growth of Bitcoin value over time has got a flip side. It has given rise to a whole new cybercrime economy revolving around various scams. Crafty threat actors zero in on unsuspecting victims in a bid to make them lose their Bitcoins in the long run. This article will shed light on today’ most common cryptocurrency-borne frauds so that you can tell the wheat from the chaff when performing Bitcoin-related transactions.
Rogue Bitcoin Exchanges
When you come across an ad on social media offering to let you purchase BTC for less than the market value, be advised this may well be a lure to make you visit a phony cryptocurrency exchange service. The first thing to check when you end up on any exchange site is whether it uses HTTPS protocol for a secure connection. If the URL starts with HTTPS, it means the communication between your browser and the service is encrypted and thus reliably secured. In case it’s HTTP, dealing with such an exchange is a slippery slope.
Another classic giveaway of counterfeit exchanges is the PayPal to Bitcoin conversion trick. These websites typically provide a web form where you are supposed to enter your PayPal email along with the amount you would like to sell. Then, a QR code will appear to verify the transaction. However, you never actually get your Bitcoin, instead, you get your PayPal account hacked.
Fake Bitcoin exchanges tend to come and go. They surface and vanish quickly, just to make a reappearance under the guise of a different domain name.
Phony Bitcoin Wallets
It’s somewhat harder to identify rogue Bitcoin wallets because the main function of wallets is to store Bitcoin rather than trade it. Therefore, these types of scams aren’t usually aimed at a direct financial gain. Instead, they most commonly try to dupe users into installing trojanized software bundled with a data-stealing component. This way, the perpetrators can pilfer sensitive information, such as your passwords.
To distinguish genuine Bitcoin wallets from fake ones, stay on the lookout for various dubious hallmarks. Similarly to the rogue Bitcoin exchanges scenario, be sure to check if the wallet site uses HTTPS or tries to pass itself off as a well-known, legit Bitcoin wallet. Consider asking people you know and trust whether they have used the service before.
In the event the Bitcoin wallet is an app you can download, it’s recommended to check it for malicious code first. Services like VirusTotal will come in handy as they allow you to scan any software binary for infections.
The objective of phishing, one of the most widespread scams out there, is to manipulate people into visiting a rogue site camouflaged as a reputable service. The swindlers will usually contact you via email or by means of a deceptive ad on the Internet. By going to their pseudo service you run the risk of catching viruses or losing your Bitcoin as a result of a bogus trade transaction.
The indicators of a phishing scam can be quite subtle. The fake email may actually come from a cryptocurrency exchange or wallet service you have used. The cybercrooks might have obtained your contact details through a large-scale data breach, such as the notorious Yahoo! hack.
The rule of thumb is to refrain from clicking on links embedded in an email. A phony hyperlink may appear real on the outside, but hovering over it will reveal a wrong URL. Another tip is to treat every email attachment with caution. Such malicious attachments also often bring ransomware that will encrypt your data and demand to pay the ransom.
Scammers may also leverage web adverts so that you visit a fake Bitcoin exchange or wallet when looking up things like “Buy Bitcoin” or “Blockchain” on a search engine. Booby-trapped ads will typically appear at the top of search results. To steer clear of this hype, type website URLs directly in the browser rather than opt for sponsored content.
Bitcoin Ponzi Scams
Some sites offer cryptocurrency deals that look too good to be true. According to their claims, you can supposedly get the bang for your Bitcoin very quickly, for instance, double it overnight or something like that. This is a classic Ponzi scam. Once you submit your Bitcoin to the crooks, chances are you won’t even get the original amount back, not to mention that there will be no revenue at all.
These sites tend to have referral programs where you can make some money through new customer leads. Therefore, a red flag to look out for is a referral link in URLs you may see on social media. An example of a referral link would be something like website.com/?ref=789.
Cloud Mining Scams
Cloud mining denotes a business model where people team up and invest their funds to rent Bitcoin mining hardware. Whereas this scheme per se is benign and completely legitimate, threat actors set up scams to lure interested parties and ultimately provide a lower return on investment than anticipated, or never carry through with their promises at all.
To stay away from cloud mining shenanigans when you are up to this activity, pay attention to some potential indicators of risk. Again, do not trust sites that aren’t HTTPS. Avoid services promoted via referral links on social networks. Make sure the resource is transparent in terms of what pool is used for cloud mining, who runs it and how much profit you will get. A reputable service will typically also provide a dashboard where you can monitor all your mining operations in real time.
Peer-to-peer Bitcoin Trading Risks
Bitcoin theft can even go beyond the online realm. As the regulation of cryptocurrency trading operations is gearing up for a rise in some parts of the world, people may run into difficulties purchasing and selling Bitcoin the regular way. These hurdles have caused the Bitcoin economy to partially migrate underground and offline, where traders literally meet in person to complete exchanges. The newborn dark market is full of perils, though.
Some of the recent heist incidents illustrate how dangerous peer-to-peer Bitcoin trading can get. In April 2017, a businessman from Delhi, India, got on robbers’ hook when trying to buy Bitcoin at a very appealing rate. He met with the purported traders at a mall. The impostors then abducted him and took $50,000 worth of local currency (Rupee) that he had prepped for the deal.
Another newsmaking heist took place in New York in May 2017. A 28-year-old man posted an ad on Craigslist offering to sell $1,100 worth of Bitcoin and got a response from a potential buyer. Having met the supposed buyer in Brooklyn as arranged, the victim agreed to get in a car to complete the exchange. The robber and his armed accomplice then held him at gunpoint and coerced him to submit the cryptocurrency to their wallet.
The takeaway from these ‘street cybercrime’ incidents is you should abstain from meeting strangers in person to trade Bitcoin, otherwise, you run the risk of being robbed the old school way.
What steps do you take to protect yourself from Bitcoin scams? Have you ever been the victim of a scam? Let us know in the comments below.
Images courtesy of AdobeStock, Shutterstock