Crypto scams are steadily becoming the new standard for online fraud. An increasing number of cybercrooks target assets such as cryptocurrency, utility tokens, non-fungible tokens (NFTs) and even entire crypto wallets.
Although Web3 still has a long way to go in terms of infrastructure, security and optimization, it’s becoming clearer that, ultimately, we’ll adopt it. Decentralization looks tempting, and many companies and individuals rush to embrace it without fully understanding or assessing the risks.
Scammers, con artists, fraudsters, crooks and hackers are currently among the most significant threats to Web3 adopters. It’s not much different than before; they just adapted their techniques.
More alarming, cybercriminals can seemingly shift from the centralized (Web2) Internet to its decentralized (Web3) analog. Sometimes they even combine techniques to unleash devastating attacks against unsuspecting victims and steal their crypto assets. Some of the most common crypto scams include:
One of the most frequently used crypto scams is the fake website. Perpetrators create a decoy website, often mimicking a legitimate one, to trick unsuspecting victims into handing over their crypto assets.
Fake airdrops, for instance, are a popular scheme nowadays. Users are promised free crypto assets, but they’re required to link their wallets to the fake website to receive them. A sense of urgency is also involved, as the airdrops are often accompanied by countdown timers or an amount counter that keeps dropping.
Users who fail to recognize the scam quickly become victims after not only linking their wallets but also handing their recovery phrases or signing malicious transactions without checking them thoroughly.
A crypto scam with a different approach, the pump and dump, is just as dangerous for one’s crypto assets. This scheme works by creating a lot of hype around a new crypto product using various channels such as email or social media.
Enthusiasts who don’t want to miss out on the seemingly promising asset hurry to buy it, which naturally drives its price up. This, in turn, creates more hype, which could attract buyers who were initially hesitant. Once the price reaches a certain threshold, scammers sell their coins, triggering a crash of the crypto asset’s value.
Fake apps are no novelty; for years, scammers have been creating malicious versions of a legitimate app and tricking users into installing it on their devices.
Fake crypto wallet apps are by far the most common. While they’re easy to mitigate, they’re also largely effective. To entice people into downloading and installing malicious apps, scammers pair them with giveaways, airdrops and bonuses that will never be handed over.
Most of the time, users have to download the apps from external sources, but sometimes fake apps slip through undetected even on Google Play Store and Apple’s App Store. Although legitimate stores quickly catch on to the scheme and remove the malicious content, fake apps can inflict significant damage in the meantime.
In this scenario, perpetrators craft seemingly legitimate websites with malicious forms the victim needs to complete. Most of the time, scammers use login forms to trick their targets into handing over their credentials.
One of the most critical assets in a crypto environment is the wallet’s recovery phrase. Therefore, crypto phishing attempts usually ask for it.
Dedicated software solutions such as Bitdefender Ultimate Security can help you fend off scamming attempts, with features like: