4 common bitcoin scams you should know about | finder.com

How to spot and avoid a bitcoin scam

We value our editorial independence, basing our comparison results, content and reviews on objective analysis without bias. But we may receive compensation when you click links on our site. Learn more about how we make money.

What bitcoin scams look like and how to stay safe online.

Scammers have been fleecing people since the invention of money, and every new generation of technology sees scammers taking full advantage.

And bitcoin in particular is a scammer’s dream for several reasons:

  • Very few people really understand it. This makes it easier to make false promises and unusual moves without getting caught.
  • It’s mostly anonymous. It’s a lot easier for scammers to cover their tracks. Once bitcoin or other cryptocurrencies have been stolen, they are probably never coming back to their rightful owners.
  • It’s largely unregulated. There are ways for scammers to steal bitcoin without breaking the law, and there are few authorities that will ever go after them.

Fortunately, most of the same rules apply. A bit of common sense will keep you safe from most scams, and a bit of know-how can keep you safe from bad actors looking to scam you.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

What do you need to look out for?

There are some common scams to watch out for. Most are rehashed versions of age-old tricks, but there are also a few new risks to watch out for.

  • Your everyday scam attempts
  • Virus and malware downloads
  • Ponzi schemes
  • Fake and imitation wallets and exchanges

Let’s review each of those in turn.

Your everyday scam attempts

If a Nigerian prince emails you to say that he just inherited a fortune in bitcoin and wants to share it, it’s a scam.

If someone claims to be with the IRS and threatens you with legal action unless you send them some bitcoin right away, it’s a scam.

Watch for these kinds of attempts to get at your money. Don’t send money or bitcoin anywhere unless you know exactly who you’re sending it to.

Malware downloads

The Internet age brought a lot of viruses, malware and other nasties into the world.

Unfortunately, the value, anonymity and entire digital nature of cryptocurrency means scammers can now make money a lot easier with dangerous downloads.

As always, you shouldn’t click on unknown email attachments or potentially dangerous links.

You should also be very aware of bitcoin being used as bait. For example, a post on social media where someone says you can mine bitcoin just by downloading a program or a link to a supposed bitcoin exchange that offers freebies to get you started should always be treated with suspicion.

There are plenty of safe, legitimate and secure cryptocurrency exchanges, but you probably won’t get to them by following strange links.

Instead, do your own research. Do your homework with Google or sites you know you can trust, and seek out your own services rather than trusting the ones that come to you.

The following are two ways to help ensure your security, even if you do get malware:

  • Use 2-factor authentication every time.
  • Use a “cold” offline wallet. A “hot” wallet is one that’s connected to the Internet, while a “cold” wallet is one that’s held offline. Having multiple physical cold wallets in separate locations is usually considered best practice. This is often how exchanges, traders and other people secure the most valuable wallets.

These easy security measures, plus some common sense, can give you the upper hand over malware even if you’re not particularly tech savvy.

To steal from people, malware usually needs to be subtle and sophisticated. For example, the “Cryptoshuffler” trojan.


This trojan has been around since 2016, according to Kaspersky. It infects computers and then sits almost invisibly in the background until the right time.

The right time is when the user copies and pastes a string of characters and digits that look like a cryptocurrency wallet address. When that happens, it simply replaces that address with the Cryptoshuffler’s own wallet address.

Unless the user spots the difference in the address, he or she will end up sending coins to the Cryptoshuffler wallet rather than the intended one.

At the time of writing at the beginning of November 2017, about 23 bitcoin (over $180,000) in total has been reportedly sent to the Cryptoshuffler wallet address.

Fake initial coin offerings (ICOs), Ponzi schemes and other get-rich-quick scams

Scammers use many ways to get at your cryptocoins, so let’s shine a spotlight on some of them:

Fake ICOs

Fake ICOs invite people to get in on a newly created coin that’s going to take off and be the next big thing. These can be tricky because sometimes the creators themselves might not even know that they’re peddling junk.

Avoid ICO scams by knowing exactly what you’re getting into each time. You need to decide for yourself whether a new coin has the potential to take off and whether the developers know what they’re doing. If you don’t have the know-how to make a judgment, you should probably avoid all ICOs.

How bitcoin Ponzi schemes work

Someone offers an opportunity that promises an incredible return on their money thanks to the magic of bitcoin. A lot of people buy into it, and then someone runs off with all their money.

At first, it might look as though it actually works. The numbers in your account might be increasing as promised, and occasionally someone might come out to talk about “how it really works” and how it changed their life.

But when you actually try to get those funds back, you might find that the “customer service” isn’t very responsive, there are technical issues, the money will be returned soon or a number of other excuses. Then one day the company simply disappears, and the money is never seen again.

Ponzi schemes can be nefarious in the world of cryptocurrency. Most people know very little about cryptocurrencies, other than that it’s making millionaires. This makes selling big promises easier than ever.


BitPetite claimed to be a bitcoin tumbling service. Tumbling is a real service that mixes up coins to hide their origins, much like a kind of blockchain money laundering operation, but BitPetite wasn’t really a tumbler.

