One of the main reasons why transacting in cryptos such as Bitcoin and Ethereum can be somewhat scary for newcomers is the number of scams that plague the entire cryptocurrency ecosystem. While some cryptocurrency scams are simple and obvious, others are more complex and sometimes difficult to avoid.
Over the past several years, cryptocurrency scams have evolved to a point where the scams have not only become more elaborate but ambitious in scope. Bad actors have been consistently trying to improve their techniques to trick innocent cryptocurrency users into falling for these scams.
In this article, we will discuss some of the most common cryptocurrency scams that you should avoid. We have also mentioned some useful tips to ensure proper cyber hygiene and keep scammers at bay. To round off, we will also discuss some of the essential security features at Liquid.
Types of common cryptocurrency scams
Investment scams are widespread. In this scam, the scammers would promise services or products offering high profits or returns with little or negligible risk. In return, all they ask is for you to transfer cryptocurrency, or grant them access to your wallets or trading accounts. Things that are too good to be true, often are. While the scammer might initially reassure you with small amounts of the promised returns, eventually they will take off with all your assets and disappear without a trace.
Believe it or not, these types of scams are very common among newcomers without much knowledge of the industry. Examples of investment scams include Ponzi and pyramid schemes. In some cases, social media influencers might be engaged to help lend credibility and promote fraudulent services and products. Some of these investment scams may also be promoted through some form of contest or marketing campaign, which leads us to the next common scam to be discussed, the giveaway scam.
In giveaway scams, the scammer will promise you free cryptocurrency as part of a supposed giveaway and will request that you verify your wallet address by sending some cryptocurrency to a wallet address specified by them.
Giveaway scams spread quickly on social media channels such as Twitter and Facebook. Scammers typically use fake accounts to impersonate the Twitter and other social media handles of celebrities, prominent personalities, or popular crypto companies. To avoid suspicion, scammers may use fake accounts to comment on the official Twitter and Facebook pages of companies and personalities in a bid to reach their followers. At other times, scammers may hack into legitimate social media accounts to perpetrate the giveaway scams. For example, a high-profile Twitter hack from earlier this year managed to compromise the Twitter accounts of Joe Biden, Elon Musk, Kim Kardashian, and many other prominent figures and companies. These compromised Twitter handles then tweeted the link to the cryptocurrency wallet used for the giveaway scam, with the scammers reportedly collecting at least USD110,000 worth of Bitcoin before the tweets were removed.
While social media platforms have recently started to actively crackdown on scam posts and fake accounts, scammers have continued to invent new techniques to promote their giveaway scams.
In employment scams, scammers impersonate recruiters and executives with bogus job listings for crypto companies such as Liquid, usually via Telegram. Scammers will proceed to solicit cryptocurrencies from eager job seekers in exchange for training or job-related materials. In some cases, scammers might ask job seekers to participate in crypto-asset transfers in arrangements that could potentially be facilitating illegal money laundering.
Note: We at Liquid NEVER contact job seekers via Telegram. All of our job listings are available on the official Liquid website and LinkedIn company page.
The next scam you need to avoid is a phishing scam. Phishing scams are neither new nor limited to the crypto universe. Threat actors use phishing techniques to get into people's online bank accounts, email accounts, and other password-protected accounts. While phishing attacks can come in various shapes and forms, the end goal of every phishing scam is to trick victims into handing over sensitive data and login credentials, and, as far as the crypto space is concerned, the aim is to get access to your crypto assets.
A common modus operandi used in phishing attacks is to trick victims into visiting a website that they may assume to be that of a legitimate service. The service could be a crypto exchange, a wallet, or some other crypto-related service used by the victim that requires a password or other access credentials. Victims are usually deceived by the use of a website domain address that is very similar to the official address of the real website or platform that they are trying to access. For example, the scammer may try to persuade Liquid users into entering their account login credentials on a bogus Liquid website that is running a phishing script.
A friendly reminder that our official website is www.liquid.com. This will appear as app.liquid.com once you are logged in. Make sure to check for the correct website address details in your web browser’s address bar. We recommend keeping your Liquid login credentials secure and avoid sharing them with anyone else.
ICO Exit Scam
An initial coin offering (ICO) is a fundraising initiative for a token project. ICOs can be used for fraudulent purposes, and there have been a few high profile cases involving ICO exit scams.
In ICO exit scams, scammers try to convince people to buy into a new token project by purchasing the new token in an initial coin offering. Once enough people have purchased the tokens, the scammers will disappear with the funds collected from purchasers.
If the token price appreciates due to over-promotion and strong demand, the scammer may dump their stock of tokens to cash out an additional profit. This may result in a corresponding price drop and leave the other purchasers with tokens that have no real value. This scam is also known as a Ponzi (pump-and-dump) scheme.
