ℹ️ Skipped - page is already crawled
| Filter | Status | Condition | Details |
|---|---|---|---|
| HTTP status | PASS | download_http_code = 200 | HTTP 200 |
| Age cutoff | PASS | download_stamp > now() - 6 MONTH | 0.1 months ago |
| History drop | PASS | isNull(history_drop_reason) | No drop reason |
| Spam/ban | PASS | fh_dont_index != 1 AND ml_spam_score = 0 | ml_spam_score=0 |
| Canonical | PASS | meta_canonical IS NULL OR = '' OR = src_unparsed | Not set |
| Property | Value |
|---|---|
| URL | https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams |
| Last Crawled | 2026-04-12 11:21:52 (2 days ago) |
| First Indexed | 2022-06-13 15:48:08 (3 years ago) |
| HTTP Status Code | 200 |
| Meta Title | Cryptocurrency scams: Common types and prevention |
| Meta Description | Cryptocurrency and bitcoin scams are growing each year. Learn about the latest cryptocurrency scams to keep investments safe. |
| Meta Canonical | null |
| Boilerpipe Text | Where money is concerned, scams always follow. And the same is true with cryptocurrency.
In 2024,
cryptocurrency and bitcoin hit an all-time high
. This will most likely create an urgency to invest in cryptocurrencies to make money along with a rise in scammers trying to take advantage of this craze. There was already a large increase in scams in 2023, and the FBI's Internet Crime Complaint Center
estimates
 losses were more than $5.6 billion -- about half of all reported fraud losses. The total losses in 2023 increased 45% over 2022, and with prices soaring in 2024, scammers are finding new ways to take advantage of people looking to make money.
Digital currency is a form of currency stored in a digital wallet, and the owner can turn currency into cash by transferring it to a bank account. Cryptocurrency, such as bitcoin, is
different from digital currency
. It uses blockchain for verification and no central authority such as a bank, so it is harder to recover from theft.
Even though cryptocurrency is a newer trend, thieves are using old methods to steal. Here are some of the common cryptocurrency scams to watch.
1. Bitcoin investment schemes
The FBI stated investment schemes are the most reported type of fraud. In bitcoin investment schemes, scammers contact investors claiming to be seasoned "investment managers." As part of the scheme, the so-called investment managers claim to have made millions investing in cryptocurrency and promise their victims that they will make money with investments.
To get started, the scammers request an upfront fee. Then, instead of making money, the thieves simply steal the upfront fees. The scammers might also request personal identification information, claiming it's to transfer or deposit funds, and thus gain access to a person's cryptocurrency.
Another type of investment scam involves using fake celebrity endorsements. Scammers take real photos and impose them on fake accounts, ads or articles to make it appear as though the celebrity is promoting a large financial gain from the investment. The sources for these claims appear to be legitimate, using reputable company names such as ABC or CBS with a professional-looking website and logos. However, the endorsement is fake.
2. Rug pull scams
Rug pull scams involve investment scammers "pumping up" a new project, non-fungible token (
NFT
) or coin to get funding. After the scammers get the money, they disappear with it. The coding for these investments prevents people from selling the bitcoin after purchase, so investors are left with a valueless investment.
A common type of rug pull scam is a fake initial coin offering (ICO), where scammers promote a non-existent project or coin. A popular version of this ICO scam was the Squid coin scam, named after the popular Netflix series
Squid Game
. Investors had to play to earn cryptocurrency: People would buy tokens for online games and earn more later to exchange for other cryptocurrencies. The price of the Squid token went from being worth 1 cent to about $90 per token.
Eventually, trading stopped and the money disappeared. The token value then reached zero as people attempted but failed to sell their tokens. The
scammers made about $3 million
from these investors.
Rug pull scams are also common for NFTs, which are one-of-a-kind digital assets.
3. Romance scams
Dating apps are no stranger to crypto scams. These scams involve relationships -- typically long-distance and strictly online -- where one party takes time to gain the other party's trust. Over time, one party starts to convince the other to buy or give money in some form of cryptocurrency.
After getting the money, the dating scammer disappears. These scams are also referred to as "pig butchering scams."
Romance scams cost consumers $1.179 billion in 2023, according to the
FTC
.
4. Phishing scams
Phishing
scams have been around for some time but are still popular. Scammers send emails with malicious links to a fake website to gather personal details, such as
cryptocurrency wallet
key information.
Unlike passwords, users only get one unique private key to digital wallets. But if a private key is stolen, it is troublesome to change this key. Each key is unique to a wallet; so, to update this key, the person needs to create a new wallet.
To avoid phishing scams, never enter secure information from an email link. Always go directly to the site, no matter how legitimate the website or link appears.
5. Man-in-the-middle attacks
When users log in to a cryptocurrency account in a public location, scammers can steal their private, sensitive information. A scammer can intercept any information sent over a public network, including passwords, cryptocurrency wallet keys and account information.
Anytime a user is logged in, a thief can gather this sensitive information by using the
man-in-the-middle attack
approach. This is done by intercepting Wi-Fi signals on trusted networks if they are in proximity.
The best way to avoid these attacks is to block the man in the middle by using a virtual private network (
VPN
). The VPN encrypts all the data being transmitted, so thieves cannot access personal information and steal cryptocurrency.
6. Social media cryptocurrency giveaway scams
There are many fraudulent posts on social media outlets promising bitcoin giveaways. Some of these scams also include fake celebrity accounts promoting the giveaway to lure people in.
However, when someone clicks on the giveaway, they are taken to a fraudulent site asking for verification to receive the bitcoin. The verification process includes making a payment to prove the account is legitimate.
The victim can lose this payment -- or, worse yet, click on a malicious link and have their personal information and cryptocurrency stolen.
7. Ponzi schemes
Ponzi schemes pay older investors with the proceeds from new ones. To get fresh investors, cryptocurrency scammers will lure new investors with bitcoin. It's a scheme that runs in circles, because there are no legitimate investments; it is all about targeting new investors for money.
The main lure of a Ponzi scheme is the promise of huge profits with little risk. There are always risks with these investments, however, and there are no guaranteed returns.
In 2024, a Ponzi scheme led by brothers Jonathan and Tanner Adam lured investors by promising 13.5% monthly returns by claiming their bot could exploit price differences on cryptocurrency exchanges. However, the $60 million raised by this Ponzi scheme was used to buy luxury purchases. The SEC
charged
the brothers on Aug. 26, 2024, with violating antifraud provisions of the federal securities laws.
8. Fake cryptocurrency exchanges
Scammers might lure investors in with promises of a great cryptocurrency exchange -- maybe even some additional bitcoin. But in reality, there is no exchange and the investor does not know it's fake until after they lose their deposit.
Stick to known crypto exchange markets -- such as Coinbase, Crypto.com and Cash App -- to avoid an unfamiliar exchange. Do some research and check industry sites for details about the exchange's reputation and legitimacy before entering any personal information.
9. Employment offers and fraudulent employees
Scammers will also impersonate recruiters or job seekers to get access to cryptocurrency accounts. With this ploy, they offer an interesting job but require cryptocurrency as payment for job training.
There are also
scams when hiring remote workers
. For instance, North Korean IT freelancers are trying to capitalize on remote job opportunities by presenting impressive resumes and claiming to be based in the U.S. The U.S. Department of the Treasury issued a warning of this North Korean scam targeting cryptocurrency companies. This type of scam is called a shadow workforce.
