July 08, 2018

Fraud Protection: Three Common Bitcoin Scams and How to Avoid Them

Desktop keyboard and mouse.

Before we get started, know this: Airbnb does not accept bitcoins. 

Nor do most hotels, landlords or sharing services.

A scam has been making the rounds lately claiming to rent home shares in exchange for cryptocurrency payments. Typically, this scam focuses on Airbnb rentals. Usually, the criminals will post a listing on Airbnb's website, and when you contact them, they'll ask if you'd like to pay using crypto (typically bitcoin). Often they'll provide a link that you can follow designed to look like an official Airbnb URL, and it will take you to a spoofed version of the company's website made to look very real. This is a scam.

The best way to beat this is to remember your rules about phishing operations, the ones we'll discuss below: 

  • Never click on a foreign link. 
  • Always type in a website's URL yourself and follow internal links on the company's page. 
  • When in doubt, ask the company for advice. They'll be the best resource for whether or not an offer is legitimate.

And remember: Airbnb does not accept bitcoins. 

Why Scammers Want Your Wallet

So… your Bitcoin wallet is probably worth a decent amount of money. The cryptocurrency has been on a tear ever since it broke into public consciousness roughly two years ago, and despite some ups and downs, it holds a solidly four-figure value.

That kind of money attracts all types: the investors, the speculators (yep, they’re different), the modestly curious and, sadly, the thieves. It turns out there are a lot of people out there who want bitcoins, many of whom would be very happy to take yours. Their problem is that cryptocurrency is actually a pretty secure platform. Bitcoins can’t be copied (that’s their genius) and they’re almost impossible to take. Without your private key or a computing rig to rival the NSA’s most fevered dreams, there’s not a whole heck of a lot a hacker can do to outright steal a token.

So instead crypto-thieves work hard to try and convince you to accidentally hand them over.

Con artists with none of the charm of a young Robert Redford or Harold Hill pull all sorts of dirty tricks. The methods change over, the faces look different, but the goal is always the same: to convince you (the user) to hand over your cryptocurrency to a stranger without realizing you’ve done so. 

Unfortunately, many of the same features which make Bitcoin so secure also make it an excellent target for these scammers. 

  • Once transferred, there’s little (if anything) someone can do to recover their stolen coins.
  • Coins can move anonymously, shifting not to a person but to an unverified wallet backed up only by a meaningless e-mail address. (A reason why we here at XCoins verify all our users to help prevent this.)
  • Coins can cross borders with ease, meaning that there’s not a whole lot the authorities can do to chase down your property once stolen.

Bitcoin was designed as digital cash, so think of it like handing someone a $20 bill. Once in their wallet, it’s as good as gone. The same holds true with a bitcoin.

This is one of the reasons we’ve worked so hard to build XCoins into an ultra-secure platform. We want you thinking about how to make money and have some fun while you trade, not worried about who’s on the other end. Sadly, that isn’t always true on the rest of the web.

So while you’re researching your cryptocurrency investments, keep an eye out for these common bitcoin scams. Even just a little bit of vigilance can help keep your hard-earned money where it belongs.

Number One: Phishing

This one is probably the biggest, nastiest scam out there right now by sheer numbers. Phishing attacks have stolen millions of dollars’ worth of cryptocurrency over the past several years. Con artists love phishing because it’s low-cost, low-maintenance and brutally effective. (For a good read on attacks in action, check out this piece by Kaspersky Labs.)

A phishing attack is essentially nothing more than a message that tries to trick you into:

  • Visiting a malicious website
  • Giving away your personal information
  • Downloading malware
  • Some combination of the above

Desktop keyboard with a large gold ampersand sign.

Traditionally they come in the form of e-mails, but clever hackers have started to rely more and more on social media because of the trust built into that system. (When your friend shares something, it immediately has more currency than a random e-mail.) In any case, the message is built to look and feel like it came from a trustworthy source, such as a cryptocurrency exchange or a web wallet. They’ll steal the logos, branding, and will probably even spoof the e-mail address all to make you think that this is legit.

