How To: Protect Yourself From Crypto Scams

Protecting yourself from new-age cryptocurrency-based scams

Individuals wanting to make a quick buck has been around as long as money itself. The concept of acquiring money illicitly instead of earning legitimately is an ever-evolving game of cat and mouse between criminals and law enforcement.

Cryptocurrency is not immune to such actions and is being used to give would-be criminals and scammers a global reach for prospective targets via numerous types of media. While cryptocurrency and blockchain are from a technical standpoint, the worst technology to steal and move wealth, it still doesn’t stop people from trying. Cryptocurrency tokens built on public blockchains such as Bitcoin or Ethereum have publicly visible transactions that can be ultimately be traced to an individual or a bank account when they use a centralised exchange.

New technology such as Bitcoin and Ethereum are hot topics across social media, YouTube, email, text message and even automated voice calls. While everyone is interested to get into crypto, some new investors will often now know where to start and can sometimes be lured in by discounts, giveaways, or celebrity endorsements. With new-age tech, comes new age scammers, Here are the current Top 5 known scamming methods in the market in 2021: (Scamming 2021 Source Data).

Social Media Scams

Numerous posts about getting rich quick, investing in cloud mining solutions, depositing 1 ETH, and getting 2 in return. The social media spread of scams is far and wide across both personal posts and also group posts on Facebook and Twitter.
‍
Perhaps the most famous instance of this occurred in July 2020 when Twitter accounts belonging to famous individuals and companies were hacked. Some of the compromised accounts belonged to tech entrepreneurs Elon Musk and Bill Gates, investor Warren Buffett, boxer Floyd Mayweather, and companies such as Apple and Uber.

Hackers gained access to Twitter’s administrative console and posted tweets from these accounts, asking their followers to send money to a specified blockchain address. They promised that user funds would be doubled and sent back as a charitable gesture. According to reports, 320transactions occurred within minutes of the tweets being posted.

Social Engineering Scam

Aimed at creating a link between the hacker and the real person to gain insight into key identifying information. Usually, a hacker will pose as an agent or an affiliate to gain insight and create intrigue about an offer or a new token in the market. The target will follow a link to a website where they will enter details of a bitcoin wallet address, signup to a platform, or disclose login information into a fake platform where the hacker will now have a copy of the target’s key information.

Another popular social engineering method used by hackers is to send Bitcoin blackmail emails. In such emails, hackers claim to have a record of adult websites visited by the user and threaten to expose them unless they share private keys. The best way to stay safe from phishing scams is to avoid clicking on links in such emails or verify whether the email address belongs to the said company by calling them up or checking the email syntax.

For example, users should check whether the linked web address is encrypted (i.e., its URL begins with HTTPS). Visiting unsecured websites is a bad idea.

‍

ICO Scams and Defi Rug Pulls

New tokens come to market every day now. New ideas or complete copies of old ones surface on decentralized exchanges and Defi swap sites daily. The main objective is nothing more than to soak up the target's valuable bitcoin or Ethereum in exchange for a worthless token. Often, these schemes are pumped by paid groups to influence larger audiences of users to create a “fear of missing out” (FOMO) effect and artificially raise the token price very quickly. New investors to space will jump on the bandwagon and often see some short-term gains before having the “rug pulled” out from under them.

In this case, the “rug-pull” performed by the token creators can sometimes collect millions of dollars worth of Ethereum, Bitcoin, and other swapped tokens in a few short weeks leaving investors holding worthless tokens never to be traded again. If it looks too good to be true, or, the token serves no purpose other than being a meme, save your hard-earned money for something else.

The Top 5 rug-pull tokens 2021 so far:

• SafeMoon
  
• CumRocket
  
• ElonSperm
• ShibaCoin
• SushiSwap
  

However, there are ways to easily detect a crypto scam whether on social media or elsewhere in your digital life, here are some quick notes to ensure you stay safe online.

Is a social media post offer too good to be true?

Check the account age. Fake accounts can be easily created and are often only used for 1 day before starting again. If the account looks like a company account, check the URL at the top of the page and compare it to the brand’s website link for their official social media.

‍

Check a user or pages, follower count. If the account is relatively new, and the follower account is high, this is usually a tell-tale sign of a fake or suspicious account with purchased followers. Note these followers numbers: 14,000, 43,000 and 100,000.

Accounts with followers in this range have simply chosen the “maximum follower count” on purchase follower and social-bot websites.

No Humans, Anybody there?

Tokens, Offers, or Platforms that offer no form of human interaction or support other than “Telegram”. The lack of support or real interaction can only mean one thing, there’s nobody there to help. If you are referred to an open telegram channel, beware.

Open telegram channels are known pouching grounds for scammers to impersonate admins or simply farm to unknowing investors to target. Direct messages from people on social media with token offers, trading offers, trading signals, cloud mining, or trading account management.