In 2022, shadow workers targeted a Sky Mavis engineer by posing as a LinkedIn recruiter. The engineer had a phone interview with this shadow worker and gave him a document to review for the next step in the interview. This document contained malicious code that allowed the North Korean Lazarus group to steal $600 million in a bridge attack.
These IT freelancers seek projects involving virtual currency and use access for the currency exchanges. They then hack into the systems to raise money or steal information for the Democratic People's Republic of Korea (DPRK). These workers also engage in other skilled IT work and use their knowledge to gain insider access to enable the DPRK's malicious cyber attacks. With these scams, these shadow workers have stolen nearly $3 billion in the past year, according to
Chainalysis
.
Learn more about
continuous employee background checks
to protect organizations.
10. Flash loan attack
Flash loans are loans for short periods of time, such as seconds to make a trade. These loans are popular in the cryptocurrency market because traders use funds to buy tokens on one platform with a lower price, and then sell that asset immediately on a different platform to make money. These moneymaking trades are all done in one transaction and the flash loan is repaid.
Because flash loans are not collateralized and there are no credit checks involved, an attacker takes advantage of borrowing money and using these funds to manipulate pricing on a decentralized finance platform. To manipulate the pricing, the attacker creates several buy-and-sell orders to create an impression of high demand. The attacker then cancels orders after prices increase, which will cause the price to fall immediately. The attacker can then make a profit by buying at a lower price on a different platform.
In February 2023, Platypus Finance was victim to a flash loan attack, which resulted in an $8.5 million loss.
11. AI scams
With the rise of artificial intelligence (
AI
), attackers are finding new ways to deceive the cryptocurrency market. Attackers can use AI chatbots to engage with users, providing advice and promoting fake tokens. Chatbots are programed to tell investors about high-yield investment opportunities that turn into pump-and-dump schemes to artificially inflate the token value before selling off.
AI can also manipulate proof of work, which overexaggerates the cryptocurrency project to make it seem there are more loyal followers, and the token is legitimate. By inflating the followers, it makes it more difficult to research if a token is authentic.
Attackers can also use high-profile celebrities or business professionals to promote fake endorsement schemes related to cryptocurrency projects. By using
deepfakes
, attackers take the faces of famous individuals -- such as Bill Gates, Mark Zuckerberg and Elon Musk -- to say they are launching a new project. With the advancements of AI, the deep fakes look more realistic to dupe investors out of money by using someone they might trust for financial advice. A popular red flag in these deepfakes is the promise of a high rate of return in a short time.
12. Bitcoin ATMs (or BTMs)
With the rise of ATMs -- or BTMs -- for bitcoin in convenience stores, gas stations and other areas to buy and send cryptocurrency, scammers are finding ways to use devices to steal. The FTC Consumer Sentinel Network states that fraud losses at BTMs are soaring with losses reaching $65 million in the first half of 2024 alone. Not all losses are reported, so this number may be much higher.
The scams at the BTMs start the same as other types with calls or messages of suspicious activity or unauthorized charges on an account. The scammers will impersonate large companies such as Apple or banks and say a person's money or identification is at risk. The scammer may even say the person's information has been tied to illegal activity and they need to get money from the bank before accounts are frozen.
Scammers claim that BTMs are "safety lockers" and have people take money out of their bank and deposit cash in the BTM. The scammer will text a QR code to scan at the machine for this deposit sending the money to the scammer's wallet.
How to protect bitcoin and cryptocurrency
To protect against
cryptocurrency scams
, some of the common red flags include the following:
Promises of large gains or double the investment.
Only accepting cryptocurrency as payment.
Contractual obligations.
Misspellings and grammatical errors in emails, social media posts or any other communication.
Manipulation tactics, such as extortion or blackmail.
Promises of free money.
Fake influencers or celebrity endorsements that seem out of place.
Minimal details about money movement and the investment.
Several transactions in one day.
Protect digital wallets from scammers by practicing good digital security habits such as
strong passwords
, using only secured connections or VPNs and choosing safe storage. There are two types of wallets: digital and hardware. Digital wallets are hosted online and have a higher rate of getting hacked. Hardware wallets store information, such as the cryptocurrency wallet and keys, offline within a device.
Cryptocurrency is not insured by the Federal Deposit Insurance Corporation, so keeping it safe is vital. Never give wallet keys or access codes to anyone. If you receive a text or an email saying there is a problem with your cryptocurrency account or the owner's account has been compromised, go directly to the provider's website or use the trusted phone number on the site to ensure you are reaching a trusted source. Do not click on links or respond directly to those emails or text messages.
How to report a scam
Anyone who believes they have seen a cryptocurrency scam or were part of a scam should report it immediately. Here are some organizations to report it to:
Commodity Futures Trading Commission (CFTC):
CFTC.gov/complaint
.
Federal Trade Commission (FTC):
ReportFraud.ftc.gov.
Internet Crime Complaint Center (IC3):
ic3.gov
.
U.S. Securities and Exchange Commission (SEC):
sec.gov/tcr
.
In addition to the agencies listed above, the person should also immediately report to the cryptocurrency exchange used for the transaction.
Amanda Hetler is a senior editor and writer for WhatIs where she writes technology explainer articles and works with freelancers. |
| Markdown | [WhatIs](https://www.techtarget.com/)
Browse Definitions :
- [A](https://www.techtarget.com/whatis/definitions/A)
- [B](https://www.techtarget.com/whatis/definitions/B)
- [C](https://www.techtarget.com/whatis/definitions/C)
- [D](https://www.techtarget.com/whatis/definitions/D)
- [E](https://www.techtarget.com/whatis/definitions/E)
- [F](https://www.techtarget.com/whatis/definitions/F)
- [G](https://www.techtarget.com/whatis/definitions/G)
- [H](https://www.techtarget.com/whatis/definitions/H)
- [I](https://www.techtarget.com/whatis/definitions/I)
- [J](https://www.techtarget.com/whatis/definitions/J)
- [K](https://www.techtarget.com/whatis/definitions/K)
- [L](https://www.techtarget.com/whatis/definitions/L)
- [M](https://www.techtarget.com/whatis/definitions/M)
- [N](https://www.techtarget.com/whatis/definitions/N)
- [O](https://www.techtarget.com/whatis/definitions/O)
- [P](https://www.techtarget.com/whatis/definitions/P)
- [Q](https://www.techtarget.com/whatis/definitions/Q)
- [R](https://www.techtarget.com/whatis/definitions/R)
- [S](https://www.techtarget.com/whatis/definitions/S)
- [T](https://www.techtarget.com/whatis/definitions/T)
- [U](https://www.techtarget.com/whatis/definitions/U)
- [V](https://www.techtarget.com/whatis/definitions/V)
