Scammers have been around forever − they might just be more ancient than dinosaurs. A home used to be a safe zone. Well, not anymore. You do not even have to step out of the house to be bombarded with scams left and right: anything can be a scam. What is the ultimate goal of scams? To drain you of your hard-earned money by preying on your gullibility and vulnerability, basically your emotions. When crypto and NFT exploded, scammers are quick to cash in on the craze too (what’s new right). I briefly talked about crypto scams in point six of the article “STOP! Are You Making These Crypto Mistakes?” (https://www.coinlive.com/news/detail/?id=9989) but will expound in-depth on it here.
This graph shows the reported crypto fraud losses by year. Since January 2021, close to 46k consumers have reported losses of over $1b in crypto payments ─ with about 70% being made in Bitcoin ─ to scams.
Life is tough enough as it is, so why are there scams around us to make it worse? Well, this is just one of those things you cannot control. But what you can do is to be vigilant so as to protect yourself. How? The fastest and easiest way is to learn about crypto and NFT scams by understanding them so you can spot the indicators early on to prevent (or minimise at least) yourself from falling into them.
This graph shows the reported crypto losses by fraud type. Since January 2021, consumers reported losing almost $600m in crypto to investment-related fraud.
Here are some of the more common or popular crypto and NFT scams to take note of:
1)Investment Scams
Crypto investment scams typically begin with an unsolicited offer that baits you to a fraudulent website to learn more about the opportunity. You are then encouraged to begin investing and earn money quickly when you are on the site. There is even a chance that there are celebrity endorsements or testimonials (fake ones) on the professional-looking site to make it look more authentic. Sometimes, you will make some small change that that is where they got you hooked. If not, once you complete a transaction, that is when nothing happens: the offer does not materialise and your money is gone.
This was what happened to a victim in Australian back in 2017. He stumbled across an Instagram post advertising the chance to make a 50% return for Bitcoin mining. He ended up contacting the person and the scammer went on a long spiel about the profitability of Bitcoin mining. In addition, the Instagram account was full of testimonial videos and other people endorsing the service, along with thousands of followers. But being skeptical, he sent the site $50 initially and got back $30 profit. It was a fast track downhill from there: he pumped in hundreds of dollars, then thousands, and even told his family and friends about his newfound opportunity. The scammer vanished once all the money came in. Not only did he lose his money, some of his friends no longer speak to him. Talk about double tragedy. In his case, it can also be considered a social media scam since it originated from Instagram.
The scammer posted about fake payouts on Instagram to trick people into thinking the scheme was legitimate
Anything that promises guaranteed returns, having to put in cash first, limited-time offers, etc, are red flags. With no centralised authority to flag suspicious transactions and attempt to stop the fraud before it happens, it is all up to the users. The age-old adage ‘if something sounds too good to be true, it probably is’, is something to always keep in mind.
2)Romance Scams
Don’t we all need some love? That is exactly where it is a goldmine for scammers. These scams tug on the victims’ heartstrings ─ cybercriminals play the part of an online love interest, gain the victim’s trust and ask them for money, including crypto. They then pocket the funds and runs. They can be referred to as ‘pig-butchering’ scams where victims are “fattened up” through online romances.
A victim in Kaohsiung, Taiwan, fell prey to a crypto romance scam through Douyin, the Chinese version of TikTok. She liked a couple of videos of a wealthy and attractive Chinese man and soon, she got a message from him; this started a month-long online romance. It was not long before the man started coaching the victim on how to invest in crypto (like when to buy when the price was low and sell when the price was high) so she could live the same life that he was showing off on social media. The victim eventually transferred all her savings to a fake website of an exchange called Citi.mt4 and was not able to take out her money unless she paid a hefty tax. The website vanished one day along with the man she fell in love with, racking up losses of $88,870.
Screenshots of websites used by scam victims
This is one of the hardest scams to get out of because it touches the matters of the heart. Once you feel that you love and trust someone so much, chances are, you will be oblivious to what they do until it is too late. Then what can you do to minimise falling for such scams? Do not date online? That does not sound right. Date with a large pinch of salt and walk away if the other party ever asks you to send funds or purchase something for them. When it involves output on your end, just treat it as a lesson learnt before you lose anything.
3)Rug Pull Scams
Scammers “pump” up a new project, NFT or coin to get funding, then disappear with the money after getting it (Known as pump-and-dump schemes too). The coding for these investments prevents people from selling the coin after purchase, so investors are left with a valueless investment. This kind of scam is very common for NFTs too.
Summarised by Web3 is Going Great, a website that tracks all scams daily. The developers of Day of Defeat promised a 10,000,000x price increase and plenty of people bought in. The project was rug pulled after $1.35m was pulled out, causing the token to drop over 96%
4)Phishing Scams
This old-school cyber attack often occurs over email ─ scammers send emails with malicious links to a fake website to gather personal details such as crypto wallet key information. Once they have your information, they can enter your crypto wallet to transfer your crypto out or steal your beloved NFTs to sell.
Actor Seth Green had his entire NFT collection lifted from him after falling for a phishing scam and his losses included his Bored Ape Yacht Club (BAYC) #8398, two Mutant Apes, and a Doodle NFT. He got his BAYC back at the cost of $297,000, yes, he paid for it twice, a six-figure price each time
To avoid phishing scams, never enter secure information from an email link; go directly to the site, no matter how legitimate the website or link appears.
