Crypto scams, hacks and fraud

By Kraken Learn team
9 min
23 may 2024
Share this:

Navigate the crypto industry safely 🚨

  • Scams exploit the excitement around crypto, using tactics like fake giveaways, romance scams, and phishing to deceive individuals and companies into handing over assets or sensitive information.

  • Crypto fraud involves more direct methods of theft and manipulation, including Ponzi schemes and fake trading platforms or applications.

  • Hacks target vulnerabilities in exchanges, wallets, and smart contracts, and can result in significant financial losses that undermine the security and trust of the broader crypto ecosystem.

The crypto market is growing fast, attracting new technologies and users. While it's an exciting time to be a part of this fast-paced industry, the rapid growth and many new and untested technologies make the market an attractive target for bad actors.

Scammers, hackers, and fraudsters employ techniques ranging from simple phishing attempts to complex hacking operations targeting exchanges and wallets.

Understanding the risks and learning how to protect yourself is essential for anyone involved in the crypto market.

Scams ⚠️

A scam is when someone is tricked into giving away their money or sensitive information. Scammers use various tactics to exploit the excitement and complexity surrounding cryptocurrencies. They often make false promises of high returns or pretend to be trustworthy entities.

These deceptive practices have evolved alongside the crypto market, adopting increasingly sophisticated methods to exploit newcomers and seasoned investors.

Most common types of crypto scams

While there are many types of crypto scams, these are some of the most common schemes crypto users will likely come across:

  • Investment scams: These scams lure investors with the promise of high returns. The Federal Trade Commission (FTC) reports that over $575 million has been lost to crypto investment scams since 2021​​.
  • Romance scams: Cybercriminals use dating platforms to establish relationships and convince victims to send them cryptocurrency or invest in fake crypto opportunities. The FBI reported 19,050 victims claimed losses of $739 million to romance scams in 2022 alone.
  • Phishing scams: Phishing scammers use emails or fake websites to trick people into giving away their personal information or crypto assets. They often mimic legitimate businesses, such as dApps and exchanges, to appear more convincing​​.
  • Fake crypto giveaways: Scammers might offer attractive returns on investment, such as promising to double any cryptocurrency sent to their wallet, but then keep the funds instead. These scams typically use social media or paid advertisements to reach potential victims​​.
  • Impersonation and government scams: Impersonation scammers pretend to be from well-known companies or government agencies, claiming that there's a problem that can be solved by paying in crypto.

How to avoid scams

Protecting yourself from crypto scams involves a combination of vigilance, education, and using reputable services.

Here are some practical steps and examples that can help you stay safe.

  • Use reputable wallets and exchanges: Opt for well-known and widely used crypto wallets and exchanges like MetaMaskKraken, and Uniswap. These platforms have stringent security measures in place and a track record of reliability.
  • Verify authenticity: Before engaging with any crypto service, check its authenticity. For websites, ensure the URL begins with "https://" and look for a padlock symbol in the address bar, indicating a secure connection. For apps, download only from official app stores like Google Play or the Apple App Store, and read reviews and ratings.
  • Enable two-factor authentication (2FA): Where possible, activate 2FA on your crypto accounts. This adds an extra layer of security, making it harder for unauthorized users to gain access even if they have your password.
  • Be skeptical of unsolicited offers: If you receive an unexpected offer, especially one that promises quick profits or requires urgent action, it’s likely it could be a scam. Legitimate companies rarely pressure their customers this way.
  • Research before investing: Resources like CoinMarketCapDeFiLlama, or Token Terminal can be useful for researching cryptocurrencies, their market standings, and important metrics like total value locked (TVL). For prospective buyers, it’s important to verify the project's legitimacy by reading their whitepaper, exploring the team's background, and checking for community feedback on Twitter (X) or Discord.
  • Never share personal information: Never disclose personal information, such as your private keys or personal identification details, to strangers. Legitimate entities will never ask for your private keys or passwords.
  • Educate yourself: Stay informed about common scam tactics by following crypto news on platforms like CoinDesk or Cointelegraph. Knowledge is power, and being aware of the latest scam trends can help you avoid them.

By following these guidelines, you can significantly reduce your risk of falling victim to a crypto scam. Take your time to verify everything and make informed decisions based on thorough research.

crypto staking image

Hacks 💻

The term "hack" in the context of cryptocurrency refers to unauthorized access or attacks on digital wallets, exchanges, or platforms, leading to the theft of digital assets. Unlike scams and frauds, where deceit plays a central role, hacks exploit vulnerabilities in smart contracts or security systems.