- [W](https://www.techtarget.com/whatis/definitions/W)
- [X](https://www.techtarget.com/whatis/definitions/X)
- [Y](https://www.techtarget.com/whatis/definitions/Y)
- [Z](https://www.techtarget.com/whatis/definitions/Z)
- [\#](https://www.techtarget.com/whatis/definitions/0)
[Login](https://www.techtarget.com/login?fromURL=https%3A%2F%2Fwww.techtarget.com%2Fwhatis%2Ffeature%2FCommon-cryptocurrency-scams) [Register](https://www.techtarget.com/register?fromURL=https%3A%2F%2Fwww.techtarget.com%2Fwhatis%2Ffeature%2FCommon-cryptocurrency-scams)
- [TechTarget Network](https://www.techtarget.com/)
- [Tech Accelerator](https://www.techtarget.com/whatis/techaccelerators)
- [News](https://www.techtarget.com/news/)
[RSS](https://www.techtarget.com/whatis/rss)
- [WhatIs](https://www.techtarget.com/whatis/)
- [Browse Definitions Security Admin](https://www.techtarget.com/whatis/glossary/Security-Management)
[Security](https://www.techtarget.com/whatis/glossary/Security) View All
- [Authentication and access control](https://www.techtarget.com/whatis/glossary/Authentication)
- [Compliance, risk and governance](https://www.techtarget.com/whatis/glossary/Compliance)
- [Network security](https://www.techtarget.com/whatis/glossary/Network-Security)
- [Threat management](https://www.techtarget.com/whatis/glossary/Security-Threats-and-Countermeasures)
[Business software](https://www.techtarget.com/whatis/glossary/Enterprise-Business-Software) View All
- [ERP](https://www.techtarget.com/whatis/glossary/Business-and-ERP)
- [HR management](https://www.techtarget.com/whatis/glossary/HR-management)
- [Marketing and CX](https://www.techtarget.com/whatis/glossary/Marketing-and-customer-experience)
- [Microsoft](https://www.techtarget.com/whatis/glossary/Microsoft)
- [Software applications](https://www.techtarget.com/whatis/glossary/Software-Applications)
[Cloud computing](https://www.techtarget.com/whatis/glossary/Cloud-computing) View All
- [Internet applications](https://www.techtarget.com/whatis/glossary/Internet-applications)
- [Internet of Things](https://www.techtarget.com/whatis/glossary/Internet-of-Things)
- [Web services](https://www.techtarget.com/whatis/glossary/Web-services-SOA)
[Computer science](https://www.techtarget.com/whatis/glossary/Computer-Science) View All
- [Electronics](https://www.techtarget.com/whatis/glossary/Electronics)
- [Internet technologies](https://www.techtarget.com/whatis/glossary/Internet-Technologies)
- [IT standards and organizations](https://www.techtarget.com/whatis/glossary/IT-Standards-Organizations)
- [Microprocessors](https://www.techtarget.com/whatis/glossary/Microprocessors)
- [Robotics](https://www.techtarget.com/whatis/glossary/Robotics)
[Data analytics and AI](https://www.techtarget.com/whatis/glossary/Business-intelligence-business-analytics) View All
- [Algorithms](https://www.techtarget.com/whatis/glossary/Algorithms)
- [Artificial intelligence](https://www.techtarget.com/whatis/glossary/Artificial-intelligence)
- [Data and data management](https://www.techtarget.com/whatis/glossary/Data-and-Data-Management)
- [Database management](https://www.techtarget.com/whatis/glossary/Database)
[Data centers](https://www.techtarget.com/whatis/glossary/Data-centers) View All
- [Data backup and disaster recovery](https://www.techtarget.com/whatis/glossary/Backup-and-Recovery)
- [Data center management](https://www.techtarget.com/whatis/glossary/Data-center-management)
- [Linux](https://www.techtarget.com/whatis/glossary/Linux)
- [Operating systems](https://www.techtarget.com/whatis/glossary/Operating-Systems)
- [Storage Admin](https://www.techtarget.com/whatis/glossary/Storage-Management)
- [Storage and Data Mgmt](https://www.techtarget.com/whatis/glossary/Storage-and-Data-Management)
- [Virtualization](https://www.techtarget.com/whatis/glossary/Virtualization)
[IT management](https://www.techtarget.com/whatis/glossary/IT-Management) View All
- [Certifications](https://www.techtarget.com/whatis/glossary/IT-Certifications)
- [IT career paths](https://www.techtarget.com/whatis/glossary/Career-Paths)
- [IT Operations](https://www.techtarget.com/whatis/glossary/IT-Operations)
- [Personal computing](https://www.techtarget.com/whatis/glossary/Personal-Computing)
- [Project management](https://www.techtarget.com/whatis/glossary/Project-Management)
- [Technical support](https://www.techtarget.com/whatis/glossary/Computing-Fundamentals)
[Networking](https://www.techtarget.com/whatis/glossary/Networking) View All
- [High-speed networks](https://www.techtarget.com/whatis/glossary/High-Speed-Networks)
- [Network Admin](https://www.techtarget.com/whatis/glossary/Network-Administration)
- [Network hardware](https://www.techtarget.com/whatis/glossary/Network-Hardware)
- [Networking and communications](https://www.techtarget.com/whatis/glossary/Networking-and-Communications)
- [Wireless and mobile](https://www.techtarget.com/whatis/glossary/Wireless-Mobile)
[Security](https://www.techtarget.com/whatis/glossary/Security) View All
- [Authentication and access control](https://www.techtarget.com/whatis/glossary/Authentication)
- [Compliance, risk and governance](https://www.techtarget.com/whatis/glossary/Compliance)
- [Network security](https://www.techtarget.com/whatis/glossary/Network-Security)
- [Security Admin](https://www.techtarget.com/whatis/glossary/Security-Management)
- [Threat management](https://www.techtarget.com/whatis/glossary/Security-Threats-and-Countermeasures)
[Software development](https://www.techtarget.com/whatis/glossary/Software-Development) View All
- [Agile software development](https://www.techtarget.com/whatis/glossary/Agile-Scrum-XP-Programming)
- [AppDev](https://www.techtarget.com/whatis/glossary/Application-Development)
- [DevOps](https://www.techtarget.com/whatis/glossary/DevOps)
- [Programming](https://www.techtarget.com/whatis/glossary/Programming)
Please select a category
- Business software
- Cloud computing
- Computer science
- Data analytics and AI
- Data centers
- IT management
- Networking
- Security
- Software development
- [Browse Features Resources](https://www.techtarget.com/whatis/resources)
- [Business strategies](https://www.techtarget.com/whatis/resources/Business-Strategies)
- [Career resources](https://www.techtarget.com/whatis/resources/Career-Resources)
- [Emerging tech](https://www.techtarget.com/whatis/resources/Emerging-Tech)
- [Tech explainers](https://www.techtarget.com/whatis/resources/Tech-Explainers)
- Follow:
- [Home](https://www.techtarget.com/whatis/)
- [Security management](https://www.techtarget.com/whatis/glossary/Security-Management)
Tech Accelerator [Blockchain for businesses: The ultimate enterprise guide](https://www.techtarget.com/searchcio/Blockchain-for-businesses-The-ultimate-enterprise-guide)
[Prev](https://www.techtarget.com/whatis/feature/Compare-NFTs-vs-cryptocurrency-vs-digital-currency "NFTs vs. cryptocurrency: Key differences and how they work") [Next](https://www.techtarget.com/whatis/feature/Decentralized-finance-vs-centralized-finance-Whats-the-difference "Decentralized finance vs. centralized finance: What's the difference?")
[Download this guide1](https://www.techtarget.com/searchcio/pro/Blockchain-for-Businesses-The-Ultimate-Enterprise-Guide?offer=Content_OTHR-PillarPage_Blockchainforbusinesses:Theultimateenterpriseguide)
[Feature](https://www.techtarget.com/whatis/features)
# Cryptocurrency scams: Common types and prevention
## Cryptocurrency scams are rising, and thieves are using new and old techniques to steal money. Some of the latest scams involve rug pull scams, Ponzi schemes and phishing scams.
