Finder may earn compensation from partners, but editorial opinions are our own. Advertiser Disclosure

Common cryptocurrency scams — and how to avoid them

Our guide to how to spot Bitcoin scams and stay safe when trading and using cryptocurrency.

Cryptocurrencies are complicated, very confusing to new users and lightly regulated all of which makes them an ideal target for scammers. But with a little bit of know-how and some good old-fashioned common sense, you can do plenty to protect yourself against cryptocurrency scams.

Disclaimer: This information is not financial advice or an endorsement of cryptocurrency or any specific provider, service or offering. Cryptocurrencies are highly volatile and high risk. Do your own research and seek financial advice before buying. Please check with providers if their services are available in your state.

10 common crypto scams to keep an eye out for

Watch out for scams

In December 2017, the chairman of the US Securities and Exchange Commission (SEC) issued a statement about the lack of investor protection for those buying cryptocurrencies:

A number of concerns have been raised regarding the cryptocurrency and ICO markets, including that, as they are currently operating, there is substantially less investor protection than in our traditional securities markets, with correspondingly greater opportunities for fraud and manipulation.

Checklist: How to detect a crypto scam

Unsure whether a particular crypto website is a scam or not? Use this checklist to help sort legitimate providers from those platforms you’re better off avoiding altogether.

Please note that this checklist is far from foolproof, as it’s possible for a website to pass several of the above tests with flying colors and still be a scam. The important thing to remember is to do your due diligence before providing any personal or financial information to any website or app.


Phishing

The first scam on the list is one that you may well be familiar with already, as it’s also been widely used to target customers from major banks.

Known as “phishing,” this type of scam occurs when you receive an unsolicited email that looks as if it’s from your bank or, in this case, from your crypto exchange or wallet provider. This email contains a link that takes you to a site that looks almost identical to the exchange or wallet you usually use, but is actually a scam site.

Once you enter your account details on this unofficial page, the scammers have everything they need to log in to your real account and steal your funds.

How to avoid phishing scams:

  • Always double-check URLs to make sure you’re visiting the genuine website.
  • Don’t click on suspicious links that are emailed to you.
  • Never disclose your private key.

Fake exchanges and wallets

In a similar vein to phishing scams, keep an eye out for fake Bitcoin exchanges. They might walk and talk like a reputable exchange, but they’re merely a front to separate consumers from their hard-earned cash.

Some will entice users with promotional offers that sound too good to be true. Others pressure users into creating an account and depositing funds, perhaps even offering “bonuses” to those who deposit larger amounts. But once they have your money these platforms might charge ridiculously high fees, make it very difficult to withdraw funds or simply steal your deposit altogether.

Other scammers have turned their attention to creating quite sophisticated fake wallet apps that, once downloaded to a user’s smartphone, can be used to steal critical account details. These apps have even made it into official, legitimate app stores like Google Play, so it pays to do your research before downloading anything to your phone.

BitKRX

In December 2017, the Bitcoin community and South Korean authorities exposed a fake exchange known as BitKRX.

By posing as a legitimate exchange and passing itself off as a branch of KRX, a large and reputable trading platform, it was able to ensnare innocent users.

See our vetted list of legitimate cryptocurrency exchanges.

How to avoid fake exchange and fake wallet scams:
  • Stick with well-known and popular exchanges.
  • Thoroughly research any exchange or wallet before creating an account who is the team behind the exchange or wallet? Where is the company registered? Are there reliable reviews from other users confirming its legitimacy?
  • Don’t let yourself be pressured into depositing funds or providing any personal information.
  • Don’t just randomly pick a wallet from the app store only download apps and software from legitimate wallet providers and exchanges.

Fake Poloniex apps

Poloniex is a large, prominent and legitimate crypto exchange. However, in 2017 it was the target of a sophisticated scam that saw at least three fraudulent Poloniex trading apps listed on the Google Play store.

Two of the apps, “Poloniex” and “Poloniex Exchange,” were downloaded more than 5,500 times before they were removed from the store. These apps asked Poloniex users to enter their account credentials, thereby giving fraudsters a way to perform transactions on behalf of users and even lock victims out of their own accounts.


Old-school scams

Cryptos may be based on new technology, but there are still plenty of scammers using old tricks to con unwitting consumers.

The classic example of this is an unsolicited phone call or email from someone claiming to be with the IRS. This fictional tax man will try to convince you that you owe the IRS money and you’ll be facing legal action if you don’t transfer them a certain amount of Bitcoin as soon as possible.