It promised an incredible 4%-per-day return on people’s money, explaining that it needed a flow of fresh bitcoin to tumble, and in return, it gave you the 4% commission that it charged for the service.

Like most Ponzi schemes, there was an explanation for how it all worked, and it made some sense.

The scammers organized a social media and advertising campaign to attract new users, and they even seemed to actually offer tumbling services and provide different professional-looking investment packages.

Eventually word got out that it resembled a textbook Ponzi scheme, and the flow of new “traders” slowed down. That was its cue to take the money and run.

So one day it announced some routine downtime for maintenance and never came back online again. Everyone who was trading there at the time lost their money.

How to avoid falling for a cryptocurrency Ponzi scheme
  • Beware of too-good-to-be-true offers. Think about whether the promised returns are really sustainable and what the numbers actually mean. If it seems too good to be true, it probably is.
  • Do your homework. If it resembles a Ponzi scheme, you might be best off avoiding it – especially if there are hundreds of people who agree. Some legitimate services might be accused of being a scam, while some scams might go undetected for a while. When in doubt, don’t spend any money that you can’t afford to lose.
  • Check for the signs of legitimacy. Check whether the company is a registered corporation and whether you can identify the owners. Scammers probably value their anonymity.
Pyramid schemes

Pyramid schemes are popular because they work. Even before cryptocurrency, they could still take in millions of dollars for the operators at the expense of everyone else who got sucked in.

And there are still plenty of pyramid schemes out in the world, operating in a legal grey area under the guise of legitimate businesses.

Fake and imitation wallets and exchanges

The No. 1 way to avoid the fakers might be to stay on the well-trodden path and use only the biggest and best-known services.

Better-known services are generally safer, but they’re also more likely to attract imitators. These imitations try to trick people into logging on, at which point they’ll take the account details and use that to try accessing your real account.

This used to be a fairly common online banking scam. People would receive an email claiming to be from their bank, inviting them to follow an included link. But the link would instead take them to an imitation site. At a glance, it would look like the real bank website, but if an unsuspecting customer logged in, the scammer would get their real online banking username and password.

The same scam can now be found in the world of cryptocurrencies.

Whether you’re looking at a wallet or a bitcoin exchange, the safest practice might be to:

  • Avoid the new. Let the early adopters take the risks, and don’t get involved until you can be sure it’s legitimate.
  • Use the most popular. There’s safety in numbers.
  • Make sure you know what to expect. Once you know what to expect from an exchange or a service, you can more easily spot problems and imitators.
  • Always use 2-factor authentication. This usually involves having a unique code sent to your phone whenever you need to log in. It can be a hassle but offers significantly increased protection.
  • Check the URL before you sign in. If nothing else, get in the habit of scanning the URL bar to look for the “https” and “secure” lock symbol, and checking that the URL is correct.

Poloniex is a large, prominent and legitimate crypto exchange. On one hand, this makes it safer. On the other hand, this also makes it more of a target. One day, some Poloniex users discovered that people were sharing links to the Poloniex mobile app.

The only problem was that Poloniex didn’t have a mobile app. By logging into the imitation app, Poloniex users handed scammers their account details.

Those who used 2-factor authentication as a matter of practice might have been fine, but those who didn’t would have lost everything in their accounts.

Was this content helpful to you? No  Yes

Ask an Expert

You are about to post a question on finder.com:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our and .

4 Responses

  1. Default Gravatar
    troveenMarch 15, 2018

    i think i am about to be frauded , i registered to a company called BITFLEX, hoping on buying and selling bitcoins but for the past one week my money has been hanging while they keep telling me to chill. please could u help me look up the company @bitflex.com

    • finder Customer Care
      joelmarceloMarch 20, 2018Staff

      Hi Troveen,

      Thanks for leaving a question on finder.

      Please note that we are a comparison website and we can not vouch for a company as we do not represent any of the providers on our page.


    • Default Gravatar
      KagiraJune 23, 2018

      Is AWS a scam? Thank you .and as blockchain and cryptocurrency how can you protect the community to know MORE about cryptocurrency which are scam and which are genuine so that enjoy their crypto savings without fear. Thanks. Jk

    • finder Customer Care
      JoshuaJuly 1, 2018Staff

      Hi Kagira,

      Thanks for getting in touch with finder. I hope all is well with you. :)

      AWS is a company focused more on mining cryptocurrencies. While I’m not in the best position to determine its legitimacy, I advise that you read as much information as possible about this AWS. Read about what people say about the company and their level of security.

      Moreover, it would be helpful if you read our guide and tips on how to spot and avoid a bitcoin scam on this page. You may also want to read more about bitcoin mining on this page.

      Finally, if you want to have more secured bitcoin online transactions, choose to use reputable and legitimate companies. Again, research is the key. The more information that you have, the more informed your decision will be.

      I hope this helps. Should you have further questions, please don’t hesitate to reach us out again.

      Have a wonderful day!


Go to site