- Share this item with your network:
By
- [Amanda Hetler,](https://www.techtarget.com/contributor/Amanda-Hetler) Senior Editor
Published: 17 Dec 2024
Where money is concerned, scams always follow. And the same is true with cryptocurrency.
In 2024, [cryptocurrency and bitcoin hit an all-time high](https://www.techtarget.com/whatis/feature/Why-is-cryptocurrency-rising-and-bitcoin-at-an-all-time-high). This will most likely create an urgency to invest in cryptocurrencies to make money along with a rise in scammers trying to take advantage of this craze. There was already a large increase in scams in 2023, and the FBI's Internet Crime Complaint Center [estimates](https://www.ic3.gov/AnnualReport/Reports/2023_IC3CryptocurrencyReport.pdf) losses were more than \$5.6 billion -- about half of all reported fraud losses. The total losses in 2023 increased 45% over 2022, and with prices soaring in 2024, scammers are finding new ways to take advantage of people looking to make money.
Digital currency is a form of currency stored in a digital wallet, and the owner can turn currency into cash by transferring it to a bank account. Cryptocurrency, such as bitcoin, is [different from digital currency](https://www.techtarget.com/whatis/feature/Compare-NFTs-vs-cryptocurrency-vs-digital-currency). It uses blockchain for verification and no central authority such as a bank, so it is harder to recover from theft.
Even though cryptocurrency is a newer trend, thieves are using old methods to steal. Here are some of the common cryptocurrency scams to watch.
## 1\. Bitcoin investment schemes
The FBI stated investment schemes are the most reported type of fraud. In bitcoin investment schemes, scammers contact investors claiming to be seasoned "investment managers." As part of the scheme, the so-called investment managers claim to have made millions investing in cryptocurrency and promise their victims that they will make money with investments.
To get started, the scammers request an upfront fee. Then, instead of making money, the thieves simply steal the upfront fees. The scammers might also request personal identification information, claiming it's to transfer or deposit funds, and thus gain access to a person's cryptocurrency.
This article is part of
### [Blockchain for businesses: The ultimate enterprise guide](https://www.techtarget.com/searchcio/Blockchain-for-businesses-The-ultimate-enterprise-guide)
- Which also includes:
- [Top 10 benefits of blockchain for business](https://www.techtarget.com/searchcio/feature/Top-10-benefits-of-blockchain-technology-for-business)
- [What are the 4 different types of blockchain technology?](https://www.techtarget.com/searchcio/feature/What-are-the-4-different-types-of-blockchain-technology)
- [7 must-have blockchain developer skills](https://www.techtarget.com/whatis/feature/6-must-have-blockchain-developer-skills)
[Download1Download this entire guide for FREE now\!](https://www.techtarget.com/searchcio/pro/Blockchain-for-Businesses-The-Ultimate-Enterprise-Guide?offer=Content_OTHR-PillarPage_Blockchainforbusinesses:Theultimateenterpriseguide)
Another type of investment scam involves using fake celebrity endorsements. Scammers take real photos and impose them on fake accounts, ads or articles to make it appear as though the celebrity is promoting a large financial gain from the investment. The sources for these claims appear to be legitimate, using reputable company names such as ABC or CBS with a professional-looking website and logos. However, the endorsement is fake.
## 2\. Rug pull scams
Rug pull scams involve investment scammers "pumping up" a new project, non-fungible token ([NFT](https://www.techtarget.com/whatis/definition/nonfungible-token-NFT)) or coin to get funding. After the scammers get the money, they disappear with it. The coding for these investments prevents people from selling the bitcoin after purchase, so investors are left with a valueless investment.
A common type of rug pull scam is a fake initial coin offering (ICO), where scammers promote a non-existent project or coin. A popular version of this ICO scam was the Squid coin scam, named after the popular Netflix series *Squid Game*. Investors had to play to earn cryptocurrency: People would buy tokens for online games and earn more later to exchange for other cryptocurrencies. The price of the Squid token went from being worth 1 cent to about \$90 per token.
Eventually, trading stopped and the money disappeared. The token value then reached zero as people attempted but failed to sell their tokens. The [scammers made about \$3 million](https://www.nbcnews.com/tech/tech-news/squid-game-crypto-collapse-pushes-investors-cry-scam-rcna4399) from these investors.
Rug pull scams are also common for NFTs, which are one-of-a-kind digital assets.
## 3\. Romance scams
Dating apps are no stranger to crypto scams. These scams involve relationships -- typically long-distance and strictly online -- where one party takes time to gain the other party's trust. Over time, one party starts to convince the other to buy or give money in some form of cryptocurrency.
After getting the money, the dating scammer disappears. These scams are also referred to as "pig butchering scams."
Romance scams cost consumers \$1.179 billion in 2023, according to the [FTC](https://public.tableau.com/app/profile/federal.trade.commission/viz/shared/4WS8HTYQ6).
## 4\. Phishing scams
[Phishing](https://www.techtarget.com/searchsecurity/definition/phishing) scams have been around for some time but are still popular. Scammers send emails with malicious links to a fake website to gather personal details, such as [cryptocurrency wallet](https://www.techtarget.com/searchsecurity/definition/crypto-wallet-cryptocurrency-wallet) key information.
Unlike passwords, users only get one unique private key to digital wallets. But if a private key is stolen, it is troublesome to change this key. Each key is unique to a wallet; so, to update this key, the person needs to create a new wallet.
To avoid phishing scams, never enter secure information from an email link. Always go directly to the site, no matter how legitimate the website or link appears.
## 5\. Man-in-the-middle attacks
When users log in to a cryptocurrency account in a public location, scammers can steal their private, sensitive information. A scammer can intercept any information sent over a public network, including passwords, cryptocurrency wallet keys and account information.
Anytime a user is logged in, a thief can gather this sensitive information by using the [man-in-the-middle attack](https://www.techtarget.com/iotagenda/definition/man-in-the-middle-attack-MitM) approach. This is done by intercepting Wi-Fi signals on trusted networks if they are in proximity.
The best way to avoid these attacks is to block the man in the middle by using a virtual private network ([VPN](https://www.techtarget.com/searchnetworking/definition/virtual-private-network)). The VPN encrypts all the data being transmitted, so thieves cannot access personal information and steal cryptocurrency.
## 6\. Social media cryptocurrency giveaway scams
There are many fraudulent posts on social media outlets promising bitcoin giveaways. Some of these scams also include fake celebrity accounts promoting the giveaway to lure people in.
However, when someone clicks on the giveaway, they are taken to a fraudulent site asking for verification to receive the bitcoin. The verification process includes making a payment to prove the account is legitimate.
The victim can lose this payment -- or, worse yet, click on a malicious link and have their personal information and cryptocurrency stolen.
## 7\. Ponzi schemes
Ponzi schemes pay older investors with the proceeds from new ones. To get fresh investors, cryptocurrency scammers will lure new investors with bitcoin. It's a scheme that runs in circles, because there are no legitimate investments; it is all about targeting new investors for money.
The main lure of a Ponzi scheme is the promise of huge profits with little risk. There are always risks with these investments, however, and there are no guaranteed returns.
