How to spot and avoid common crypto scams

The growth of cryptocurrencies has opened up new financial opportunities, but it’s also led to a rise in scams. From rug pulls, where developers disappear with investors’ money, to fake wallets that steal private keys, crypto scams are getting more advanced. These scams take advantage of the fact that the cryptocurrency world is still relatively new and not as regulated as traditional finance. This gives scammers more room to operate without being caught quickly. 

To help protect your assets and stay secure, we’ve compiled this guide about the most common scams in the crypto world and how to protect yourself from them.

• Crypto scams exploit the rapid growth and excitement of the cryptocurrency market to deceive investors

• Common scams include rug pulls, phishing attacks, fake wallets and fraudulent investment schemes

• These scams often rely on social engineering, fake endorsements or exploiting a lack of knowledge

• Staying informed, verifying sources and using secure platforms is crucial to protect yourself from potential risks

What are crypto scams?

Crypto scams are cyber crimes designed to trick people into losing their money or personal information, usually by pretending to be legitimate cryptocurrency opportunities. With crypto gaining popularity, scammers are getting more creative - using everything from fake investments to fraudulent giveaways to steal from their victims.

Here are some common red flags you should look out for when considering new crypto investments:

• Promises of quick and easy profits with little to no risk

• Pressure to act quickly, often with urgent or time-sensitive offers

• Vague or missing details about the project, team or technology behind it

• False claims of endorsements or fake testimonials to make it seem more trustworthy

Let's take a look at the most common crypto scams and how you can avoid them.

What are airdrop scams?

Airdrops are promotional events where crypto projects distribute free tokens to attract users. While legitimate airdrops serve as a marketing tool, scammers often exploit the concept to steal funds or personal information.

To execute an airdrop scam, scammers often create fake websites or social media campaigns that promise free tokens in exchange for a small fee or personal information, such as private wallet keys. By clicking on malicious links, users may be redirected to fake platforms where their sensitive details are captured or malware is installed. This allows scammers to steal funds or compromise your security.

Red flags to watch out for:

• Unrealistic promises of large token giveaways or guaranteed returns

• Requests to send funds or share private keys in exchange for "free" tokens

• Suspicious websites or social media campaigns with unverified information

How to protect yourself:

• Verify the project’s website and official social media accounts

• Never share your seed phrase, private keys or passwords for an airdrop

• Stick to well-established crypto platforms for claiming legitimate airdrops

What is a rug pull?

A rug pull occurs when crypto developers abandon a project and run off with the investors’ money. These scams are particularly common in decentralised finance (DeFi), where new projects and tokens are often unregulated.

Usually, developers create a token or DeFi project and aggressively promote it to attract investments. As more people buy in, the token’s value increases. Once enough funds have accumulated, the developers withdraw all liquidity, causing the token’s value to crash. Explore how you can spot and avoid rug pulls in this article.

What are Ponzi schemes?

Ponzi schemes operate by taking money from new investors and using it to pay returns to earlier participants, rather than generating real profits through legitimate investments. This creates the illusion of a profitable and successful project, drawing in more investors. As more people invest, the scheme continues to function temporarily by cycling funds from new participants to existing ones.

These schemes often disguise themselves as exclusive investment opportunities, luring investors with promises of guaranteed returns or “too good to be true” profits. 

Red flags to watch out for:

• Promises of consistent, high returns with little risk

• Pressure to recruit others to join

• Lack of transparency about how profits are generated

How to protect yourself:

• Be sceptical of "get-rich-quick" schemes

• Avoid projects without detailed financial modelsH2: What are ICO scams?

ICO (Initial Coin Offering) scams are fraudulent fundraising schemes where scammers promise high returns on new cryptocurrency projects in exchange for investments. In an ICO scam, individuals are lured into purchasing tokens of a non-existent or poorly planned project. They are often marketed as exclusive opportunities with high potential, but they can be misleading or entirely fake.

Dig deep into how you can spot and avoid ICO scams in this guide.

What are fake wallets?

Fake wallets mimic legitimate wallet applications to steal your assets. Victims unknowingly download these apps and enter their credentials or seed phrases, giving scammers access to their funds.

These scams typically involve clones of well-known wallet apps that can be found in app stores. The fake apps often contain hidden malware, making it difficult for users to detect the threat before it’s too late.

Red Flags to watch out for: 

• Unusual app names or misspellings that mimic legitimate apps

• Too few or suspiciously positive reviews from users

• Vague or unverified developer information

• No contact or customer support details are available

• Excessive permission requests, like access to contacts or camera

• No two-factor authentication (2FA)

How to protect yourself:

• Only download wallets from official websites or trusted app stores

• Verify reviews and developer information before installing any wallet app

What is whale manipulation?

Whale manipulation happens when large crypto holders, also known as whales, intentionally buy or sell massive amounts of assets to influence market prices. These actions can create artificial price movements that affect the broader market.

