Scams have always been an integral part of the crypto space since mid-2011 when the first significant breach in the crypto world occurred. In June, a Tokyo-based bitcoin exchange Mt. Gox got hacked, and the hackers got away with $8.75 million worth of Bitcoin. Back then, Mt. Gox was the biggest bitcoin exchange in the crypto arena, and the fact that it got so easily scammed seriously affected the cryptocurrency industry.
Since then, blockchain technology has seen a lot of significant improvements and achieved more scalable, secure, and yet transparent systems to enable its massive deployment.. However, the current data showcases that cryptocurrency is still heavily susceptible to scammers’ attacks.
2021 was an exceptionally profitable year for cybercriminals. According to the study by Chainalysis, thieves made off with $3.2 billion in cryptocurrency stolen from people and organizations, which is over six times the amount lost in 2020.
The cryptocurrency industry attracts a lot of excitement, making it a fertile ground for scammers. And while the whole blockchain industry aims to make crypto operations and networks safer, crypto scams get even more persuasive and elaborate. You'll have to work a lot harder when deciding on a project.
Considering the principles of how cryptocurrency operates, it's impossible to protect yourself fully from various crypto exchanges' hacks or any other form of mass-theft. However, you can be aware of them at least. In this article, we will discuss five of the most famous types of cryptocurrency scams and how to avoid them in the first place.
The Most Common Cryptocurrency Scams You Can Spot a Mile Off
Scam coins refer to various schemes associated with smart contract bugs. "Bugs" may not be the correct term, as it's scammers who write fake contracts to steal your money.
Let's discuss the most common ways hackers use to build tokens to fool innocent crypto investors:
- Traders can buy a token, but then they can’t sell it.
This scam is a honeypot scam, and it happens when the developers of the token disable the "approve" function in the smart contract. It basically means that decentralized exchanges can't access your approval to sell the token. Scammers can quickly write a few lines of code that will prevent the token from being sold to a DEX but only bought or supplied. At the same time, the price of a crypto asset is glowing, thereby attracting more buyers and investors. The honeypot creates a perfect situation for nefarious developers - a lot of money coming into the project, and none is going out - making it ideal for scammers to run away with all their money.
The developers of fake smart contracts create a function that blocks you from selling your coins. Generally, they use a HoneyPot type Script (blocking the resale of the Token to everyone except the developer (s)). $MNE (Minereum), SQUID (Squid Game), and Mini Basketball are three real examples of this type of crypto fraud. Minereum, by the way, is the first honeypot crypto scam ever.
- Losing 99% worth of the token when selling or buying it.
This scam refers to a situation when the creators of the cryptocurrency add a “rebase” function into the smart contract so that at the moment you try to sell or buy the token, and you'll lose 99% of it.
How does it work exactly? Scammers hide a 99% buy or sell fee in the token’s smart contract that wipes all your money. Let’s take a look at the MetaMoonMars smart contract code:
As we can see, there is a _transfer function - a typical smart contract function. But this function will deduct some "fee" from your "totalSUPERHEROE," which is the amount of token you own (blue colored line).
- Burning a % of tokens.
Another cryptocurrency scam involves burning a percentage of tokens. Token developers implement something that is called a burn feature. So, every time this token is traded, a portion of the trade is burned forever. For instance, if you were to send 100 tokens to someone, 10 tokens would be burned forever or at least sent to an account that nobody can access. The burn feature leads you to believe that there won't be many tokens out there someday, and if you buy now and hold long term, the value of your tokens should automatically increase.
Even though there are valid reasons for development teams to burn tokens, in recent months, many questionable cryptocurrencies that many people believe in have begun to utilize token burns maliciously. For young projects with a few holders and investors, a sharp decline in supply in its early stages is unlikely to force the price higher. In this way, the developers of such scam projects hide the fact that they own a massive share of the circulating supply.
Another popular type of scam tokens to avoid at all costs go by the name shitcoin. What is shitcoin, and where did the name come from?
Shitcoins are useless cryptocurrencies with no real value or purpose.