In 2024, a Ponzi scheme led by brothers Jonathan and Tanner Adam lured investors by promising 13.5% monthly returns by claiming their bot could exploit price differences on cryptocurrency exchanges. However, the \$60 million raised by this Ponzi scheme was used to buy luxury purchases. The SEC [charged](https://www.sec.gov/newsroom/press-releases/2024-107) the brothers on Aug. 26, 2024, with violating antifraud provisions of the federal securities laws.
## 8\. Fake cryptocurrency exchanges
Scammers might lure investors in with promises of a great cryptocurrency exchange -- maybe even some additional bitcoin. But in reality, there is no exchange and the investor does not know it's fake until after they lose their deposit.
Stick to known crypto exchange markets -- such as Coinbase, Crypto.com and Cash App -- to avoid an unfamiliar exchange. Do some research and check industry sites for details about the exchange's reputation and legitimacy before entering any personal information.
## 9\. Employment offers and fraudulent employees
Scammers will also impersonate recruiters or job seekers to get access to cryptocurrency accounts. With this ploy, they offer an interesting job but require cryptocurrency as payment for job training.
There are also [scams when hiring remote workers](https://www.theserverside.com/tip/How-developers-can-avoid-remote-work-scams). For instance, North Korean IT freelancers are trying to capitalize on remote job opportunities by presenting impressive resumes and claiming to be based in the U.S. The U.S. Department of the Treasury issued a warning of this North Korean scam targeting cryptocurrency companies. This type of scam is called a shadow workforce.
In 2022, shadow workers targeted a Sky Mavis engineer by posing as a LinkedIn recruiter. The engineer had a phone interview with this shadow worker and gave him a document to review for the next step in the interview. This document contained malicious code that allowed the North Korean Lazarus group to steal \$600 million in a bridge attack.
These IT freelancers seek projects involving virtual currency and use access for the currency exchanges. They then hack into the systems to raise money or steal information for the Democratic People's Republic of Korea (DPRK). These workers also engage in other skilled IT work and use their knowledge to gain insider access to enable the DPRK's malicious cyber attacks. With these scams, these shadow workers have stolen nearly \$3 billion in the past year, according to [Chainalysis](https://blog.chainalysis.com/reports/2022-biggest-year-ever-for-crypto-hacking/).
*Learn more about* [*continuous employee background checks*](https://www.techtarget.com/searchhrsoftware/news/252514924/Employment-background-checks-shift-to-continuous) *to protect organizations.*
## 10\. Flash loan attack
Flash loans are loans for short periods of time, such as seconds to make a trade. These loans are popular in the cryptocurrency market because traders use funds to buy tokens on one platform with a lower price, and then sell that asset immediately on a different platform to make money. These moneymaking trades are all done in one transaction and the flash loan is repaid.
Because flash loans are not collateralized and there are no credit checks involved, an attacker takes advantage of borrowing money and using these funds to manipulate pricing on a decentralized finance platform. To manipulate the pricing, the attacker creates several buy-and-sell orders to create an impression of high demand. The attacker then cancels orders after prices increase, which will cause the price to fall immediately. The attacker can then make a profit by buying at a lower price on a different platform.
In February 2023, Platypus Finance was victim to a flash loan attack, which resulted in an \$8.5 million loss.
## 11\. AI scams
With the rise of artificial intelligence ([AI](https://www.techtarget.com/searchenterpriseai/definition/AI-Artificial-Intelligence)), attackers are finding new ways to deceive the cryptocurrency market. Attackers can use AI chatbots to engage with users, providing advice and promoting fake tokens. Chatbots are programed to tell investors about high-yield investment opportunities that turn into pump-and-dump schemes to artificially inflate the token value before selling off.
AI can also manipulate proof of work, which overexaggerates the cryptocurrency project to make it seem there are more loyal followers, and the token is legitimate. By inflating the followers, it makes it more difficult to research if a token is authentic.
Attackers can also use high-profile celebrities or business professionals to promote fake endorsement schemes related to cryptocurrency projects. By using [deepfakes](https://www.techtarget.com/whatis/definition/deepfake), attackers take the faces of famous individuals -- such as Bill Gates, Mark Zuckerberg and Elon Musk -- to say they are launching a new project. With the advancements of AI, the deep fakes look more realistic to dupe investors out of money by using someone they might trust for financial advice. A popular red flag in these deepfakes is the promise of a high rate of return in a short time.
## 12\. Bitcoin ATMs (or BTMs)
With the rise of ATMs -- or BTMs -- for bitcoin in convenience stores, gas stations and other areas to buy and send cryptocurrency, scammers are finding ways to use devices to steal. The FTC Consumer Sentinel Network states that fraud losses at BTMs are soaring with losses reaching \$65 million in the first half of 2024 alone. Not all losses are reported, so this number may be much higher.
The scams at the BTMs start the same as other types with calls or messages of suspicious activity or unauthorized charges on an account. The scammers will impersonate large companies such as Apple or banks and say a person's money or identification is at risk. The scammer may even say the person's information has been tied to illegal activity and they need to get money from the bank before accounts are frozen.
Scammers claim that BTMs are "safety lockers" and have people take money out of their bank and deposit cash in the BTM. The scammer will text a QR code to scan at the machine for this deposit sending the money to the scammer's wallet.
## How to protect bitcoin and cryptocurrency
To protect against [cryptocurrency scams](https://www.techtarget.com/searchsecurity/feature/Cryptocurrency-cyber-attacks-on-the-rise-as-industry-expands), some of the common red flags include the following:
- Promises of large gains or double the investment.
- Only accepting cryptocurrency as payment.
- Contractual obligations.
- Misspellings and grammatical errors in emails, social media posts or any other communication.
- Manipulation tactics, such as extortion or blackmail.
- Promises of free money.
- Fake influencers or celebrity endorsements that seem out of place.
- Minimal details about money movement and the investment.
- Several transactions in one day.
Protect digital wallets from scammers by practicing good digital security habits such as [strong passwords](https://www.techtarget.com/searchsecurity/tip/Top-5-password-hygiene-tips-and-best-practices), using only secured connections or VPNs and choosing safe storage. There are two types of wallets: digital and hardware. Digital wallets are hosted online and have a higher rate of getting hacked. Hardware wallets store information, such as the cryptocurrency wallet and keys, offline within a device.
Cryptocurrency is not insured by the Federal Deposit Insurance Corporation, so keeping it safe is vital. Never give wallet keys or access codes to anyone. If you receive a text or an email saying there is a problem with your cryptocurrency account or the owner's account has been compromised, go directly to the provider's website or use the trusted phone number on the site to ensure you are reaching a trusted source. Do not click on links or respond directly to those emails or text messages.
## How to report a scam
Anyone who believes they have seen a cryptocurrency scam or were part of a scam should report it immediately. Here are some organizations to report it to:
- Commodity Futures Trading Commission (CFTC): [CFTC.gov/complaint](https://www.cftc.gov/complaint).
- Federal Trade Commission (FTC): [ReportFraud.ftc.gov.](https://www.reportfraud.ftc.gov/)
- Internet Crime Complaint Center (IC3): [ic3.gov](https://www.ic3.gov/).
- U.S. Securities and Exchange Commission (SEC): [sec.gov/tcr](https://www.sec.gov/tcr).
In addition to the agencies listed above, the person should also immediately report to the cryptocurrency exchange used for the transaction.