The tried-and-tested “Nigerian prince” scam has also migrated into the world of cryptocurrency. So if you’re ever contacted out of the blue by someone overseas promising you a share in a large sum of digital currency if you help them transfer funds out of their own country, use your common sense and recognize it for the scam it is.

How to avoid old-school scams:
  • Use your common sense.
  • Don’t trust unsolicited emails or phone calls.

Fraudulent ICOs

Seduced by the astronomical price rises Bitcoin has experienced since its inception, many everyday consumers venture into the world of cryptocurrency looking for the next big thing. After all, if “the next Bitcoin” ever actually arrives, getting in at the ground floor could see early-adopters earn a fortune.

And if you want to get in on the ground floor, the easiest option for the average person is to buy coins or tokens in an ICO. There’s a huge appetite for new digital currencies in the first half of 2018 alone, ICOs raised a total of $11.69 billion and with many new buyers having limited knowledge of how the crypto industry works, it’s the perfect breeding ground for scammers.

Pincoin and iFan

In April 2018, the Pincoin and iFan ICOs, run by the same Vietnam-based company, are believed to have cheated more than 30,000 investors out of a combined total of $660 million.

iFan was meant to be a social media platform for celebrities and Pincoin promised 40% monthly returns to investors. Both were later shown to be multi-level marketing (MLM) scams.

This has led to the rise of fake ICOs which, with some slick marketing and a little bit of hype, can convince people to buy a cryptocurrency that doesn’t actually exist. For example, one report found that 78% of ICOs in 2017 were scams, while a separate report put that figure at above 80%.

Finally, if you’re dreaming of getting rich quick from a crypto ICO, be aware that for every ICO success story there are many, many more failures, even if the project isn’t a scam.

How to avoid fraudulent ICOs:
  • Thoroughly research any ICO before buying in. Look at the team behind the project, its white paper, the purpose of the currency, the tech behind it and the specifics of the token sale.

Bitcoin blackmail scams

Similar to how scammers will sometimes pretend to represent the tax office in the hope of coercing victims out of money, they’ll also pretend to be hackers with some kind of incriminating evidence.

One common variation of this scam arrives in the form of an unsolicited email, where the sender claims to be a hacker who has accessed your PC. They will say they’ve found some kind of incriminating evidence, or taken over your webcam to capture footage of you doing something embarrassing or which you’d rather other people didn’t know about. The emails promise to send the incriminating evidence to all of your email or social media contacts unless you send some Bitcoin to the blackmailer, and will typically include instructions on how to purchase Bitcoin and where to send it.

Naturally, it’s all a lie. The phony blackmailers don’t have any evidence and nothing will happen regardless of whether or not you make a payment. This scam is purely a numbers game, where the perpetrators hope that by sending out enough emails they’ll scare enough people into sending them some Bitcoin.

How to avoid Bitcoin blackmail scams
  • Search online to see if other people are saying they’ve received the same email
  • Don’t believe the scammers
  • Consider using VPNs to browse more privately, for additional peace of mind against this type of scam

Impersonation giveaway scams

One type of scam that’s common to many large sites and social media platforms is a celebrity impersonation giveaway scam. Here, the scammers will impersonate a celebrity or other notable person and announce that they’re giving away a lot of cryptocurrency for free, as long as you send them some cryptocurrency first.

The scammers will often promise to send back double what you send them. Although especially prominent on Twitter, this scam has also appeared on platforms including YouTube, where scammers will impersonate a celebrity in a video or livestream.

This scam is all about quickly rushing victims into a bad decision by making them think they’re missing out. A typical giveaway scam always specifies a total amount of cryptocurrency, such as “5,000 ETH giveaway” and then uses an army of bots and fake accounts to make it look like people are actually receiving money.

After seeing all the apparently free money being given away, victims race to send money to the scammers before they have time to think it over.

On Twitter, the fake giveaway bots will often have a blue “verified” check mark, but this does not mean anything. The scammers obtain this by taking over verified accounts and then changing the names. Similarly, scams will often have thousands of likes, views, retweets or other types of social proof. Those are just from bots, and don’t mean anything either.

Although there are some ways to get free cryptocurrency, it’s only possible to get small amounts and there’s often some kind of catch.

How to avoid impersonation giveaway scams
  • Assume that anytime a celebrity is offering to give away free cryptocurrency on social media, it’s a scam
  • Double check the user name of the suspected scam account, and compare that to the username of the celebrity’s real account
  • Check the provided cryptocurrency address using a blockchain explorer. You can see how much money the scam is making and whether or not it’s actually sending any money out

Ponzi or pyramid schemes

A Ponzi scheme is a simple but alarmingly effective scam that lures in new investors with the promise of unusually high returns. Here’s how it works: a promoter convinces people to invest in their scheme. These initial investors receive what they believe to be returns, but are actually payouts from the money deposited by newer investors. Now satisfied that the scheme is legit, those investors who received payouts pump more of their money into the scheme and encourage others to do the same.

