10 common crypto scams and how to avoid them

For those of you that are new to crypto, welcome to crypto. I hate to break it to you, but the crypto world is harsh and ruthless, filled with scams and exploitations. That is why we’ve written this piece to help you avoid the dangers and hopefully invest more safely and securely. For those who have been around the crypto space longer, this could still be worth your time given how nascent the industry is and how quickly threats to investors evolve.

First and foremost, crypto is a risky investment decision, so please consider your financial position before investing. Also, for legal reasons, I am not a financial advisor and everything you read here should not be taken as financial advice.

I like to consider myself someone with some experience in crypto. Even so, I have been a victim of “rug-pull” and “pump and dump” schemes. It is difficult to avoid these scams when investing in crypto, and that is why I’ve set out to write this article, so that you do not make the same mistakes that I did.

🚨 Crypto platform hacks

We start with the recent Curve Finance hack. As I sat here writing this article, news started popping up about another cryptocurrency hack. This time it was Curve Finance who was on the wrong end of the stick. Hackers managed to steal $570,000 from the decentralized finance protocol, Curve Finance. Thankfully, the majority of the stolen funds have been recovered by Binance.

According to experts, the hacker apparently used a DNS spoofing attack to clone curve.fi, and then redirect the DNS points to his IP address, adding an approval request to a malicious contract to steal users’ funds. Hacks like these have been surfacing regularly over the last few months. Unfortunately, it is one of the risks when investing in crypto, a space that is still in its nascent stages of development. As such, the understanding of security protocols may be limited, making them vulnerable to exploitation by hackers. Hopefully, this should improve over time with greater investments in security. A case in point, centralized exchanges were once the favorite target of hackers, but advances in security protocols have seen a drop in successful cyber attacks.

If you want to keep your funds as safe as possible, the best way to do so is by keeping them in a personal wallet, potentially even a cold wallet (wallet not connected to the internet). Keeping your coins off of centralized, and even decentralized, exchanges and limiting the amount of cross chain bridges is the best way to keep your cryptocurrency safe. However, this will certainly limit your access to the many exciting developments in the crypto space. You have to decide and find the right balance for yourself.

🚨 Pump and Dump

So what is a pump and dump? In a pump and dump scheme, a group of investors with a large portion of a crypto (called whales) will promote and hype the crypto they own. The promotion of the crypto usually leads to the price of the coin increasing significantly. This is considered the pump. The increase in price gives the whales a prime moment to sell off their large holdings. When they sell in large quantities, the price drops significantly. This is the dump. Eventually, the whales would have sold their crypto for profit and the smaller investors would be stuck with a lot of worthless crypto.

Avoiding a pump and dump is difficult. Most of the people get caught up in the hype and fall victim to such schemes. These schemes are typical with smaller lesser-known projects. This is because smaller projects do not have the large numbers of investors yet and it’s easier to be a whale with a low investment. In this sense, Bitcoin, Ethereum and other cryptos with a larger base of holders could be safer investments. You can protect yourself by always DYOR or doing your own research, and managing your investment risks accordingly.

🚨 Rug pull

According to Coinmarketcap, “A rug pull is a malicious maneuver in the cryptocurrency industry where crypto developers abandon a project and run away with investors’ funds.” Wait, but how is this possible you may ask? Malicious crypto developers could seek investments under the pretext of raising funds to support the development of the project. Funds are typically raised in a cryptocurrency native to the chain. For example, a project on Binance Smart Chain (BSC) would likely request for investments in BNB in exchange for the new, scam token.

How can we avoid falling victim to a rug pull? Well, the majority of rug pulls are seemingly projects with a promising list of future plans and developments, some of these are too good to be true. The projects will also have very little development when they decide to raise funds for the projects. These are two clear warning signs. Of course it doesn’t always have to be a rug pull, so how can you know for sure? Once again, DYOR. You can check if the team is doxxed (publicly identifiable) and the past track records of developments they have worked on It may also help to check to see if the project is backed by reputable partners or sponsors. Most of all, don’t put all your eggs in one basket and never, ever invest more than you can afford to lose.

🚨 Giveaway scams

If you have been in the crypto world for a while, you will have seen these before. They are incredibly annoying and frequent. Someone will reach out to you on whichever social media platform you use, Twitter, Discord, or Whatsapp. They are everywhere. They will usually inform you that you have won a certain amount of crypto and potentially send you a link. DO NOT CLICK THE LINK. This is a phishing attempt by the hacker to gain access to your sensitive information or to deploy malicious software on your devices. Clicking the link may thus compromise your wallets and the cryptocurrencies within. Less than a year ago, a man in the UK lost half a million dollars worth of Bitcoin to such a giveaway scam.

Another common scam is the “send me ‘x’ amount crypto and I’ll send you ‘2x’ back”. In the web2 world, this is known as the advance-fee scam or more commonly the ‘Nigerian prince’ email scams. Obviously, no one will be sending you any cryptocurrency back.

