Crypto-scams you should be steering clear of in 2021

Cryptocurrency scams are everywhere and victims are constantly falling for them

This is one of those areas like stock and bond that can swallow the insufficiently educated. Any investment regardless of the type requires knowledge and a continuing commitment to education. You cannot just take someone’s word for it – this is especially how scammers exploit their investment victims.

Additionally, scammers are combining scamming types to better manipulate victims. Many scams now begin as romance scams and then turn into investment scamsInvestment Scams When a caller claims to have a promising investment opportunity that will help you get rich quick, it's likely a scam..

It used to be simple, you go to a licensed broker and you make an investment. Today people are ignoring everything that they learned and jumping on appsApps Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing. from unknown developers or companies and putting their total fail in what they know very little about. The result is a massive amount of fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim., everywhere!

According to Malwarebytes:

A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical to tactics used in previous years with an occasional twist. Here’s some of the most visible ones you should be steering clear of.

Recovery Code Theft

Many Bitcoin wallets make use of something called recovery codes. These are, as the name suggests, codes allowing you to regain access to wallets you’ve locked yourself out of. These are the last roll of the dice for anyone unable to view their funds, and not a situation people would wish to find themselves in. As a result, they’re a fantastic target for scammers wanting to do some wallet plundering.

One of the sneakiest ways to grab a code is to jump into customer support discussions on social media. Scammers set up fake customer support style accounts, then direct potential victims to phishing pages hosted elsewhere. If you lose a recovery code or its equivalent in this manner, it’s almost certainly gone for good.

Always ensure the entity you’re talking to is:

• The official support channel and you haven’t inadvertently started talking to someone else entirely.
• By doing this, your digital funds should be kept safe from this technique.

Fake Elon Musk Cryptocurrency Scams

Another social media shenanigan involving cryptocurrency?

You bet. This tactic involves stealing verified Twitter accounts, making them resemble Elon Musk, and then spamming bogus Bitcoin offers in replies to viral tweets.

This has been happening for quite some time now, and refuses to go away. It’s not pocket change, either. The FTCFTC The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) U.S. antitrust law and the promotion of consumer protection. The FTC can also act as a clearinghouse for criminal reports sent to other agencies for investigation and prosecution. To learn more visit www.FTC.gov or to report fraud visit ReportFraud.FTC.gov estimates at least $2 million has been stolen from cryptocurrency investors. It’s not just happening on Twitter, either. Rogue SpaceX crypto scams were doing the rounds back in June of this year.

If in doubt, remember that Elon is not going to make you rich beyond your wildest dreams with Bitcoin.

Covert Container Mining

This one is a bit more technical than most, and relies on bad things happening behind the scenes. There’s no direct social engineeringSocial Engineering Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. It is used as a type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take any action that may or may not be in their best interests." aspect, because that’d give the game away.

If you’re a developer working on a project, it’s common to make use of pre-made code librariesCode Library A set of routines for a particular operating system. Depending on the environment, code libraries may be source code, in an intermediate language or in executable form. It can also be a repository for programming code like GitHub that helps developers find usable code they can include in their apps and software. The risk is that cybercriminals and hackers can add malicious code into libraries,. There are all kinds of ways to give your project a leg up, but one of the most popular is Docker. Docker bundles up all the things your project needs (including operating systems, applicationsApplications Applications or Apps An application (software), commonly referred to as an ‘app’ is a program on a computer, tablet, mobile phone or device. Apps are designed for specific tasks, including checking the weather, accessing the internet, looking at photos, playing media, mobile banking, etc. Many apps can access the internet if needed and can be downloaded (used) either for a price or for free. Apps are a major point of vulnerability on all devices. Some are designed to be malicious, such as logging keystrokes or activity, and others can even transport malware. Always be careful about any app you are thinking about installing., and other people’s projects it depends upon) in a “container”, a self-contained, portable environment. Because why write code if somebody’s already written it for you?

