Common Crypto scams and How to stay safe?
Imagine you are doing a crypto transaction like sending some JUP to your friend or swapping a token. But with just one click you lose all your funds.
While there are a lot of innovations happening in the crypto world there are a lot of bad actors as well just like any other industry. What adds to the challenge is that crypto is yet to be completely easy to understand for many. A new user is usually anxious while getting started.
Most of the scams are quite easy to spot yet we choose to ignore the obvious. Almost all the scams have a couple of things in common — they exploit human greed and they create a sense of urgency.
Losing your hard-earned funds is not a nice feeling for anyone. Let’s unpack common scams and how you can protect yourself.
Scam #1— Phishing Websites & Emails
Scammers create a lookalike of famous crypto websites like exchanges, wallets and other apps.
They run phishing ads such as the one below and try to trick users into entering their sensitive information.
Once you share sensitive details like private keys or confirm a transaction on these fake websites, you are giving away the control of your wallets to the scammers who created them.
There are fake Discord servers as well. As soon as you log into such discord servers and verify your account gets compromised. There are fake Telegram bots and fake Chrome extensions as well.
Phishing Emails
Scammers send fake emails which have branding like the original one and they trick you into their fake website. Such emails always create a sense of urgency.
How to stay safe:
- Always install apps from the official website
- Get the links from official social media handles
- While using Google search don’t click on the “ads” on the top of the results as they may be fake websites.
- Stay away from fake Twitter ads
- Always check the received from the email address
Scam #2 — Fake Tokens and NFTs
Mimic legitimate ones with a similar name or ticker symbol.
Because of the decentralized nature of crypto, anyone can create a token. so it is up to you to do your research properly.
- You either buy such tokens from a DEX. Jupiter has mechanisms which don't allow the display of fake tokens with the exact same name and symbol as the original one. But not all DEXes have good filters.
- Or the scammers airdrop these into your wallet. links attached where you can get even more rewards or verify.
As soon as you interact with the tokens, it leads you to a malicious action.
These days scammers are also getting intelligent. Key metrics such as holder counts, volume etc. are very easy to fake. Say the scammer creates a fake token and sends it to 1000 other wallets. Now that token has 1000 unique holders.
How to stay safe:
- Do your due diligence and check the name and contact address thoroughly before putting in your money.
- Check the official website
- Analyse the discussions on social media and Telegram
Scam #3 — Impersonation Scams
It is one of the most common tactics. Scammers create fake accounts impersonating a well-known person or company in the crypto space. These scams are prevalent on Twitter, YouTube, Telegram and Discord. Scammers offer giveaways or private messages.
How to stay safe:
- Check for the verification symbol if available
- Check for the exact spelling of the imposter accounts
Next time if you get a DM from ELANN MUSKK, you know what to do.
Scam #4 — Giveaway Scams
Send 1 SOL and get 5 SOL back! sounds familiar?
You will get messages saying that you have won a giveaway. Scammers will promise you free crypto and ask you to send crypto as a verification step for the prize. well, you send them a deposit amount only to never hear back from them.
Some giveaways may ask you to connect your wallet to claim the prize. As soon as you connect your wallet, it gets drained.
How to stay safe:
- Never send your crypto to claim any giveaway winnings. Legitimate giveaways do not ask for deposits they simply give you the prize
- Do not connect your wallet to non-trusted websites
Scam #5 — Typo-squatting
The sneaky scam is designed to trick people when they are in a rush and do not pay attention to details. Even a small typo can send the funds to another wallet.
The scammers hope that you will copy and paste the wrong address instead of checking it thoroughly. The addresses are deceptively similar addresses as the human mind focuses on the start and beginning characters of a word to understand it.
Another common tactic is I vs l. Now you may be thinking what’s the difference between them? Both the alphabets look almost the same.
- First one — uppercase “i”
- Second one — lowercase “L”
The same applies for O and 0 as well. One is uppercase “o” and the later one is zero.
Unlike other scams, your wallet is not compromised in Typo-squatting. It is a psychological manipulation.
How to stay safe:
- Always double-check the address you are sending funds or the websites before confirming any transactions.
- Ensure you copy the addresses from official sources like websites or social media handles.
Scam #6 — Pump and Dump Groups
In this scam, one hopes to get insider information on which coin will increase in price. People fall for it because of the classic bait “Get rich quick by joining the inner circle”.