According to our subjective opinion, these are a bad investment choice since they have undefined functionality and are only valuable because they exist.
Dogecoin, one of the most popular shitcoins on the crypto market, has gained value and attracted investors’ attention because the wealthiest person on the planet, Elon Musk, tweeted about it.
Even though the price of shitcoins is more likely to fall than skyrocket, some of them can help you multiply an investment significantly.
Dogecoin is still considered the best shitcoin to buy in 2022.
Shiba Inu and SafeMoon are the next best shitcoins circulating today in crypto space.
If you insist on buying shitcoins, then please choose ones worth buying, at least like the most famous and most traded ones. But don’t be surprised if one day the shitcoin you invested into crashes and you will be left with nothing but regret.
Here is how it usually goes - shitcoins see a huge price increase at launch, but the chart becomes flat with no signs of life over time..
Let’s take a look at the SALT token for a better understanding.
The initial price of the coin after the launch was $8. Then hit an ATH of $16 within a month, giving investors a great ROI.
What happened next?
The team abandoned the project, resulting in a flat line chart. At the time of writing, the token traded at slightly more than $0.04.
There is one more form of a scam we wanted to mention - famous token imitation.
The hackers find a token about to be listed on the DEX and create a similar one, having another smart contract address, which is the main difference. The fake coin is then presented to the existing community and launched before the official token. This type of crypto fraud is often referred to as the Uniswap scam, as reports originated on the platform. Since the DEX has no listing regulations or requirements, anyone can list their ERC-20 token on the exchange.
According to Cointelegraph, 300 trading pairs out of 400 taking place on the Uniswap exchange are still not verified.
Taking into consideration this fact, is Uniswap safe? Uniswap is a legitimate and trustworthy platform only if used with caution. Since Uniswap is built on the Ethereum network it has the same level of security as the blockchain itself.
How to avoid Uniswap scam? If you want to be sure whether the token is fake or not, check out its official (actual) smart contract address on the official project website, CoinMarketCap or CoinGecko, because the address is the only genuinely valid unique identifier for a contract.
bitoftrade has an entirely different approach when it comes to users' security. Transparency and decentralization are two fundamental principles driving the trading platform. Each and every token available to trade is scrutinized so that neither we, as a DEX nor our dear users, fall into the hands of scammers.
Phishing attacks are not specific to cryptocurrency, but thanks to the nature of blockchain, it has become a perfect environment for such.
Crypto phishing is a scamming activity that refers to tricking victims into sharing sensitive information about their wallets to access their funds. Scammers are interested in your private key, the crucial pass to your online wallet. If you had read our article about MetaMask wallet, you would have known that the only person that should know your private key is you. MetaMask wallet phishing is prevalent because of the massive wallet's popularity.
Cryptocurrency phishing happens through social media channels, emails, messages, and popups on websites or apps.
Some scammers even create websites that are exact copies of real crypto projects with the same interface and information. However, two things are different in fake websites: domain and smart contract. Scammers change the smart contract code so that when you interact with it, they can get access to your wallet and steal all the funds there.
The most recent phishing attack occurred on May 14, 2022 - Etherscan, CoinGecko, and other sites displayed a suspicious popup asking users to connect their wallets. Users and partners reported the issue swiftly, mitigating it. But, since the popup appeared on trusted domains that people use every day, some may have given access to their wallets.
That's what the malicious pop-up looked like:
Image source: CoinGecko
Rug Pull or Pump and Dump Crypto
The crypto pump and dump is the quintessentially classic way to steal money from crypto investors. Also known as "rug pulls," these scams can be described as the process when the project developers drive up the value of the token and then quickly "dump" it to gain profit.
This type of cryptocurrency fraud is one of the various scams involving the developer of the token stealing money from its investors. Scammers will create fake accounts and projects to run coordinated disinformation campaigns, all to manipulate the cryptocurrency price.
Crypto pump and dump is something that we saw with the infamous crypto fraud - Squid Game. The developers thought that creating a fake project under the name of one of the hottest series of 2021 would bring them a lot of attention and would let them capitalize on the hype - the scheme turned out pretty well.. only for them. The investors lost $3.38 million in funds due to the scam.
