As we move into 2024, the cryptocurrency market faces increasing threats from cybercriminals. In fact, hackers have been using more sophisticated methods to separate investors from cryptocurrencies. According to Chainalytic, illicit addresses will generate over $24 billion in revenue by 2023, a stark reminder of the ongoing risks.
From ransomware and phishing emails to darknet marketplaces, the proliferation of scams highlights the urgent need for vigilance among cryptocurrency enthusiasts. Here are the best cryptocurrency scams to avoid in 2024.
Beware of smishing attacks
One sneaky tactic to get attention is “smishing.” This method involves sending fraudulent SMS messages pretending to come from a reputable source, such as a cryptocurrency exchange. Basically, the goal is to trick the recipient into divulging sensitive information or clicking on a malicious link.
The term ‘smishing’ combines ‘SMS’ and ‘phishing’ to emphasize the nature of phishing attacks via text messages. IBM describes smishing as a social engineering attack that aims to manipulate individuals into compromising security.
To counter these threats, users are advised to closely examine the source of text messages and avoid engaging with suspicious links.
When it comes to smishing scams within the cryptocurrency market, there was a notable incident involving Binance, one of the largest cryptocurrency exchanges. The platform and its users have been targeted by smishing attempts. Basically, scammers send SMS messages pretending to be Binance to phish user credentials and other sensitive data.
In one particular case, a Binance customer in Hong Kong lost nearly $500,000 due to this SMS scam. The incident highlighted the vulnerabilities associated with SMS communications and the sophisticated techniques used by fraudsters to make messages appear legitimate, including SMS spoofing.
The rise of romance scams
Romance fraud, or “pig slaughter,” has grown exponentially, causing billions of dollars in losses. These scams use social media, dating apps, and other platforms to build trust with potential victims, eventually demanding cryptocurrency under their pretense.
Last year, romance scammers defrauded victims of $139 million worth of cryptocurrency, according to the Federal Trade Commission (FTC). These scammers often initiate relationships through dating apps or social media, quickly professing their love, and then directing conversations about lucrative cryptocurrency investments to trick their victims.
Read more: Cryptocurrency Social Media Scams: How to Stay Safe
The FTC has warned about online scammers asking for money or offering to invest in cryptocurrency, signaling the potential for fraud.
“They say they made plans to visit but are being delayed by costly issues like lost tickets or visas, medical emergencies, or blocked accounts. He said he could come see me if I sent him money. But the moment your significant other asks you for money online, you know it’s a scam,” the FTC wrote.
The FBI also reported a trend where romance scammers are increasingly pressuring their victims to invest in cryptocurrency, resulting in significant financial losses. In 2022, 19,050 victims reported losing $739 million to romance scams, many of which involved fake cryptocurrency investments.
“Online dating is commonplace these days, but unfortunately scammers are also thriving on the same sites. If you are looking for love or friendship online, you must first understand the risks of being exploited. Scammers will always ask for something eventually, so set boundaries ahead of time and never send money to someone you’ve never met,” said FBI Agent Sherri E. Onks.
Fake QR Codes: The New Scam
Fake QR codes, also known as “quishing,” have become a widespread scam that targets individuals in a variety of ways. This cryptocurrency scam uses QR codes that, when scanned, redirect victims to a fraudulent website.
These sites may mimic legitimate payment platforms and trick users into entering personal and payment information, which scammers can exploit to make fraudulent purchases or sell on the dark web.
YouTube channels have become the latest battleground for cryptocurrency scams. In fact, attackers are using advanced deepfake technology to impersonate celebrities such as Elon Musk, Ripple CEO Brad Garlinghouse, and MicroStrategy’s Michael J. Saylor. Scammers use deepfake videos to create the illusion of legitimacy, promising viewers hefty returns on their cryptocurrency investments.
Despite efforts by cybersecurity companies to develop detection tools, these scams have proven difficult to eradicate. This technique involves the unauthorized use of live streams, QR codes and malicious links to trick viewers into doubling their investment and fleece their funds.
YouTube’s large user base, with a total of 2.7 billion active accounts, makes it an attractive target for these criminals. Some channels with millions of subscribers have been manipulated to mimic reputable brands, netting scammers more than $600,000.
To protect against these scams, the FBI suggests treating QR codes with the same caution as suspicious emails. Always check the source before scanning a QR code. If your QR code is in a public place, look for any signs of tampering or alteration. Be wary of unsolicited QR codes sent via email and avoid scanning them.
“Some scammers physically paste fake code on top of legitimate code. If the code appears to have been tampered with, do not use it. The same applies to legitimate advertisements you choose or receive by mail. Finally, consider using antivirus software that offers a QR reader with enhanced security features that can verify the safety of the code before opening the link,” the FBI wrote.
By carefully practicing these precautions, you can help protect yourself from fraudulent activity.
The threat of fake trading bots
The rise of fake cryptocurrency trading bots has been a major concern in the cryptocurrency industry. In fact, various scams target investors hoping to benefit from automated trading systems. These scams often leverage the allure of artificial intelligence (AI) to create a veneer of legitimacy and promise unrealistic returns.
Moreover, they may use fake endorsements from celebrities to add credibility to their schemes. Investors are advised to be wary of platforms showing manipulated numbers, check company details, assess the language quality of the website and look for user complaints on consumer forums and sites such as TrustPilot.
The U.S. Commodity Futures Trading Commission (CFTC) has issued a warning about AI trading bots, highlighting that they often promise huge cryptocurrency profits without any real basis. Therefore, investors are advised to thoroughly research providers and avoid investing money in algorithms that claim large returns without verifiable evidence.
“When it comes to AI, the advisory tells investors to ‘beware the hype.’ Unfortunately, AI has become yet another means for malicious actors to defraud unsuspecting investors,” said OCEO Director Melanie Devoe.
The warning is part of a broader effort to educate investors about potential scams exploiting arbitrage algorithms or social media hype.
Discord Hacks Target Encryption
Discord is a widely used communication platform within the cryptocurrency community. However, this place has become a hunting ground for hackers. Cybercriminals can compromise administrator accounts to spread fake notices and links, causing financial losses to unsuspecting users.
These cryptocurrency scams have specifically targeted non-fungible token (NFT) projects. In fact, there has been an alarming increase in phishing attacks via Discord, with millions of dollars in losses reported. These attacks have become more sophisticated, leveraging social engineering techniques like phishing and exploiting vulnerabilities in Discord bots like Mee6.
Attackers focused on creating a sense of urgency around NFT mining events to trick users into clicking on malicious links..
One notable example of such an attack was Yuga Labs’ Discord server (2022), which created the Bored Ape Yacht Club (BAYC) collection. The social manager’s verified Discord account was hacked, and the attackers used it to post promotional material leading to a phishing site to scam users into sending them Ethereum (ETH) in exchange for a mining fee. This resulted in NFTs being stolen from the victim’s wallet.
To protect against these scams, individuals should be aware of common attack vectors on platforms like Discord. Awareness of phishing attacks that use language that induces FOMO is key to mitigating the risk of becoming a victim of these scams.
Read more: 15 most common cryptocurrency scams to watch out for
As communities and law enforcement agencies work to strengthen security measures, users must protect their assets and personal information from sophisticated cybercriminals.
disclaimer
In accordance with Trust Project guidelines, these feature articles present the opinions and perspectives of industry experts or individuals. While BeInCrypto is committed to transparent reporting, the views expressed in this article do not necessarily reflect the views of BeInCrypto or its employees. Readers should independently verify the information and consult with professionals before making any decisions based on this content. Our Terms of Use, Privacy Policy and Disclaimer have been updated.