*Amanda Hetler is a senior editor and writer for WhatIs where she writes technology explainer articles and works with freelancers.*
#### Next Steps
[The best cross-chain bridges](https://www.techtarget.com/whatis/feature/The-best-cross-chain-bridges)
[How is cryptocurrency valued?](https://www.techtarget.com/whatis/feature/How-is-cryptocurrency-valued)
[NFT wash trading explained](https://www.techtarget.com/whatis/feature/NFT-wash-trading-explained)
[Cryptocurrency and taxes explained: What you need to know](https://www.techtarget.com/whatis/feature/Cryptocurrency-and-taxes-explained-What-you-need-to-know)
#### Related Resources
- [From Hardware to Outcomes – How Dell Enables the Modern Workplace](https://www.brighttalk.com/webcast/13935/665273) –Talk
- [API Security: Monitoring and Securing Application Programming Interfaces](https://www.brighttalk.com/webcast/17608/664650) –Akamai Technologies
- [Shadow AI and the new security blind spots MSPs can’t ignore](https://www.barracuda.com/campaigns/barracuda-brighttalk?commid=666017) –Barracuda
- [How To Implement Zero Trust Device Security With Trusted Zero Clients And The ...](https://www.techtarget.com/hub/asset/1775112357_590) –HP & Intel
#### Dig Deeper on Security management
- [![]() Pig butchering scam explained: Everything you need to know  By: Amanda Hetler](https://www.techtarget.com/whatis/feature/Pig-butchering-scam-explained-Everything-you-need-to-know)
- [![]() 10 social media scams and how to avoid them  By: Samantha Poutre](https://www.techtarget.com/whatis/feature/Social-media-scams-and-how-to-avoid-them)
- [![]() Proofpoint exposes AFF scammers’ piano gambit  By: Alex Scroxton](https://www.computerweekly.com/news/366586694/Proofpoint-exposes-AFF-scammers-piano-gambit)
- [![]() Lloyds Bank warns over rising threat of crypto scams](https://www.computerweekly.com/news/366559256/Lloyds-Bank-warns-over-rising-threat-of-crypto-scams)
Sponsored News
- [A spotlight on food is medicine: Creating sustainable programs](https://www.techtarget.com/healthcarepayers/ZelisHealthcare/A-spotlight-on-food-is-medicine-Creating-sustainable-programs) –Zelis Healthcare
- [3 Strategies to Enhance Healthcare Financial Experiences](https://www.techtarget.com/healthcarepayers/ZelisHealthcare/3-Strategies-to-Enhance-Healthcare-Financial-Experiences) –Zelis Healthcare
- [Four Reasons Health Plans Need Scalable Payment Solutions](https://www.techtarget.com/healthcarepayers/ZelisHealthcare/Four-Reasons-Health-Plans-Need-Scalable-Payment-Solutions) –Zelis Healthcare
Related Content
- [NatWest introduces limits on crypto trading to ...](https://www.computerweekly.com/news/365532556/NatWest-introduces-limits-on-crypto-trading-to-prevent-fraud) – ComputerWeekly.com
- [8 ways to avoid NFT scams](https://www.techtarget.com/whatis/feature/8-ways-to-avoid-NFT-scams) – WhatIs
- [Unregulated DeFi services abused in latest pig ...](https://www.computerweekly.com/news/366552414/Unregulated-DeFi-services-abused-in-latest-pig-butchering-twist) – ComputerWeekly.com
Latest TechTarget resources
- [Networking](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
- [Security](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
- [CIO](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
- [HR Software](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
- [Customer Experience](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
[Search Networking](https://www.techtarget.com/searchnetworking/)
- [What is multi-access edge computing? Benefits and use cases](https://www.techtarget.com/searchnetworking/definition/What-is-multi-access-edge-computing-Benefits-and-use-cases)
Multi-access edge computing (MEC) is a network architecture concept that brings cloud computing capabilities and IT services ...
- [What is 5G?](https://www.techtarget.com/searchnetworking/definition/5G)
Fifth-generation wireless or 5G is a global standard and technology for wireless and telecommunications networks.
- [What is a small cell in wireless networks?](https://www.techtarget.com/searchnetworking/definition/small-cell)
A small cell is a type of low-power cellular radio access point or base station that provides wireless service within a limited ...
[Search Security](https://www.techtarget.com/searchsecurity/)
- [What is identity and access management? Guide to IAM](https://www.techtarget.com/searchsecurity/definition/identity-access-management-IAM-system)
No longer just a good idea, IAM is a crucial piece of the cybersecurity puzzle. It's how an organization regulates access to ...
- [What is data masking?](https://www.techtarget.com/searchsecurity/definition/data-masking)
Data masking is a security technique that modifies sensitive data in a data set so it can be used safely in a non-production ...
- [What is antivirus software?](https://www.techtarget.com/searchsecurity/definition/antivirus-software)
Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other ...
[Search CIO](https://www.techtarget.com/searchcio/)
- [What is a chief data officer (CDO)?](https://www.techtarget.com/searchcio/definition/chief-data-officer-CDO)
A chief data officer (CDO) in many organizations is a C-level executive whose position has evolved into a range of strategic data...
- [What is user-generated content?](https://www.techtarget.com/searchcio/definition/user-generated-content-UGC)
User-generated content (UGC) is published information that an unpaid contributor provides to a website.
- [What is business process outsourcing (BPO)?](https://www.techtarget.com/searchcio/definition/business-process-outsourcing)
Business process outsourcing (BPO) is a business practice in which an organization contracts with an external service provider to...
[Search HRSoftware](https://www.techtarget.com/searchhrsoftware/)
- [What is compensation management?](https://www.techtarget.com/searchhrsoftware/definition/compensation-management)
Compensation management is the discipline and process for determining employees' appropriate pay, incentives, rewards, bonuses ...
- [What is talent management? Definition, basics and strategy](https://www.techtarget.com/searchhrsoftware/definition/talent-management)
Talent management is a strategic approach organizations use to attract, develop, retain, and optimize employees.
- [What is core HR (core human resources)?](https://www.techtarget.com/searchhrsoftware/definition/core-HR-core-human-resources)
Core HR (core human resources) is an umbrella term that refers to the essential, mandatory and fundamental tasks and functions of...
[Search Customer Experience](https://www.techtarget.com/searchcustomerexperience/)
- [What are virtual agents and how are they being used?](https://www.techtarget.com/searchcustomerexperience/definition/virtual-agent)
A virtual agent is an AI-powered software application or service that interacts with humans or other digital systems in a ...
- [Customer acquisition cost (CAC): How to calculate and reduce it](https://www.techtarget.com/searchcustomerexperience/definition/customer-acquisition-cost)
Customer acquisition cost (CAC) is the cost associated with convincing a consumer to buy your product or service, including ...
- [What is direct marketing?](https://www.techtarget.com/searchcustomerexperience/definition/direct-marketing)
Direct marketing is a type of advertising campaign that seeks to elicit an action (such as an order, a visit to a store or ...