Direct message scammers work in groups to look like a larger organization but work on commission for the crypto they help scam as a larger group. No direct message offer should ever be trusted and should be immediately blocked and reported to the social media platform you are on.

Fake celebrity endorsements

Celebrities are getting involved in cryptocurrency and blockchain recently, but which are real and which aren’t? There is numerous fake website promoting giveaways and fake recommendations for unknown tokens or Bitcoin itself.

Elon Musk is a favorite to use for crypto scams because of his love of the crypto space and constant tweeting. There are numerous reports of investors losing money to “Elon Musk Bitcoin Giveaways” without checking the website they read the article on or conducted any research.

HINT: No one, not even a celebrity or business, will double your Bitcoin or Ethereum investment with a one time deposit… ever. Read about the main who gave away £400k in Bitcoin.

New tokens promising too much

You will have seen new tokens or platforms emerge with impressive-looking branding, advertising, and will solve every single world problem… will usually be too good to be true. If you peel back the fancy marketing and read the whitepaper, you’ll read that the majority of tokens have already been distributed to early “investors” or the “team” which will be primed to dump these tokens soon after launch. Tokens promising everything, rarely deliver anything Often, advisors are fake LinkedIn profiles with only a handful of connections.

If your still unsure, ask yourself: HOW?

You will have seen new tokens or platforms emerge with impressive-looking branding, and advertising, and will solve every single world problem… will usually be too good to be true. If you peel back the fancy marketing and read the whitepaper, you’ll read that the majority of tokens have already been distributed to early “investors” or the “team” which will be primed to dump these tokens soon after launch. Tokens promise everything, rarely deliver anything Often, advisors are fake LinkedIn profiles with only a handful of connections.

• How does this token/platform/service make money?
  
• How are they changing the world?
  
• How can they possibly deliver with such a small team?
  

If you’re still unsure, ask a group of friends, research the company online, find a qualified group of existing crypto investors across social media or messages boards for their advice, and see what you can learn.

Don’t rush in, take time with your decision.

Tech Tips to stay safe online

This section can be used for all aspects of your online life. Whether you are internet banking, cryptocurrency investing and trading, or simply keeping your identity safe, here are a few tips to follow to make yourself an unattractive target.

Email addresses – 1 per activity

Email addresses are free, so why not take full advantage and split your risk when it comes to your online communications. Have 1 email address per activity to ensure a “gap” in your online life.

• 1x For work
  
• 1x for Social media / personal life
  
• 1x for crypto
  

Sites like "protonmail" are great for identity protection and destroying previous emails if compromised. Learn about Gmail “alias” addresses to use multiple email addresses in the same inbox.

2-Factor Authentication

2 Factor Authentication requires a 6-8 digit code from a separate mobile device to authenticate a logon to a website. 2FA should be used where ever available. The 2min hassle to set up 2FA authentication could save your entire online digital profile in the future. Never put a 2FA app on your PC, in case it’s compromised Use an older smartphone or 2nd device from your regular phone to avoid theft Never use SMS text’s for 2FA authentication.

Passwords – Unique, Never Repeat

Never use the same password in multiple places change the password to high usage sites every 60-90 days. Use a password manager such as LastPass to store and generate secure passwords Implement 2FA as above to secure password managers.

Don't use SMS - EVER

As mentioned, SMS texts are unsecure, as your SIM card could be swapped, cloned, or redirected by attackers. SMS authentication should be avoided at all costs.

Don't click unknown URLs

Links appear in our emails, texts, and social media every day and users have developed muscle memory for “click-first, ask questions later” in a desire to learn as much as possible, as fast as possible. URLs are sometimes shortened to hide their destination, avoid these unless from a trusted source.

Research and Due-Diligence

Research is key. Learn how to google known and unknown sources via social media, LinkedIn, Companies house, public tax records, or other official government sources. Often, you’ll find out everything you need to know by entering the “company name + scam” into google.

Our position on Security | coinpass.com

From our security perspective, coinpass would like to issue the following statement: Always remember: Coinpass Limited (coinpass.com) will never contact you asking for your username, password, or account balance.

We always perform security checks for any contact made to our clients and only contact clients on a request basis via support only. Similarly, we will never post about an “AIRDROP”, ”FREE BITCOIN” or “DOUBLE YOUR INVESTMENT” promotion through our social media pages or website. Always check the legitimacy of a page or post via our official channels.

• coinpass Blog
  
• Facebook
  
• Instagram
  
• LinkedIn
  
• Mailing Lis t and Newsletter
  
• Podcast
  
• Twitter
  
• YouTube
  

You can find direct links to our official social media pages at the bottom of our website. If you ever have a question, always get in touch with our support team to get the best answer straight from the source.