There were not just one or two strange things about the Crypto Squid Game project - it is no exaggeration to say the whole project seemed like a big red flag! But somehow, in the manic hype, the scam got through.
The first suspicious thing that must have alerted crypto enthusiasts was the inability to sell purchased tokens.
The second equally important point was the creators’ claiming they were using the Tornado Cash protocol to hide every transaction.
The last detail we wanted to point out was that, according to the project's
developersscammers, SQUID tokens could be easily traded on PancakeSwap, a decentralized cryptocurrency exchange, where buyers and sellers are connected directly with no centralized authority.
You know how this project managed to lure not only newbies but also experienced crypto traders? Despite hyping the token, its creators pulled out a fake team that consisted of 10 bios with computer generated pictures of people. This move created a false sense of security for users who were already encouraged to invest by the ongoing development of a play-to-earn token feature, where you can use, trade, buy, and even sell SQUID from the anonymous related game developer was working on.
But people closed their eyes to these "little" details. As a result, the project has been nothing more than a rug pull from start to finish. With colossal popularity, though. Squid Game is literally a manual on what a scam project looks like and what consequences it brings.
“How to buy squid game token” is still trending despite everything that happened to the project's investors. As for now, SQUID tokens are traded at $0.0117, according to CoinMarketCap. It is hard to believe that it was once equal to today's Ethereum price. The story is crazy.
So, are rug pulls illegal? Well, there are still a lot of uncertainties going around this issue. While some rug pulls are totally unlawful, some are just considered unethical.
ICO is an acronym for initial coin offering, and it is a form of crowdfunding using cryptocurrencies that takes place on the Internet, outside of traditional financing channels. ICOs are considered very risky investments - being totally and completely unregulated, they present enormous opportunities for scammers.
The years 2017 - 2018 are known as the ICO age, where many companies used the ICO as a fundraising mechanism. The aftermath was devastating to the crypto world.
Besides the classic "exit scam" or "gather investors' funds - dump the project - run away with money" scheme, scammers also tap into the FOMO and people's desire to get a token allocation. Since the number of users willing to receive a share of it is significantly greater than the number of tokens available for distribution in the pre-listing phase, the chances that you will be given the tokens are not high. Hackers are aware of it, and here is what they do. The scammers target official ICO/IDO communities and send direct messages to their members. They impersonate admins of the actual channels or create bots to DM you this: "Hey, you've won an allocation - transfer the money to this wallet to pay for the tokens." Because of the excitement, you will probably do it. Once you transfer your funds to someone's wallet, consider them lost.
Before actually investing, check out the terms of participating in an IDO/ICO on the official platforms the projects’ crowdfundings take place on. The opportunity to multiply your investments through initial coin offerings sounds tempting, and everyone wants to join the project at its lowest value. Unfortunately, for that reason, ICOs have become a perfect way for scammers to raise money.
According to machine learning analysis in October 2021, 47% of 305 completed ICOs that took place from January 2016 to March 2018 turned out to be scams. And by ICO scams, we mean projects with no recent activity on community channels and delisting from some platforms.
ICOs are one of the most provocative developments in today's disruptive financial world. So before investing in one, always do your due diligence, double-check everything you see online, and back up your research using some free tools like ICObench - a platform that rates ICOs based on 20 different criteria.
Crypto Ponzi Scheme
There is no way we miss the classic “pyramid” scheme. The Ponzi scheme is an illegal activity where participants attempt to make money solely by recruiting new ones.
In the crypto space, Ponzi schemes take a slightly different approach. The scammers promise victims high staking and yield farming rates for some specific tokens they sell and point out that rewards will be higher with the growth of token holders. Various crypto Ponzi schemes have largely exploited DeFi technology.
When the token price gets high enough, the fraudsters sell tokens for Bitcoin, Ethereum, Ripple, or any other valuable token and make a profit.
The most infamous and biggest cryptocurrency Ponzi scheme was OneCoin, a project that Ruja Ignatova launched in 2014. In 2 years of its existence, the fraud pulled in $4 billion.