- [Browse by Topic](https://www.techtarget.com/whatis/glossaries)
- [Browse Resources](https://www.techtarget.com/whatis/resources)
- [About Us](https://www.informatechtarget.com/editorial/)
- [Meet The Editors](https://www.techtarget.com/whatis/about/Meet-the-Editors)
- [Editorial Ethics Policy](https://www.techtarget.com/techtarget-editorial-ethics-policy)
- [Contact Us](https://www.informatechtarget.com/contact-us/)
- [Advertisers](https://www.informatechtarget.com/for-advertisers/)
- [Business Partners](https://www.informatechtarget.com/partner-with-us/)
- [Events](https://www.brighttalk.com/summits)
- [Media Kit](https://www.informatechtarget.com/wp-content/uploads/2023/09/TechTarget-Media-Kit-Handout-with-product-descriptions.pdf)
- [Corporate Site](https://www.informatechtarget.com/)
- [Reprints](https://licensing.ygsgroup.com/ygspublishersolutions/)
All Rights Reserved. [Copyright 1999 - 2026](https://www.informatechtarget.com/terms-of-use), TechTarget
[Privacy Policy](https://www.informatechtarget.com/privacy-policy/)
[Cookie Preferences](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
[Cookie Preferences](https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams)
[Do Not Sell or Share My Personal Information](https://techtarget.zendesk.com/hc/en-us/requests/new?ticket_form_id=360004852434)
Close
 |
| Readable Markdown | Where money is concerned, scams always follow. And the same is true with cryptocurrency.
In 2024, [cryptocurrency and bitcoin hit an all-time high](https://www.techtarget.com/whatis/feature/Why-is-cryptocurrency-rising-and-bitcoin-at-an-all-time-high). This will most likely create an urgency to invest in cryptocurrencies to make money along with a rise in scammers trying to take advantage of this craze. There was already a large increase in scams in 2023, and the FBI's Internet Crime Complaint Center [estimates](https://www.ic3.gov/AnnualReport/Reports/2023_IC3CryptocurrencyReport.pdf) losses were more than \$5.6 billion -- about half of all reported fraud losses. The total losses in 2023 increased 45% over 2022, and with prices soaring in 2024, scammers are finding new ways to take advantage of people looking to make money.
Digital currency is a form of currency stored in a digital wallet, and the owner can turn currency into cash by transferring it to a bank account. Cryptocurrency, such as bitcoin, is [different from digital currency](https://www.techtarget.com/whatis/feature/Compare-NFTs-vs-cryptocurrency-vs-digital-currency). It uses blockchain for verification and no central authority such as a bank, so it is harder to recover from theft.
Even though cryptocurrency is a newer trend, thieves are using old methods to steal. Here are some of the common cryptocurrency scams to watch.
## 1\. Bitcoin investment schemes
The FBI stated investment schemes are the most reported type of fraud. In bitcoin investment schemes, scammers contact investors claiming to be seasoned "investment managers." As part of the scheme, the so-called investment managers claim to have made millions investing in cryptocurrency and promise their victims that they will make money with investments.
To get started, the scammers request an upfront fee. Then, instead of making money, the thieves simply steal the upfront fees. The scammers might also request personal identification information, claiming it's to transfer or deposit funds, and thus gain access to a person's cryptocurrency.
Another type of investment scam involves using fake celebrity endorsements. Scammers take real photos and impose them on fake accounts, ads or articles to make it appear as though the celebrity is promoting a large financial gain from the investment. The sources for these claims appear to be legitimate, using reputable company names such as ABC or CBS with a professional-looking website and logos. However, the endorsement is fake.
## 2\. Rug pull scams
Rug pull scams involve investment scammers "pumping up" a new project, non-fungible token ([NFT](https://www.techtarget.com/whatis/definition/nonfungible-token-NFT)) or coin to get funding. After the scammers get the money, they disappear with it. The coding for these investments prevents people from selling the bitcoin after purchase, so investors are left with a valueless investment.
A common type of rug pull scam is a fake initial coin offering (ICO), where scammers promote a non-existent project or coin. A popular version of this ICO scam was the Squid coin scam, named after the popular Netflix series *Squid Game*. Investors had to play to earn cryptocurrency: People would buy tokens for online games and earn more later to exchange for other cryptocurrencies. The price of the Squid token went from being worth 1 cent to about \$90 per token.
Eventually, trading stopped and the money disappeared. The token value then reached zero as people attempted but failed to sell their tokens. The [scammers made about \$3 million](https://www.nbcnews.com/tech/tech-news/squid-game-crypto-collapse-pushes-investors-cry-scam-rcna4399) from these investors.
Rug pull scams are also common for NFTs, which are one-of-a-kind digital assets.
## 3\. Romance scams
Dating apps are no stranger to crypto scams. These scams involve relationships -- typically long-distance and strictly online -- where one party takes time to gain the other party's trust. Over time, one party starts to convince the other to buy or give money in some form of cryptocurrency.
After getting the money, the dating scammer disappears. These scams are also referred to as "pig butchering scams."
Romance scams cost consumers \$1.179 billion in 2023, according to the [FTC](https://public.tableau.com/app/profile/federal.trade.commission/viz/shared/4WS8HTYQ6).
## 4\. Phishing scams
[Phishing](https://www.techtarget.com/searchsecurity/definition/phishing) scams have been around for some time but are still popular. Scammers send emails with malicious links to a fake website to gather personal details, such as [cryptocurrency wallet](https://www.techtarget.com/searchsecurity/definition/crypto-wallet-cryptocurrency-wallet) key information.
Unlike passwords, users only get one unique private key to digital wallets. But if a private key is stolen, it is troublesome to change this key. Each key is unique to a wallet; so, to update this key, the person needs to create a new wallet.
To avoid phishing scams, never enter secure information from an email link. Always go directly to the site, no matter how legitimate the website or link appears.
## 5\. Man-in-the-middle attacks
When users log in to a cryptocurrency account in a public location, scammers can steal their private, sensitive information. A scammer can intercept any information sent over a public network, including passwords, cryptocurrency wallet keys and account information.
Anytime a user is logged in, a thief can gather this sensitive information by using the [man-in-the-middle attack](https://www.techtarget.com/iotagenda/definition/man-in-the-middle-attack-MitM) approach. This is done by intercepting Wi-Fi signals on trusted networks if they are in proximity.
The best way to avoid these attacks is to block the man in the middle by using a virtual private network ([VPN](https://www.techtarget.com/searchnetworking/definition/virtual-private-network)). The VPN encrypts all the data being transmitted, so thieves cannot access personal information and steal cryptocurrency.
## 6\. Social media cryptocurrency giveaway scams
There are many fraudulent posts on social media outlets promising bitcoin giveaways. Some of these scams also include fake celebrity accounts promoting the giveaway to lure people in.
However, when someone clicks on the giveaway, they are taken to a fraudulent site asking for verification to receive the bitcoin. The verification process includes making a payment to prove the account is legitimate.
The victim can lose this payment -- or, worse yet, click on a malicious link and have their personal information and cryptocurrency stolen.
## 7\. Ponzi schemes
Ponzi schemes pay older investors with the proceeds from new ones. To get fresh investors, cryptocurrency scammers will lure new investors with bitcoin. It's a scheme that runs in circles, because there are no legitimate investments; it is all about targeting new investors for money.
The main lure of a Ponzi scheme is the promise of huge profits with little risk. There are always risks with these investments, however, and there are no guaranteed returns.
In 2024, a Ponzi scheme led by brothers Jonathan and Tanner Adam lured investors by promising 13.5% monthly returns by claiming their bot could exploit price differences on cryptocurrency exchanges. However, the \$60 million raised by this Ponzi scheme was used to buy luxury purchases. The SEC [charged](https://www.sec.gov/newsroom/press-releases/2024-107) the brothers on Aug. 26, 2024, with violating antifraud provisions of the federal securities laws.