Sometimes it can be difficult to tell legitimate ICOs from scams. We encourage you not to participate in any ICO (or purchase lesser-known tokens after an ICO) unless you have thoroughly researched the project and its team and you understand the related risks.
Telegram has become the breeding ground for cryptocurrency scammers trying to promote nearly all sorts of scams. All the scams that we have discussed so far in this article can take place on Telegram. From employment scams to giveaway scams, Telegram allows scammers to connect with their victims directly and discretely.
One of the most prominent Telegram scams targeted at crypto exchange users is the tech support scam. Scammers would impersonate major crypto exchanges like Liquid and offer to help users ‘fix’ account issues or ‘upgrade’ their account security, provided that users disclose their account login credentials or transfer cryptocurrency to a wallet address for ‘payment’.
Note: We at Liquid NEVER ask users for their login credentials or payment. If you are facing any issues with your Liquid account, send us an email at firstname.lastname@example.org.
We have also encountered cases where fraudsters have approached less tech-savvy individuals interested in cryptocurrency trading with an offer to assist in the account opening process with Liquid. The fraudsters first obtain KYC documents from their victims to complete account verification. Once the account is opened, the victims proceed to deposit their funds into their new Liquid account. The fraudsters would have retained full access to their victims’ accounts or alternatively would use the KYC documents to regain access. They will proceed to clear out the funds in the victims’ accounts by swapping them into highly liquid cryptocurrencies such as Bitcoin for withdrawal into their own wallets.
Tips to avoid cryptocurrency scams
- Avoid sending cryptocurrency to unknown external addresses. Liquid will never ask you to send cryptocurrency to external addresses outside Liquid for the purposes of ‘fixing’ or ‘verifying’ your Liquid account.
- Avoid sending cryptocurrency under the false pretext of address verification for a promised giveaway.
- Do not fall for fake screenshots promoting bogus cryptocurrency offers and giveaways on social media. Even if the account handle looks familiar, check whether the posts were actually made by Liquid’s official social media accounts.
- Be careful about websites promising high returns or unrealistic profits. Do some research on the service or product provider on your own by checking with consumer protection websites and investor warning lists maintained by regulators.
- If a website or project claims to be affiliated with or endorsed by a trusted party such as Liquid, always confirm the relationship through independent sources.
- Watch out for spelling or grammatical mistakes in communications or website domain addresses as that could be an indication of fraudulent activity.
- NEVER share your Liquid account login and security credentials with anyone, including Liquid employees.
- Do not fall for fake giveaways and job offers on Telegram. Check Liquid’s official channels for job postings and campaign announcements.
- Always REPORT suspicious or fraudulent account activity to Liquid Support.
- Always do your own RESEARCH before purchasing new tokens in ICOs or lesser-known cryptocurrencies.
- Use two-factor authentication (2FA) to safeguard your Liquid account.
Liquid’s security measures
Two-factor authentication (2FA)
Liquid makes two-factor authentication (2FA) mandatory for all accounts and significant account actions, including password reset, new withdrawal blockchain address registration, and crypto withdrawals.
When users reset their Liquid account password, we do not allow them to make changes to their email address for at least three days, thereby enforcing a “cooling period”. Similarly, if you reset your Liquid account password or change your registered email address change, you cannot disable the two-factor authentication during the “cooling period.”
Liquid will not process your withdrawals for three days after you make changes to your account settings.
Cold wallets & secure MPC technology
For Liquid’s Japan users, 100% of client assets are stored in cold wallets. Liquid’s global users’ assets are protected by secure multi-party computing (MPC) technology.
All withdrawals at Liquid are managed with a combination of layered authentication protocols to authorize a cryptocurrency transaction. Liquid’s warm wallets are powered by state of the art secure MPC technology to ensure a high level of security and service levels.
Liquid has robust verification policies where users must provide official ID documents and proof of address to access our exchange fully.
For more information about Liquid security measures, visit this link.
By now, we hope you have learned that scammers only try to cash in on your greed or fear, expecting you to act fast and make a quick decision without a second thought.
In this article, we only covered some of the most common cryptocurrency scams out there. The truth is scammers are continually innovating their fraudulent schemes.
We at Liquid take our users’ account safety and protection very seriously. Before we sign off, let us remind you that you should always report suspicious or fraudulent account activity to Liquid Support.
All guest authors’ opinions are their own. Liquid does not endorse or adopt any such opinions, and we cannot guarantee any claims made in content written by guest authors.
This content is not financial advice and it is not a recommendation to buy or sell any cryptocurrency or engage in any trading or other activities. You must not rely on this content for any financial decisions. Acquiring, trading, and otherwise transacting with cryptocurrency involves significant risks. We strongly advise our readers to conduct their own independent research before engaging in any such activities.
Liquid does not guarantee or imply that any cryptocurrency or activity described in this content is available or legal in any specific reader’s location. It is the reader’s responsibility to know the applicable laws in his or her own country.
Providing liquidity for the crypto economy.