From ‘rug pulling’ to fake crypto marketplaces to unregulated crypto trading—the lure of crypto riches is fraught with cyber traps.

Back in November 2021, a massive search engine phishing campaign resulted in at least half a million dollars being lost in a matter of days.

More recently, BBC news reported a large-scale scam with a crypto token named SQUID that caused crypto investors to lose US$3.38m.

And then there are hackers creating new fraudulent tokens with intentionally misconfigured smart contract functions to steal funds from buyers through a technique called “rug pulling” where developers and influencers promote a DeFi project and then take the money, as a form of pump-and-dump. This is also happening in China, where “rug pulls” accounted for 37% of illicit revenue last year, compared to 1% in 2020.

According to the Federal Trade Commission, US speculators lost more than US$80m to cryptocurrency scams between October and March 2020.  

The cybersecurity firm researching these crypto scam schemes, Check Point Research, warns that there are various ways scammers can create scam tokens and hack contracts. It is important for consumers to be careful with the tokens they buy. Cryptocurrency is a volatile market, and scammers will always find new ways to steal investors’ money using cryptocurrency. New forms of crypto are constantly being minted. In many countries cryptocurrencies are not regulated, leaving consumer wallets exposed as an attractive target for cybercriminals.

Readers should make sure to use only known exchanges, and buy into a known token with several transactions behind it. Special care must be taken to detect all phishing attempts aimed at the theft of bitcoin marketplaces and spoof websites that attempt to get users to enter their login credentials.

Finally, it is important to pay attention to the URLs of the crypto marketplaces that consumers use—to avoid any kind of manipulation by cybercriminals.