Sooner or later, the scheme collapses when the promoter runs off with the money or it becomes too difficult to lure new investors. These types of pyramid schemes are nothing new and can be easy to spot, but that hasn’t stopped some crypto buyers from being scammed in a handful of high-profile incidents.

Bitconnect

In January 2018, Bitcoin investment lending platform Bitconnect shut down its lending and exchange services amid allegations it was a Ponzi scheme. Launched in early 2017 with promises of returns of up to 40% per month, the platform was quick to attract criticism from the wider crypto community and soon drew the attention of regulators.

How to avoid Ponzi/pyramid schemes:
  • Look out for cryptocurrency projects that encourage you to recruit new investors to enjoy bigger profits.
  • Never trust a scheme that promises returns that sound too good to be true.

Malware

Malware has long been a weapon in the arsenal of online scammers. But thanks to the complicated and highly technical nature of cryptocurrencies, much of which isn’t well understood by most people, malware now poses an even bigger threat.

Rather than stealing credit card and bank account details, crypto-related malware is designed to get access to your web wallet and drain your account, monitor the Windows clipboard for cryptocurrency addresses and replace your legitimate address with an address belonging to a scammer, or even infect your computer with a cryptocurrency miner.

How to avoid cryptocurrency malware scams:
  • Update your antivirus software regularly to protect yourself against malware.
  • Never download and install programs unless you’re 100% sure they’re from a reputable, legitimate provider.
  • Don’t open suspicious attachments.

Mining scams

Bitcoin mining rig scans

Cloud mining allows you to mine cryptocurrencies like Bitcoin without having to purchase the expensive hardware required to do so. There are several legitimate cloud mining services that let users rent server space to mine for coins at a set rate. There are also some legitimate ways to invest in Bitcoin mining companies and share profits from them.

However, there are also plenty of cryptocurrency mining scams out there. Some promise astronomical (and implausible) returns and fail to disclose a range of hidden fees, while others are fronts for Ponzi scams and are simply designed to part you from your money.

It’s also important to note that even if it’s not an outright scam, cloud mining will always be a bad investment compared to simply buying cryptocurrency, as will leasing any other form of cryptocurrency mining equipment. The quirks of Bitcoin mining economics means that no matter what Bitcoin prices do, you’ll always be better off just buying the equivalent amount of Bitcoin instead of trying to invest that money in a mining scheme.

Even if they’re not technically scams, it’s a mathematical fact that all “legitimate” Bitcoin cloud mining businesses and consumer-oriented miner rental schemes are invariably bad investments.

Learn more about how Bitcoin mining works, and how cloud mining doesn’t.

How to avoid cryptocurrency mining scams
  • Avoid all cloud mining and rent-a-miner schemes under all circumstances

Pumps and dumps

Cryptocurrencies are often dismissed as a speculator’s dream come true that are ripe for a little bit of market manipulation, which has led to the rise of what are known as “pump and dump” schemes. This is where large groups of buyers target an altcoin with a small market cap, buy that coin en masse at a particular time to drive its price up (which attracts a whole lot of new buyers fueled by FOMO a fear of missing out) and then sell to take advantage of the significant price rise.

This sort of thing is illegal in traditional securities markets, but is a common occurrence in the largely unregulated world of cryptocurrencies. In fact, there are several online groups and forums dedicated to this exact practice, so it’s important that you stay savvy and know how to steer clear of these scams.

How to avoid pump and dump scams:
  • Be wary of low-market-cap cryptos that normally have a low trading volume but that suddenly experience a sharp price rise.
  • Keep an eye out for “fake news” on social media that hypes particular coins.
  • Carefully research the credentials of any cryptocurrency before buying.

GVT pump and dump

In January 2018, a fake Twitter account purporting to belong to cybersecurity guru and crypto enthusiast John McAfee tweeted support for the GVT cryptocurrency, naming it “coin of the day.”

For some in the crypto community, this was good enough reason to buy some GVT, and just four minutes after the tweet was posted the price of GVT had jumped from $30 to $45 and trading volume had doubled. Fifteen minutes later, the price was hovering around the $30 mark once again, after early buyers “dumped” and ran.