In 2023, hackers stole approximately $2 billion in crypto, showcasing the significant risk that security breaches pose to both individuals and companies.

Most common hacking techniques

As blockchain and cryptocurrency software evolve, so do hacking techniques, but here are some of the most common.

  • Exchange hack: Targets cryptocurrency exchanges to access user funds and sensitive data. As crypto exchange security has become more robust over the years, these hacks have become less common.
  • Personal smart device hack: Exploits vulnerabilities in smartphones or computers to gain access to crypto wallets or accounts.
  • Email hack: Uses phishing or malware to hijack email accounts as a means to reset passwords and gain unauthorized access to crypto assets.
  • Smart contract hack: Involves exploiting bugs in a project's code to drain funds or manipulate prices.

Ways to avoid hacks

  • Use hardware wallets: For storing large amounts of cryptocurrency, hardware or cold storage wallets such as Ledger and Trezor provide an extra layer of security by keeping private keys offline.
  • Enable two-factor authentication (2FA): Always use 2FA on exchanges and wallets where possible, adding a second layer of security beyond just a password.
  • Be cautious with smart contracts: When investing in DeFi projects, research the project's security audits and track record. Look for projects that have undergone thorough security audits by reputable firms like Quantstamp.
  • Stay informed: Keep up-to-date with the latest security practices and potential vulnerabilities. Follow security researchers and auditing firms such as Hacken or Trail of Bits. These companies are on the front line of crypto security and can provide early warnings about new types of attacks and vulnerabilities.

Secure your email: Many crypto hacks start with an email breach. Use a dedicated and secure email for your crypto transactions, and never share your email password.

Fraud 👤

Fraud involves deceitful practices by bad actors to steal money or information directly from individuals or organizations. Unlike scams that may involve persuasion, fraud is more about theft and manipulation without the victim's knowledge or consent.

The prevalence of crypto fraud

Crypto fraud has been a growing concern alongside the increase in crypto adoption. Fraudsters exploit blockchain technology's anonymous and decentralized nature to commit various types of fraud, from websites advertising fake tokens or NFTs to sophisticated Ponzi schemes.

Common types of crypto fraud

  • Ponzi schemes: Ponzi schemes promise investors high returns with little to no risk. These returns are actually paid from the capital of new investors, not from the profit earned by the supposed investments. As long as new investors contribute funds, the Ponzi schemer can use the new investors' funds to pay previous investors and allow the scheme to continue. However, once the flow of new money stops, these types of schemes often collapse, leading to widespread losses for any investors involved.
  • Pyramid schemes: Similar to Ponzi schemes, pyramid schemes rely on the recruitment of new members to generate returns for those higher up in the structure. Participants are often required to pay upfront costs and are promised earnings for enlisting others into the scheme. The system relies on continuous growth to sustain itself, but inevitably fails when it becomes impossible to recruit new members, causing the pyramid to collapse and leaving later entrants to shoulder the losses.
  • Market manipulation (pump and dump): Groups artificially inflate the price of a cryptocurrency to attract investors, then sell off their holdings when the price peaks, causing the value to plummet and leaving new investors with worthless tokens.

Practical tips to avoid crypto fraud

  • Use trusted platforms: Engage with well-established platforms for trading and investing. This involves performing your own rigorous due diligence and research to identify reputable platforms.
  • Verify project details: For token pre-sales and listings, carefully examine the whitepaper, the team's background, and their project roadmap. Authentic projects typically have transparent goals and a clear, achievable plan for how they will achieve them.
  • Keep an eye on community feedback: Platforms like Discord, Telegram, and Twitter (X) host communities where users share experiences and warnings about fraudulent activities.
  • Be cautious with personal information: Never share private keys. Legitimate companies will not ask for this information. Before entering sensitive personal information, double-check that you're on a legitimate website. Bookmarking links is a great way to make sure you're not on a fraudulent page.

By staying informed and cautious, you can navigate the crypto market more safely, reducing the risk of falling victim to fraud. Remember, if an investment opportunity seems too perfect, requiring little-to-no risk for high returns, it's likely a sign of fraud. 

Perform due diligence and prioritize security to protect your assets.

crypto staking image

To mitigate the risk of falling victim to malicious activities, it is crucial to stay informed and exercise caution. Be skeptical of too-good-to-be-true offers, verify the legitimacy of platforms and schemes before investing, and employ strong cybersecurity measures such as 2FA and cold storage wallets to protect personal and financial information.

Get started today

Kraken's proactive approach to security, combined with its commitment to client education, sets a benchmark in the industry, offering a secure platform for trading digital assets.

Sign up for a free account today!