(Last Updated On: March 24, 2022)

Crypto-Scams To Avoid In 2021

Cryptocurrency Scams Information Courtesy of Malwarebytes

A SCARS Insight

Crypto-scams you should be steering clear of in 2021

Cryptocurrency scams are everywhere and victims are constantly falling for them

This is one of those areas like stock and bond that can swallow the insufficiently educated. Any investment regardless of the type requires knowledge and a continuing commitment to education. You cannot just take someone’s word for it – this is especially how scammers exploit their investment victims.

Additionally, scammers are combining scamming types to better manipulate victims. Many scams now begin as romance scams and then turn into investment scams.

It used to be simple, you go to a licensed broker and you make an investment. Today people are ignoring everything that they learned and jumping on apps from unknown developers or companies and putting their total fail in what they know very little about. The result is a massive amount of fraud, everywhere!

According to Malwarebytes:

A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical to tactics used in previous years with an occasional twist. Here’s some of the most visible ones you should be steering clear of.

Recovery Code Theft

Many Bitcoin wallets make use of something called recovery codes. These are, as the name suggests, codes allowing you to regain access to wallets you’ve locked yourself out of. These are the last roll of the dice for anyone unable to view their funds, and not a situation people would wish to find themselves in. As a result, they’re a fantastic target for scammers wanting to do some wallet plundering.

One of the sneakiest ways to grab a code is to jump into customer support discussions on social media. Scammers set up fake customer support style accounts, then direct potential victims to phishing pages hosted elsewhere. If you lose a recovery code or its equivalent in this manner, it’s almost certainly gone for good.

Always ensure the entity you’re talking to is:

  • The official support channel and you haven’t inadvertently started talking to someone else entirely.
  • By doing this, your digital funds should be kept safe from this technique.

Fake Elon Musk Cryptocurrency Scams

Another social media shenanigan involving cryptocurrency?

You bet. This tactic involves stealing verified Twitter accounts, making them resemble Elon Musk, and then spamming bogus Bitcoin offers in replies to viral tweets.

This has been happening for quite some time now, and refuses to go away. It’s not pocket change, either. The FTC estimates at least $2 million has been stolen from cryptocurrency investors. It’s not just happening on Twitter, either. Rogue SpaceX crypto scams were doing the rounds back in June of this year.

If in doubt, remember that Elon is not going to make you rich beyond your wildest dreams with Bitcoin.

Covert Container Mining

This one is a bit more technical than most, and relies on bad things happening behind the scenes. There’s no direct social engineering aspect, because that’d give the game away.

If you’re a developer working on a project, it’s common to make use of pre-made code libraries. There are all kinds of ways to give your project a leg up, but one of the most popular is Docker. Docker bundles up all the things your project needs (including operating systems, applications, and other people’s projects it depends upon) in a “container”, a self-contained, portable environment. Because why write code if somebody’s already written it for you?

Turns out this area of work wasn’t safe from crypto-antics either. Rogue mining images involved in cloud-based mining attacks were discovered sitting on Docker Hub. The images contained software people might want to include in their Docker project, along with a cryptominer that would churn away in the background, making cryptocoins for somebody else at your expense.

This is a tricky one to avoid, but you can make a start by checking out the list of image names which could indicate bad files ahoy here. 30 malicious images downloaded roughly 20 million times(!) equals an awful lot of potential mining activity taking place.

419 Crypto Scam

Advance fee fraud scams involve sending dubious chunks of cash to / from a victim’s bank account. The money vanishes without trace, and the victim becomes a money mule, and is left carrying the blame.

We recently saw a mail along these lines. Nothing new there. However, this one asks victims to install a wallet app and transfer funds.This is not something you want to be doing. The scammers wants people to get in touch on WhatsApp, where they may well ask for additional personal information. This could easily be used elsewhere in other scams.

Conclusion

There’s many more crypto-scams waiting in the wings, but these are the ones we tend to see the most of. Give yourself a head start and learn to spot the signs of attempted compromise out there in the wild. Your digital wallet will thank you for it.

Thank you Malwarebytes

What You Should Do? Or Not Do!

  • Never listen to the advice of someone you are in a relationship with – they could be a scammer or well-intentioned but ignorant
  • Never listen to anyone that you have met online
  • Never listen to celebrities – they could be paid to say what they say
  • Do you own research, this is not a place for the uninformed
  • Do not trust apps online, ever apps that are very well advertised with great reviews – scammers have plenty of money to buy advertising and create fake reviews
  • If you are not an expert in this – avoid crypto altogether – until you become an expert
  • If you have a financial advisor talk to them, but do not simply accept their advice either
  • If you have been scammed, report it! Because of the nature of the scam, we recommend reporting these scams here:

Always Report All Scams – Anywhere In The World To:

Go to reporting.AgainstScams.org to learn how

U.S. FTC at https://reportfraud.ftc.gov/#/?orgcode=SCARS and SCARS at www.Anyscams.com
Visit reporting.AgainstScams.org to learn more!