You will come across people who claim they have telegram or discord groups where they will coordinate mass buying to pump the price of a coin in the coming days. You get additional information such as the day and time as you are part of the group.
But, once the price rises the organizers sell their holding at the peak and the price crashes. This leaves the unsuspecting holders with worthless tokens.
There is an illusion of insider access — Mix of hype, manipulation and false promise. People know what they are doing is wrong yet still they do it.
How to stay safe:
- These types of activities are illegal. If someone gives you such information, it is better to avoid them
- Avoid buying anything just based on the hype
Scam #7 — Rug Pulls
Scammy influencers hype new projects be it a token or NFT collection. They promise sky-high returns and exclusive perks and may use fake partnerships, dummy accounts and other influencers to build the hype even more.
You FOMO in and buy. The coin prices increase. Once the price pumps they vanish with the money. That’s rug pull.
All this happens in a very short time period, can be as short as a few minutes. And the coin crashes to zero.
How to stay safe:
- Always do your research about the project and the team behind it before putting in your money
- Avoid influencers with a shady history
Scam #8 — Malwares
Scammers disguise malicious software as something useful like a wallet or app or even a white paper.
They may share the malware with you as
- Job offers
- New crypto games
- Beta versions of an app to test
The moment you download it your pc or mobile gets compromised and the scammer gets access to your entire PC. Such malware can silently steal sensitive information like your seed phrase.
It can also manipulate transactions. For example, you are sending crypto to your friend and you copy his address. The malware will replace your friend’s address and add Scammer address.
How to stay safe:
- Use antivirus software
- Confirm the address before transferring crypto to someone
- Avoid downloading and opening attachments from unknown senders
Scam#9: Copy Trading Scams
Manipulating wallets which are being tracked.
Scammers monitor the wallets of whales that are followed publicly by a lot of traders or on-chain analytics platforms. So they send scam tokens to those tracked wallets. This creates an illusion that the whales have bought the tokens.
Now for someone who is following the whale wallets, they are unaware of the scammer sending these tokens. They think that the whale has bought these tokens so it is a good time for them to also buy the tokens. They try to copy the trade and rush to buy these scam tokens.
The whale wallet was never actually involved in the scam it was just a pawn.
How to stay safe:
- Verify transactions on explorers like Solscan and others to see if the token was purchased or just sent by someone
- Be sceptical of such unexplained and random token movements in popular wallets
- Do your own research before copying trades — it’s your money, not theirs
Scam #10— Rotten seed phrases
Primarily targeted at someone who is completely new to the crypto world.
Scammers offer pre-configured wallets or fake starter kit educational tools. They trick such new users into installing a wallet with compromised seed phrases.
The wallet kit comes with a pre-set seed phrase which is often conveyed to these unsuspecting users as a simpler onboarding way. while the user thinks are learning how to use a wallet instead they get tricked into importing the rotten seed phrase.
Even though the user installs a genuine wallet, the scammer has all the details of the seed phrase. Once the user adds funds to the wallet, the scammer then drains the funds. At times the wallet is a fake one.
How to stay safe:
- Always download wallets from the official wallet website
- Generate your own seed phrase or private keys and ensure no one else gets to know about it
- Never use any preconfigured wallet
Scam #11 — SIM swap
It is a form of identity theft where scammers hijack your mobile phone number by manipulating you. They gather your personal information and convince your phone service provider to transfer this number to a new SIM card.
Once they have your number, they can use the SMS-based two-factor authentication (2FA) codes and password reset links. They take over your emails, socials, and wallets and quickly steal your funds.
How to stay safe:
- Use the authenticator app instead of text/call-based verification.
- Keep your phone number and email associated with crypto accounts and exchanges separate. Do not reveal them to anyone.
Essential Safety Checklist
- Double-check website URLs
- Double check address
- Download apps from the official website
- Use burner wallets when connecting with a new app
- Use hardware wallet
- Use authenticator apps
- Never trust a random social media handle
- Greed is never good
- Anything too good to be true is almost always not true
- Remember all it takes is 1 click to lose your entire funds
Little paranoia isn’t a bug— it’s a feature! Stay Safe!
Check out below X threads by Slorg for a few more types of scams
For any feedback or suggestion please reach out to me @its0xRay on X or Discord. If you found this essay helpful, do consider sharing it with your friends and family.