Turns out this area of work wasn’t safe from crypto-antics either. Rogue mining images involved in cloud-based mining attacks were discovered sitting on Docker Hub. The images contained software people might want to include in their Docker project, along with a cryptominer that would churn away in the background, making cryptocoins for somebody else at your expense.

This is a tricky one to avoid, but you can make a start by checking out the list of image names which could indicate bad files ahoy here. 30 malicious images downloaded roughly 20 million times(!) equals an awful lot of potential mining activity taking place.

419419 An advance fee scam or fraud (419 scam) is a form of fraud and is one of the most common types of online confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster claims will be used to obtain the large sum. If a victim makes the payment, the fraudster either invents a series of further fees for the victim or simply disappears. The 419 comes from the Nigerian law against this type of scam. Crypto ScamScam A Scam is a confidence trick - a crime -  is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost.

Advance fee fraudAdvance Fee Fraud An advance fee scam or fraud is a form of fraud and is one of the most common types of online confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster claims will be used to obtain the large sum. If a victim makes the payment, the fraudster either invents a series of further fees for the victim or simply disappears. scams involve sending dubious chunks of cash to / from a victim’s bank account. The money vanishes without trace, and the victim becomes a money muleMoney Mule A money mule sometimes called a "smurfer," is a person who transfers money acquired illegally (e.g., stolen) in person, through a courier service, or electronically, on behalf of others (usually criminals that they are knowingly or unknowingly affiliated). Typically, the mule is paid for services with a small part of the money transferred - but not always. Mules may or may not be aware that they are performing these actions. Money mules are often dupes recruited online for what they think is legitimate employment, not aware that the money they are transferring is the product of crime. The money is transferred from the mule's account to the scam operator, typically in another country. Similar techniques are used to transfer illegal merchandise. Mules can be prosecuted for numerous crimes., and is left carrying the blameBlame Blame or Blaming is the act of censuring, holding responsible, making negative statements about an individual or group that their action or actions are socially or morally irresponsible, the opposite of praise. When someone is morally responsible for doing something wrong, their action is blameworthy. By contrast, when someone is morally responsible for doing something right, we may say that his or her action is praiseworthy. Blame imparts responsibility for an action or act, as in that they made a choice to perform that act or action..

We recently saw a mail along these lines. Nothing new there. However, this one asks victims to install a wallet app and transfer funds.This is not something you want to be doing. The scammers wants people to get in touch on WhatsApp, where they may well ask for additional personal information. This could easily be used elsewhere in other scams.

Conclusion

There’s many more crypto-scams waiting in the wings, but these are the ones we tend to see the most of. Give yourself a head start and learn to spot the signs of attempted compromise out there in the wild. Your digital wallet will thank you for it.

Thank you Malwarebytes

What You Should Do? Or Not Do!

• Never listen to the advice of someone you are in a relationship with – they could be a scammerScammer A Scammer or Fraudster is someone that engages in deception to obtain money or achieve another objective. They are criminals that attempt to deceive a victim into sending more or performing some other activity that benefits the scammer. or well-intentioned but ignorant
• Never listen to anyone that you have met online
• Never listen to celebrities – they could be paid to say what they say
• Do you own research, this is not a place for the uninformed
• Do not trust apps online, ever apps that are very well advertised with great reviews – scammers have plenty of money to buy advertising and create fake reviews
• If you are not an expert in this – avoid crypto altogether – until you become an expert
• If you have a financial advisor talk to them, but do not simply accept their advice either
• If you have been scammed, report it! Because of the nature of the scam, we recommend reporting these scams here:
  • If you are in the United States:
    • United States Secret Service: www.secretservice.gov
    • FBIFBI FBI - Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, the FBI is also a member of the U.S. Intelligence Community and reports to both the Attorney General and the Director of National Intelligence. A leading U.S. counter-terrorism, counterintelligence, and criminal investigative organization, the FBI has jurisdiction over violations of more than 200 categories of federal crimes, including financial fraud. at www.IC3.gov
    • Federal Trade Commission at reportfraud.FTC.gov
  • In other countries report to your national police
  • And always on www.Anyscam.com