Crypto scams: what, why and how?

Let’s start with two basic questions: How different is a crypto scam compared to other financial scams? And how prevalent are they?Essentially, crypto scams work similar as any other financial scam with the difference that malicious actors aim to get a hold of cryptocurrencies and crypto-based assets rather than fiat money. The crypto ecosystem has been shaken up by various large crypto scams, including the OneCoin scam (a fraudulent cryptocurrency marketed and sold to millions of victims) that amounted to USD 25 billion in losses for the victims and the Bitclub Network scam (a Ponzi scheme) draining victims of USD 722 million. On top of these large scams, there are endless smaller ones being executed on a daily basis. Indeed, looking closer at crypto scam scale and frequency, the United States’ Federal Trade Commission (FTC) states that from January 2021 — June 2022 more than 46’000 people reported being a victim of a crypto scam, with a total loss of over USD 1 billion in crypto tokens and crypto-based assets. Having said that, victims vastly underreport incidents to concerned authorities, and hence, the collected data most probably only represents the tip of the iceberg. In fact, a recent study Cybercrime on the Ethereum Blockchain concludes that Ethereum addresses associated with scams received almost 16 times the amount of funds of what was reported by the FTC. Ergo, one can say that while crypto scams are widely prevalent in the ecosystem, their frequency and scale is not fully known.

What & Why — the fundamentals of crypto scams

Generally speaking, the goal of crypto scams is to manipulate victims to

• transfer funds, including cryptocurrencies and other crypto-based assets, such as NFTs to the scammers and/or
• reveal personal data, security codes and/or authentication credentials that can be used by the scammers to get access to funds, for example, by accessing the victims’ crypto wallet.

There are various reasons why the crypto ecosystem is ripe for scams. First of all, many investors and holders of cryptocurrencies and crypto-based assets tend to have limited knowledge about how crypto actually works and how to protect crypto funds and assets — which makes them easy targets. Furthermore, the decentralised nature of the crypto ecosystem allows scammers to potentially circumvent central authorities that may flag suspicious crypto transactions and crypto’s (pseudo-)anonymity makes it difficult to establish the identities of the scammers by, for example, law enforcement agencies, both making it attractive for such illicit activities.

How — examples of crypto scams

Scammers use a wide range of “creative” strategies to manipulate the victim(s), with many involving some type of impersonation and carefully crafted lies that are often tailored towards the targeted victim(s). Let’s have a look at some examples, out of the many scam schemes that are used by criminals:

Ponzi scheme: In this scam scheme, promoters convince people to invest funds by promising high returns. Such “returns” are then paid out in an initial stage to create the impression that this is indeed a legitimate venture and investment opportunity, ultimately convincing people to invest more and get new investors on board. However, “old” investors’ returns get simply paid with “new” investors’ “investments”, and not with profits accrued from the alleged investment activity. Once the inflow of such new investments dries up, the fraudulent scheme unravels. A well-known case is the so-called BitConnect cryptocurrency “investment platform”, which was in fact a USD 2.4 billion Ponzi scheme — BitConnect paid early investors using money received from later investors — that eventually defrauded at least 4’500 people from 95 countries.

Pump and dump scam: Here, in a first step, a particular crypto token or crypto-based asset gets hyped up through marketing, especially through social media. Lead by fear of missing out, traders and investors start buying that token or asset, which drives up — or rather inflates — its price. In a second step and once the price has been successfully inflated, the scammers sell their (large) holdings of that token or asset at that high price. This generally leads to the asset’s value sharply declining, subsequently causing losses for other holders. An example here is the Squid Game token: The token’s price soared 14’300’000% in a single week and then dropped to zero within seconds, when the Squid Game developers sold all their tokens — and walked away with USD 12 million.

Initial Coin Offering (ICO) rug pull scam: Similar to a pump and dump scam, in a ICO rug pull scam, an ICO is hyped through marketing, leading to high investments. Once a certain amount of investment has been collected, the scammers cash out and disappear.

Giveaway scam: In this scam scheme, scammers promise as a “once-in-a-lifetime opportunity” to match or even multiply cryptocurrencies that are sent to them. This scam often happens through clever messaging from a valid social media account, which creates a sense of legitimacy. Once the victim has transferred funds, the scammer ends all contact and disappears. Examples of this scam can, for example, be seen on X (formerly Twitter), as various malicious actors misuse the platform to try to deceive victims into believing that a cryptocurrency exchange or celebrity is hosting a giveaway. In fact, in a recent research project by the San Diego State University in California an artificial intelligence system was developed to identify, track and expose cryptocurrency giveaway scams on X — it has already discovered 95’111 scam lists within a year (June 2022 — June 2023).

Romance scam: Here, scammers use, for instance, dating websites to get into (long-distance) relationships with victims. Once trust has been established, the scammer proposes “lucrative” crypto opportunities and asks the victim to either transfer coins or send account authentication credentials.

The proceeds of these crypto scams typically get laundered trough on-chain channels to disguise their origins. Also here, the decentralised nature of cryptocurrencies, the possibility to overcome geographical constraints through cross-border crypto payments as well as the (pseudo-)anonymity of the cryptocurrency and crypto-based asset owners, make it attractive to launder the proceeds on-chain. For more about that, have a look at our previous article about measures to detect and prevent money laundering involving digital assets.

Also, if you are interested in other crypto crime schemes, check out our articles about crypto hacks & exploits as well as ransomware attacks.