3 Common Cryptocurrency Scams Everyone Should Be Wary Of

Cryptocurrency is the new frontier of global finance; but, much like the frontier days of the American Wild West, with limitless opportunity comes unrestrained theft and scams. As more people join cryptocurrency, the number of scammers and thieves also increase exponentially.

Unfortunately, the crypto community has seen its fair share of scams and dirty tactics at the expense of individual users. In this article, we’re going to review some of the main ways that scammers and thieves have tried to take advantage of crypto users, and how to identify potential scams before you become the target. The good news is just a small amount of caution, preparation, and knowledge can make you nearly immune to these treacherous attempts.

1. Telegram Phishing

Phishing scams have become an increasingly serious threat to cryptocurrency groups on Telegram ever since the ICO and token sale frenzy of 2017. To better understand this phenomenon, let’s go over how it usually works.

First, a scammer will join a chat group using an inconspicuous username — one that appears like it would fit in with other users in the group. Once in the chat, they will likely change their name and picture to be exactly the same as a group administrator. At this point, they will begin sending direct messages to users — either at random or in response to questions or messages posted in the main group.

Image via Pixabay / mohamed_hassan

For instance, if someone asks a question in the public group, the scammer will typically message that person directly offering to help. Scammers often pretend to work for the group or project in question and claim they can provide help to the user — like offering information as for how to participate in a crowdsale, for example.

In our group, some scammers have been caught directly sending cryptocurrency addresses to users and asking for funds to be sent there. Others would first ask for an email address, and then send the fraudulent request for funds through email from an address that looked very similar to our official company email addresses. More on that later…

As for Celsius, once our token sale event ended, the scammers we saw finally gave up and moved on. However, we are still periodically seeing that our users are receiving messages claiming to be from Celsius employees and insisting that there is a preferential sale going on or some other kind of false promise.

How to Spot the Scam

Even though this type of attack can be particularly annoying, it’s straightforward to avoid. First and foremost, do not send cryptocurrency or any other kind of money to any user or account that does not appear familiar or legitimate. If you are unsure, always confirm with a group admin.

If you want to verify the person you’re speaking to is an actual member of the project, open their profile information by clicking on their picture and checking what their registered username is. A registered username is different from the display name, which can be set to appear identical to an actual administrator. You can then verify in the Telegram group settings whether or not this person is a registered administrator of the group. If they are not, then you are most certainly dealing with a scammer and should report the user in question.

As for our Celsius Telegram chat, our admins will never message a user first and always encourage users to reach out to them via DM if they need extra assistance. Celsians can be assured that if another “user” reaches out to them first claiming to be an admin, it is most definitely a scam.

Telegram users are also able to adjust their settings to avoid messages from scammers. In the Telegram app, go to Settings > Privacy and Security > Groups & Channels, and then set to “My Contacts”. This ensures that only those in your personal contacts are able to send you private messages through the app.

**To protect our community, Celsius Network has avoided offering “special deals” which scammers often use as reasons to convince borrowers and depositors to transact with them.**

2. Viruses and Trojan Horses

This type of attack is relatively new to the crypto space, but it shows no signs of slowing anytime soon. Here’s how virus attacks and trojan horse scams work.

An attacker will post a file to the chat room or forum. The file will likely have a name that suggests that it is official, or of great interest to followers of the group or project. Filenames will typically include the name of the project or keywords like “ICO”. The files in question will have an extension that appears harmless. One recent popular file extension we have been seeing is .SCR, which is a file designated for screensavers. This type of file can harbor viruses or other malicious code that is undoubtedly designed to locate and extract information that may help a hacker gain access to your cryptocurrency — such as your private keys, passwords, and so on.

How to Spot the Scam

This one is also pretty easy to identify and avoid. Do not download files posted to chat groups, forums, or any other type of shared digital community, for any reason. Project administrators will only share links to official sources such as company webpages, YouTube channels, blog posts, and so on. If the file looks legitimate but you are unsure, ask an administrator — and always err on the side of caution.

**Celsius treats all users the same and only enables deposits and withdrawals via our mobile apps, which are much safer than websites or emails which can be easily spoofed or replicated.**

3. Phishing Sites and Fake Blogs

One particularly aggressive attack is when someone creates look-alike websites and blogs, known colloquially as phishing sites. Phishing site operators will register domain names that look very similar to the real site. If the real website address is something like “realsite.io”, the scam site operator will register “real-site.io” or “realsite.com”, for an example.

On these sites, links will be added to false contribution pages that would list an address to send Ether or Bitcoin and will claim that smart contracts would automatically receive the Ether and send the correct amount of tokens in response. This, of course, is a lie and is merely a trap attempting to catch unsuspecting individuals.

How to Spot the Scam

This one can be a little harder if you’re not careful. First, it’s crucial that you double check and make sure you know the correct website for the project you are trying to reach. An excellent place to check would be the pinned message in the official Telegram group or links on other trustworthy sites. Even if you feel you were at the correct site, do not send cryptocurrency to any address listed on the website as legitimate projects will not post an address or ask for contributions. The same is true for blog sites and services.

**We put our members' safety and interest first, which is embedded into every feature and function of our apps. This approach differentiates us from almost every other Blockchain company out there. You will be hard to find negative reporting or feedback from our community.**

Final Thoughts

Cryptocurrency is a huge step forward for humanity when it comes to our freedom and flexibility to send value anywhere around the world. However, with increased freedom comes increased risk.

The good news is that these types of scams are very easy to combat and only require a little bit of patience and double checking. Remember that if a scammer, hacker, or thief gets a hold of your cryptocurrency, then it’s gone forever, and there is nothing anyone can do to get it back. That’s why it’s important to be vigilant and never take anything at face value.

Celsius has always been about community, transparency, and freedom. We hope that by sharing this information, we can help not just our users, but those of any other legit project that is targeted by scammers and other nefarious opportunists.