On closer inspection, the Twitter account was revealed to be bogus and not associated with McAfee at all. Instead, it was simply a key player in a pump and dump scheme devised and implemented in a chat room called “Big Pump Signal.”


What to do if you’ve spotted a scam or become a victim

If you’ve sent money overseas as the victim of a scam, it’s important to know that the chances of you getting your money back are unfortunately very slim. This is true for all international scams, but cryptocurrency in particular is especially difficult to recover.

You can still report it though, to help prevent other people from falling victim.

If you’ve spotted a scam or been the victim of one, you can report it to the Federal Trade Commission. To help spread the word faster, you can also report specific types of scams to the relevant agencies.

  • FBI IC3. Report internet crime to the FBI’s Internet Crime Complaint Center (IC3), including fake websites, email extortion attempts and similar.
  • eConsumer. Report international online fraud to eConsumer, a global partnership of consumer protection agencies. This includes romance scams, Nigerian princes, fake giveaways, fraudulent cryptocurrency sites and more.

You can also help by reporting any scams you see on social media, using the ‘report’ button provided by most platforms.

Simple tips to help you stay safe

There are plenty of other simple steps you can take to protect yourself against fraud, such as:


Disclaimer: Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Disclosure: At the time of writing the author holds ADA, ICX, IOTA, POWR and XLM.

More guides on Finder

Ask an Expert

You are about to post a question on finder.com:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder.com provides guides and information on a range of products and services. Because our content is not financial advice, we suggest talking with a professional before you make any decision.

By submitting your comment or question, you agree to our Privacy and Cookies Policy and finder.com Terms of Use.

Questions and responses on finder.com are not provided, paid for or otherwise endorsed by any bank or brand. These banks and brands are not responsible for ensuring that comments are answered or accurate.

40 Responses

    Default Gravatar
    HenDecember 9, 2020

    Why would I have an EOS payment deposited of $30 into my account my bank account but I didn’t sign up for any of anything over the internet or paid anybody for anything

    Default Gravatar
    NoobdenialAugust 3, 2019

    How do I know this isn’t a subtle long con that lures people in with what sounds like solid common sense explanations…and then gradually guides them into a ponzi scheme or pump and dump or suggest getting XRP….criminal.

      Avatarfinder Customer Care
      fayemanuelAugust 4, 2019Staff

      Hi Noobdenial,

      Thanks for leaving a comment we appreciate your feedback. This will certainly help us.

      Kind Regards,
      Faye

    Default Gravatar
    AlecMay 19, 2019

    How can I know if the website cryptostats.trade is a legitimate trading site & not just fraudulent?

      Avatarfinder Customer Care
      BellaMay 19, 2019Staff

      Hi Alec,

      Thanks for your inquiry.

      You’re actually already on the correct page on where you can get helpful information and may use our checklist to help you detect a crypto scam. Please note that we are a comparison website and we can not vouch for a company as we do not represent any of the providers on our page.

      I hope this helps.

      Kind regards,
      Bella

    Default Gravatar
    PreciousMay 17, 2019

    I invested R1000 and got a profit of R15000 in one week, someone who said he will help is the one who told what to do and I did as he instructed me. He sent me a link I should use to send money into from my trading account. I did that, so now in order for me to get my profit he’s saying I should deposit R1500 which is a 10% of my profit – then I can withdraw that R15000. What’s suspicious is that, he now even deleted his Facebook acc and when I asked him why, he just said someone was trying to hack it.

    Please help.

      Default Gravatar
      nikkiangcoMay 18, 2019

      Hi Precious,

      Thanks for your question.

      I’m sorry to hear that. From your statement above, it looks like the person you transacted with used old school scams to fish off money from you. However, no one will know of its legitimacy until proven. Rule of thumb, be safe, do research and always transact with known reputable companies, not with people who just randomly emailed, called or messaged you on a social media platform.

      With care,
      Nikki

    Default Gravatar
    AmyApril 11, 2019

    I have a person emailing me masking their email as their own. It’s an obvious fake claiming I’m accessing porno sites and they have video of me doing things while watching these videos. I’m a woman and its an old email address being forwarded to my email so I can answer client questions. The only info they provide is their bitcoin address—— BTC Address: ****************** ——- They are trying to extort money from me. Can we locate who they are with the BTC address?

      Avatarfinder Customer Care
      johnbasanesApril 12, 2019Staff

      Hi Amy,

      Thank you for reaching out to Finder.

      Yes, there is a way for you to locate someone using their BTC address. You may need to contact local law enforcement for further assistance on doing this. Hope this helps!

      Cheers,
      Reggie

Go to site