## 8\. Fake cryptocurrency exchanges
Scammers might lure investors in with promises of a great cryptocurrency exchange -- maybe even some additional bitcoin. But in reality, there is no exchange and the investor does not know it's fake until after they lose their deposit.
Stick to known crypto exchange markets -- such as Coinbase, Crypto.com and Cash App -- to avoid an unfamiliar exchange. Do some research and check industry sites for details about the exchange's reputation and legitimacy before entering any personal information.
## 9\. Employment offers and fraudulent employees
Scammers will also impersonate recruiters or job seekers to get access to cryptocurrency accounts. With this ploy, they offer an interesting job but require cryptocurrency as payment for job training.
There are also [scams when hiring remote workers](https://www.theserverside.com/tip/How-developers-can-avoid-remote-work-scams). For instance, North Korean IT freelancers are trying to capitalize on remote job opportunities by presenting impressive resumes and claiming to be based in the U.S. The U.S. Department of the Treasury issued a warning of this North Korean scam targeting cryptocurrency companies. This type of scam is called a shadow workforce.
In 2022, shadow workers targeted a Sky Mavis engineer by posing as a LinkedIn recruiter. The engineer had a phone interview with this shadow worker and gave him a document to review for the next step in the interview. This document contained malicious code that allowed the North Korean Lazarus group to steal \$600 million in a bridge attack.
These IT freelancers seek projects involving virtual currency and use access for the currency exchanges. They then hack into the systems to raise money or steal information for the Democratic People's Republic of Korea (DPRK). These workers also engage in other skilled IT work and use their knowledge to gain insider access to enable the DPRK's malicious cyber attacks. With these scams, these shadow workers have stolen nearly \$3 billion in the past year, according to [Chainalysis](https://blog.chainalysis.com/reports/2022-biggest-year-ever-for-crypto-hacking/).
*Learn more about* [*continuous employee background checks*](https://www.techtarget.com/searchhrsoftware/news/252514924/Employment-background-checks-shift-to-continuous) *to protect organizations.*
## 10\. Flash loan attack
Flash loans are loans for short periods of time, such as seconds to make a trade. These loans are popular in the cryptocurrency market because traders use funds to buy tokens on one platform with a lower price, and then sell that asset immediately on a different platform to make money. These moneymaking trades are all done in one transaction and the flash loan is repaid.
Because flash loans are not collateralized and there are no credit checks involved, an attacker takes advantage of borrowing money and using these funds to manipulate pricing on a decentralized finance platform. To manipulate the pricing, the attacker creates several buy-and-sell orders to create an impression of high demand. The attacker then cancels orders after prices increase, which will cause the price to fall immediately. The attacker can then make a profit by buying at a lower price on a different platform.
In February 2023, Platypus Finance was victim to a flash loan attack, which resulted in an \$8.5 million loss.
## 11\. AI scams
With the rise of artificial intelligence ([AI](https://www.techtarget.com/searchenterpriseai/definition/AI-Artificial-Intelligence)), attackers are finding new ways to deceive the cryptocurrency market. Attackers can use AI chatbots to engage with users, providing advice and promoting fake tokens. Chatbots are programed to tell investors about high-yield investment opportunities that turn into pump-and-dump schemes to artificially inflate the token value before selling off.
AI can also manipulate proof of work, which overexaggerates the cryptocurrency project to make it seem there are more loyal followers, and the token is legitimate. By inflating the followers, it makes it more difficult to research if a token is authentic.
Attackers can also use high-profile celebrities or business professionals to promote fake endorsement schemes related to cryptocurrency projects. By using [deepfakes](https://www.techtarget.com/whatis/definition/deepfake), attackers take the faces of famous individuals -- such as Bill Gates, Mark Zuckerberg and Elon Musk -- to say they are launching a new project. With the advancements of AI, the deep fakes look more realistic to dupe investors out of money by using someone they might trust for financial advice. A popular red flag in these deepfakes is the promise of a high rate of return in a short time.
## 12\. Bitcoin ATMs (or BTMs)
With the rise of ATMs -- or BTMs -- for bitcoin in convenience stores, gas stations and other areas to buy and send cryptocurrency, scammers are finding ways to use devices to steal. The FTC Consumer Sentinel Network states that fraud losses at BTMs are soaring with losses reaching \$65 million in the first half of 2024 alone. Not all losses are reported, so this number may be much higher.
The scams at the BTMs start the same as other types with calls or messages of suspicious activity or unauthorized charges on an account. The scammers will impersonate large companies such as Apple or banks and say a person's money or identification is at risk. The scammer may even say the person's information has been tied to illegal activity and they need to get money from the bank before accounts are frozen.
Scammers claim that BTMs are "safety lockers" and have people take money out of their bank and deposit cash in the BTM. The scammer will text a QR code to scan at the machine for this deposit sending the money to the scammer's wallet.
## How to protect bitcoin and cryptocurrency
To protect against [cryptocurrency scams](https://www.techtarget.com/searchsecurity/feature/Cryptocurrency-cyber-attacks-on-the-rise-as-industry-expands), some of the common red flags include the following:
- Promises of large gains or double the investment.
- Only accepting cryptocurrency as payment.
- Contractual obligations.
- Misspellings and grammatical errors in emails, social media posts or any other communication.
- Manipulation tactics, such as extortion or blackmail.
- Promises of free money.
- Fake influencers or celebrity endorsements that seem out of place.
- Minimal details about money movement and the investment.
- Several transactions in one day.
Protect digital wallets from scammers by practicing good digital security habits such as [strong passwords](https://www.techtarget.com/searchsecurity/tip/Top-5-password-hygiene-tips-and-best-practices), using only secured connections or VPNs and choosing safe storage. There are two types of wallets: digital and hardware. Digital wallets are hosted online and have a higher rate of getting hacked. Hardware wallets store information, such as the cryptocurrency wallet and keys, offline within a device.
Cryptocurrency is not insured by the Federal Deposit Insurance Corporation, so keeping it safe is vital. Never give wallet keys or access codes to anyone. If you receive a text or an email saying there is a problem with your cryptocurrency account or the owner's account has been compromised, go directly to the provider's website or use the trusted phone number on the site to ensure you are reaching a trusted source. Do not click on links or respond directly to those emails or text messages.
## How to report a scam
Anyone who believes they have seen a cryptocurrency scam or were part of a scam should report it immediately. Here are some organizations to report it to:
- Commodity Futures Trading Commission (CFTC): [CFTC.gov/complaint](https://www.cftc.gov/complaint).
- Federal Trade Commission (FTC): [ReportFraud.ftc.gov.](https://www.reportfraud.ftc.gov/)
- Internet Crime Complaint Center (IC3): [ic3.gov](https://www.ic3.gov/).
- U.S. Securities and Exchange Commission (SEC): [sec.gov/tcr](https://www.sec.gov/tcr).
In addition to the agencies listed above, the person should also immediately report to the cryptocurrency exchange used for the transaction.
*Amanda Hetler is a senior editor and writer for WhatIs where she writes technology explainer articles and works with freelancers.* |
| Shard | 182 (laksa) |
| Root Hash | 17789036595607440382 |
| Unparsed URL | com,techtarget!www,/whatis/feature/Common-cryptocurrency-scams s443 |