5)Giveaway Scams
Somewhat of a cross between impersonation and social media scams, giveaway scams lure victims to an opportunity to send money to someone promising they will multiply the payment. Some of these scams also include fake celebrity or “legit” companies promoting giveaways to lure people in. Then when someone clicks on the giveaway, they are taken to a fraudulent site asking for verification to receive the giveaway. The verification process includes making a payment to prove the account is legitimate. Besides losing the payment, you can have your personal information and cryptocurrency stolen.
Popular YouTube channels hacked and having giveaways
Remember this; nothing in the world is free, and if it is, there is usually a catch to it. No legitimate company or celebrity will contact you directly with a giveaway (like why???). The more text there is, chances are that there will be spelling and or grammatical errors. All these are telltale signs of a giveaway scam.
6)Impersonation Scams
The cybercriminal will pose as a trusted source to convince victims to complete a crypto transaction. This disguise might be of government authorities, credit card providers, banks, service providers, fake celebrities, or even people you know. They will reach out to you and request you complete crypto payments so as to multiply your money.
One of the more well-known impersonation scams is that of Elon Musk. Scammers pretended to be Tesla boss Elon Musk and scammed more than $2m in six months according to U.S. consumer-protection officials.
Twitter accounts of past and present presidents that were hacked and used to solicit cryptocurrency from followers
As we all know, crypto is not regulated by the government and it is not widely accepted by businesses as payment (yet), so exercise caution when you receive email requests for crypto payments. Always double-check with the actual source through another communication channel and verify its security before completing a transaction.
7)“Free” NFT Scam
NFTs are all the rage these days; even an amateur like me owns at least one NFT. But sometimes, it is good to mint an NFT for “free”. Unfortunately, as sceptical a person as I am, I am still vulnerable to freebies. Upon spotting a free mint on OpenSea, I was quick to click on it. During that moment, the only information about the NFT was that it will be revealed “soon” and I only had to pay a dollar or less in gas fees, so why not. Turns out, I just fell for a scam without knowing till it was too late. The promise of a free NFT, the super low gas fees, plus there were quite a lot of users like me who had minted already; so why not? It turned into “why so stupid”. The NFT’s content has been forever not available and its twitter account is suspended too.
“Free” NFT with super low gas fees clouded my judgment momentarily
Yes, there are actually free NFTs are out but always DYOR first: always ensure the source is legit first.
8) Collaboration NFT Scam
Yet another NFT scam is the collab scam. A legit company will contact you directly with a limited-time only or limited-amount only offer with collaboration with a well-known celebrity or organisation; maybe a limited amount of NFTs are being made available to the public or some one-of-a-kind NFTs can be yours for a low price, and so on. If you do not DYOR or are not careful enough, you just might end up clicking on something you will end up regretting later.
A fake Clay Nation collaboration with Snoop Dog that entails only 1000NFTs be available to the public
Crypto and NFT scams are rampant; you have to be cautious no matter what or where. So how do you minimise or even prevent yourself from falling prey? Here are some telltale signs you may have been exposed to a scam:
- Guaranteed high returns
- Spelling and or grammatical errors
- Too-good-to-be-true offers
- Refusal to disclose contact or website information
- “Officials” requesting for your wallet seed phrase, inviting you to a different server, contacting you via direct messages (DMs) first, or asking you to click a link to “fix” your wallet
With the above in mind, how then do you protect yourself from crypto & NFT scams?
- Do your own research (DYOR)
Do not trust what others say so easily; DYOR to find out the legitimacy of the crypto or NFT project. There is so much resources and information on the web so ensure you filter, filter, filter. It is better to do some basic research than not at all.
- Amp up your password authentication
Set up two-factor authentication or even better, multi-factor authentication, to keep your account secure. It might be a pain but the extra layer(s) of protection does not hurt.
- Invest in reputable, better-known projects
A tried-and-tested project is usually safer than a brand new, small-scale one. Or make sure the creators have a stellar track record at least.
- Be wary of giving permissions to your wallet and never give your seed phrase to anyone
Avoid giving unknown people access to your wallet if you do not understand the type of permission you are enabling, as doing so allows them access to your crypto assets.
With your seed phrase as well, scammers can log into your wallet from their own device and make away with whatever you have, so keep it in a secure place and never, under any cirumstances, give it to anyone
The above message was sent on Discord on 30 Sep 2021 to thousands of users. Users got redirected to a phishing site when they clicked on the link and were asked for their Metamask password and seed phrase.
- Verify links
Take the time to check the links as scammers will modify URLs by replacing letters to lure users into visiting illegitimate websites.
- Be sceptical, ALWAYS
It is always good to take a step back and be doubtful first.
- Check the name of the project
Most major projects name their account on OpenSea exactly the same. If you see some names with period, hashtag, singular forms, etc, they are fake. If still in doubt, check the official name on rarity.tools.
- Look for a verified badge
Most major projects will have a verified badge while scam projects do not. Make sure the badge is located outside of the icon image, not inside.
- Check the number of items and volume
Usually fake projects will have less than 1,000 items, the volume traded is very low, and the floor price is too-good-to-be-true.
- Check properties
Click on any image of the NFT project and look at the “Properties” tab. Official ones have properties that describe its various traits while fake ones usually do not.
What official properties look like
These are some fundamental steps to take to better safeguard yourself and your crypto assets. This is pretty extensive in covering some main crypto and NFT scams but scams are ever-evolving because scammers are always devising new ways to lure us in. The bottom line is that you may not be able to avoid all scams, but never be too greedy or eager to make a quick buck. Always follow the most basic rule: if something is too good to be true, it probably is.
Disclaimer: The content in this article is by no means financial advice and is purely for educational/informational purposes only. Please DYOR before making any decisions.
Written by: [Coinlive] Catherine
Cheng Yuan