Two common types of whale manipulation include:

• Pump-and-dump schemes, where whales inflate a token’s price before selling at its peak

• Flash Crashes, where sudden sell-offs are designed to create panic among retail investors

How to protect yourself:

• Use stop-loss orders to limit potential losses

• Avoid following hype-driven trading trends without thorough research

What are token burn scams?

Token burns are legitimate processes where crypto projects destroy tokens to reduce supply and potentially increase value. However, scammers exploit these events by falsely claiming to conduct token burns to steal assets.

Red flags to watch out for:

• Unverified burn events without official announcements or details from trusted platforms

• Requests to send tokens to specific wallets for "participation" in the burn

• Promises of unrealistic value increase after the burn event

How to protect yourself:

• Verify events through the project’s official website and community channels

• Avoid sending funds to unverified or suspicious addresses

How do Man-in-the-Middle attacks work?

Man-in-the-middle (MITM) attacks happen when a hacker secretly intercepts communication between two parties, often without being realised by any of the parties. In these attacks, the hacker can manipulate or steal sensitive information such as wallet credentials or transaction details without the knowledge of those involved. 

For example, a hacker might intercept wallet login credentials, capturing the data as it is transmitted over the network. Alternatively, they could redirect funds to a scammer's wallet by modifying transaction details before they reach the intended recipient. These attacks highlight the importance of securing communications, especially when accessing crypto wallets or making transactions. 

Red flags to watch out for:

• Unexpected login prompts or redirection to unfamiliar websites

• Slow website load times or unusual security warnings indicating possible interception

• Receiving requests for sensitive information from untrusted sources

How to protect yourself:

• Use VPNs for added security when accessing your wallet.

• Avoid public Wi-Fi for crypto transactions.

What is cryptojacking?

Cryptojacking is a type of scam where a malicious actor secretly uses your device’s processing power to mine cryptocurrency without your consent. This can significantly slow down your device and cause excessive wear on your hardware.

Red flags to watch out for:

• Slower device performance

• Overheating hardware

How to protect yourself:

• Install reliable antivirus software to detect and remove malware

• Avoid clicking on suspicious links or downloading unknown files

What is address poisoning?

Address poisoning involves scammers sending small transactions to wallets with addresses similar to yours. Their goal is to trick you into copying their address for future transactions, which would send your funds directly to them.

Red Flags to watch out for:

• Unexpected small transactions from unknown addresses

• Wallet addresses that closely resemble ones you recognise

• Sudden changes in the wallet addresses you’re interacting with

• Missing or altered wallet address details in official communications

How to protect yourself:

• Always double-check wallet addresses before sending funds

• Avoid using auto-complete features for wallet addresses

While understanding common types of crypto scams and their red flags provides significant protection, there's always a risk of becoming a victim. So, what should you do if you find yourself caught in a scam?

What to do if you get scammed in crypto 

If you think you’ve been scammed, follow these steps to protect yourself:

• Stop communication with the scammers and avoid further contact

• Secure your accounts by changing passwords, enabling 2FA, and moving funds to a new wallet

• Report the scam to the platform, local authorities and fraud databases 

• Check for fraudulent transactions and alert your platform about any suspicious activity

• Monitor your accounts regularly for signs of fraud or identity theft

Stay safe and informed with Bitpanda Academy

Crypto scams are constantly evolving, but knowledge is your best defence. The Bitpanda Academy offers many resources to help you stay secure in the crypto world, covering common crypto scams, the biggest risks in investing and more.

Frequently asked questions (FAQ) around crypto scams

What is a crypto scam?

A crypto scam is a fraudulent scheme aimed at stealing money or personal information, often by pretending to be legitimate crypto opportunities.

What is a Bitcoin scam?

A Bitcoin scam involves deceiving individuals into sending Bitcoin or sharing personal information through false promises, such as high returns or fake investment opportunities.

How do crypto scams work?

Crypto scams trick victims into sending money or personal information through fraudulent schemes - such as fake investments, phishing or crooked giveaways.

Can you recover money from a crypto scammer?

Recovering funds from a crypto scam is difficult, but you should report it to the platform, authorities and fraud organisations to potentially limit further damage.

What are the most common crypto scams?

Some of the biggest crypto scams include rug pulls, fake ICOs, Ponzi schemes, fraudulent airdrops and phishing attacks targeting crypto wallets.

What should I do if I get scammed in crypto?

Stop all communication with scammers, secure your accounts, report the scam to platforms and authorities, check for fraudulent transactions and monitor your accounts.

Why is blockchain security important?

Blockchain security is crucial to maintaining trust in the decentralised financial system, protecting users' assets and ensuring the integrity of transactions. It uses encryption, consensus mechanisms and decentralisation to make it nearly impossible to alter or tamper with data.