How to avoid: Use common sense, do not enter any unverified giveaways, and do not engage with people that seem dodgy. Most of these messages are scams. If you are worried that you will fall victim to these scams, tune your privacy settings so that people that are not your friends are not able to send you personal messages.

🚨 Airdrop scams

This is a type of giveaway scam, but they are so common that we thought we would write an extra piece about them. Here scammers will lure people into a fraudulent website to claim an airdrop. They will ask you to connect your wallet or social media account and in the moment that is done, the scammer will collect sensitive information to your crypto wallet giving them access to your cryptocurrencies.

There is a common saying in crypto which is: “Not your keys, not your coins”. Do not ever share your keys to your crypto wallets on any website, with any friends or even family members. Just don’t. Also, avoid connecting your wallets to just any websites. Ensure that you DYOR and only connect to verified and official websites.

🚨 Service provider scam reports

This will usually be done by personal messages again. An account, usually called “Service bot” or “Service desk” will dm you saying there is some issue with your account and will try to get you to tell them your account information. They could be any kind of service bot “Twitter service”, “Discord service”, “Apple help desk”, you name it, they have tried it. They will often use the logo of the company they are trying to impersonate.

How to avoid: A service desk will never send you a private message first! If you think it looks official, go to the website of the service desk that they are trying to impersonate and see if you can contact the service desk through their website. Service desks will never ask you to disclose personal information, passwords, or private keys. So be aware and be careful. Again here, DYOR and verify the links and messaging services.

🚨 Phishing scams

This is similar to the service provider scam, but the person phishing does not necessarily impersonate a service desk. This could be someone that you get in contact with through social media, someone you have never seen before. They will befriend you, try to get close to you and then eventually they will try to get you to disclose account information such as passwords, private keys, etc.

“Not your keys, not your coins”. Simple as that, do not share those private keys with anyone, not even your friends. As soon as you share your keys, your coins are at risk.

This can be avoided by adding an extra layer of security to your wallets, 2 factor authentication for example. But still, never share your keys.

🚨 Crypto mining scams

Mining earns you cryptocurrency without you having to invest money in it. Usually you will have to offer up computational power of your device to secure the blockchain by solving cryptographic ‘puzzles’ in order to authenticate the transactions on the blockchain. In return, you will receive crypto for the completed and verified transactions.

In a mining scam, people will again send you private messages, usually explaining to you how much money they earn by mining a certain crypto. They will often ask you to stake or send a certain crypto through a dodgy website and will claim that they will start mining with your crypto for you. This is not true as this is not how crypto mining works.

I have had a person sending me a personal message asking me to invest in his mining facility. He claimed to be mining Ethereum and needed a little extra capital to start up another mining rig. Avoid sending cryptos to unverified wallets and always do your research on mining projects. If something sounds too good to be true, it usually is.

🚨 Staking scams

Staking is when you pledge your cryptos to a “pool”, which usually has a lock time, and then you get returns as stated on the website. This is often done as a way to reward people for holding a crypto and not selling. Staking scams will be done through dodgy websites where they will usually offer high annual percentage yields (APY).

What can happen in these cases is that the project owner uses the high APY to make the crypto more attractive to buy for new investors and then just before the lockup time on the staking pool ends, the project owner pulls a pump and dump or even rug pulls. It is also possible that the “staking” website ends up being fake and you just send your crypto directly into someone’s personal wallet. How to avoid this? Verify the websites, research the projects and again, don’t risk more than you can afford to lose.

🚨 Celebrity impersonations

Lastly, we have cases of celebrity impersonations. We have all seen Elon Musk’s tweets about Doge and what it has done to the price of Doge. This has led to people using fake accounts impersonating celebrities in an attempt to spread fake news to pump crypto or steal your crypto through private messages.

There is a famous case from Doge where the owner pretended to be Elon Musk and said that he would send you 2 Doge coins for every Doge coin you sent him. Most people started by only sending a small amount to see if it was legit, and the scammer held his promise and sent double the tokens back. This hyped up the project significantly, and eventually the Elon Musk impersonator stopped sending back Doge.

Celebrity impersonations are also getting more sophisticated these days. Check out the deep fake video of Elon Musk promoting a trading platform claimed to be owned by himself, and offering 30% returns on crypto deposits. The video is obviously fake but it demonstrates that scammers are constantly evolving and employing new tactics to commit fraud.

Be aware that there are fake accounts out there. Always DYOR, do not take what you see on crypto project websites at face value and always take your time to verify that what you see is true.

Thanks for reading and stay safe out there everyone!

Written by "Joost"
Find me on discord here: JoostLint#4081

About Making Cents

Community-powered 'Learn-to-Earn' platform built by VITE community.

Follow us on our socials!
Twitter: https://twitter.com/BeMakingCents
Discord: https://discord.gg/XkNPut8eNT