How to Prevent Being Caught in a Scam Crypto
The chances of recovering from a crypto scam are the biggest challenge for those who were scammed are two facts:
Crypto transactions are irreversible.
Crypto funds are untraceable unless the transactions go through a CEX.
That's why it is better to take preventative measures.Here is our “to do” list to avoid falling victim to crypto frauds:
1. Always click on the correct links on trusted websites
The recent crypto phishing attack proved that even trusted sources with a high domain authority could be hacked. Yet still, we recommend you not to click on links that seem suspicious. If you suspect something is off, check the community channels for any information from the official counterparty or just regular users.
2. Look precisely at the whitepaper and tokenomics
The whitepaper is a core document that backs up the project. It should outline the project's aims, strategy, issues, and roadmap. Cryptocurrencies without a whitepaper or, worse, crypto projects that replace a whitepaper with a sales pitch should get skipped.
3. Pay attention to a website’s URL and usernames
These are two details we do not usually notice. Make sure you visit official websites and social media accounts - we recommend bookmarking those just in case.
4. Check out the team behind the project
The developers and administrative team are vital parts of a successful crypto project. Thoroughly research each team member individually, and check their experience and social media accounts.
5. Keep your private keys to yourself and never share them with anyone
Your seed phrase or private key gives you exclusive access to your funds. If you ever share your seed phrase with anyone, you can consider your funds lost.
6. Don’t make investment decisions based only on someone's advice
Whether your friend asked you to or some influencer promoted the projects, always do your own research.
7. Look deeper into the smart contract code
If you can’t perform a simple analysis of tokens’ code, you can either ask someone who knows how to do it or use a dedicated tool. For example, Rug Doctor has a specialized website that reviews the smart contract code and identifies standard rug pull techniques.
8. Check token’s liquidity, market cap, community size and engagement level, along with other important metrics
Compare these metrics with other ones from projects that are similar. Always be careful investing in crypto with low liquidity or low market cap because a whale can easily manipulate it. A whale is anyone who owns a significant share of tokens. They have the power to crush the market any second they want by selling off all their holdings.
Red Flags of a Potential Crypto Scam Project
Similar layout Some platforms take months to launch, so there is no way to build them in minutes.
Low liquidity A token's liquidity is a powerful metric indicating how likely the cryptocurrency is a scam.
Poor or no whitepaper. Good projects have a solid whitepaper designed to lure people into investing their money.
Copy pasted code If the token has less than 80% uniqueness - it's probably a rug pull. You can utilize the tokensniffer website to see how similar a token is to other projects using a scale from 0% to 100%.
Whales wallets Use a blockchain explorer to see top token holders. If one wallet or even the top ten wallets hold 20% of all tokens, you can be rug pulled. The thing is that people can easily crash the project's price by selling the tokens at any moment they want.
Crypto that can’t be traded or sold.
Guaranteed returns Every financial investment is a risk, and no one can guarantee profits. Therefore, such promises indeed indicate a scam.
“Black holes” in the roadmap If the projects lack a clear roadmap, the developers aim to make gains shortly and do not plan to operate in the long-term perspective.
Crypto scams are something you don't think can happen to you. But unfortunately, even experienced crypto traders get hooked.
The first lesson you should learn is to always be on your guard when you are online - stay skeptical of suspicious links you click on and any out of the ordinary messages you receive.
With all the buzz surrounding the crypto industry, it gets way more challenging to distinguish scam projects from real projects as one becomes more insidious than the next.
If you bear in mind all the recommendations we pointed out in this article, you can be pretty confident in making your investment decisions.
To survive in this overwhelming world, you'll have to find a platform you can trust and stick with it. There is no better place for this than a solid, reputable DEX. Of course, we can’t speak for every exchange existing, but we believe that the future is DeFi.
Unlike other decentralized exchanges, bitoftrade doesn’t allow any token to be listed on the platform. The team makes sure to work with legitimate projects to prevent their users from being scammed.
Revolutionize your trading with bitoftrade - buy, sell and trade cryptocurrency safely and anonymously.