Then comes the hook. Your account has been hacked, click here to verify your login details! Or perhaps they are issuing a new ICO, and are offering an airdrop to people who respond right away. Whatever the message, the hackers want you to hand over your login credentials so they can swoop in and clean you out. More sophisticated hackers drop malware on your computer that will steal your cryptocurrencies for them. Neither are the outcomes you want.

How to Stop It:

Never click the links.

There are a lot of ways to take care with phishing attacks. Beware of overly-generous offers. Always have your guard up around unsolicited contacts. The biggest one, though, is simple. Never, ever click the link in the e-mail.

Just surf over to XCoins.com directly. As long as you do that, their message can’t redirect you to a malicious site or drop a keylogger on your hard drive. It is simple, clean, and effective. 

Number Two: The Fake ICO

This is it, gentlemen! It’s lambo time to the moon plus 1,000 percent!

Red sports car.

The Internet is riddled with false promises and get-rich-quick ICO schemes. Most are lies.

In a fake ICO scam, the con artist launches a website promising the next big blockchain technology. It will come with buzzwords, lots of graphics, pie-in-the-sky ideas and an overall vibe designed to appeal to cryptocurrency evangelism. The goal is to convince buyers that this is their chance to get in on the ground floor of something that will make them stinking rich. The scammers are helped out by the fact that people who got in on the ground floor of cryptocurrencies like Bitcoin and Ethereum did, in fact, end up stinking rich.

This has become so common that the Securities and Exchange Commission set up a website to help teach people what an ICO scam typically looks like.

How does this steal your bitcoins? Simple. Their ICO doesn’t accept cash or altcoins. You can only buy into their once in a lifetime offer with Bitcoin or Ethereum. So you do, then you sit back and wait for your new tokens to roll in. And you wait… and you wait… and then their website mysteriously goes offline. It’s the 21st Century equivalent of selling the Brooklyn Bridge, and it’s, unfortunately, quite effective. 

How to Stop It:

Research, research, and more research. One of the biggest liabilities to cryptocurrency investing is that many people approach this field far too casually, lured in by promises of easy money pulled out of thin air. 

The ICO scam relies on that, so avoid it. Take your time and read up thoroughly before investing in anything. If the offer is too good to be true, it probably is. If it’s expiring fast, they probably don’t want you to have enough time to think things through. So slow down and read up on every investment before you make it. 

Number Three: The Fake Bitcoin Exchange and/or Wallet

This con generally takes on one of two forms.

Sometimes a con artist will set up a website that looks like its own exchange or its own cryptocurrency wallet. It will have logos, graphics, all it needs to look just like the real thing. These con artists want you to log in and create an account with them, pretending to offer all the services of a regular site. In fact, they’ll sometimes sweeten the pot with great introductory offers. 

Other times the website will mimic an existing service, stealing all of the digital assets from that site in order to create an exact duplicate that lives at a very similar address. Often those predators are waiting for users who make a typo, hoping they’ll log into the fake website without ever realizing that something’s gone wrong.

Wnat to konw how esay tihs it is to msis taht tpyo? Ask yuorslef how many wrods in the lsat few snetnces jmuped out at you as missspleled or ohterwsie worng. Our eyes glance over individual letters as long as they are generally right and the first and last are intact. So it is very easy to miss a jumbled up URL.

In both cases, the goal is to trick you into doing business with a con artist.

The jaws of this particular trap spring shut in a few ways. First, they want to sell you air. On their exchange, you can do business, purchasing bitcoins and other cryptocurrencies as you would anywhere else. The catch is that those purchases never seem to arrive. In fact, if you used your banking information to buy some tokens, you may find that account cleaned out entirely.

Man in front of a computer appearing surprised.

For the websites built to steal the look and feel of legitimate sites, just like a phishing scam, they also want to get your login information. Quickly, the con artists will bounce over to the real thing and log in with stolen credentials, pretending to be you as they empty your accounts.

Of course, for the fake wallets, they want one thing: the private keys to your cryptocurrency.

How to Stop It:

Check your URLs and trade conservatively. Take care with each address to make sure it begins with HTTPS, not just HTTP. Make absolutely sure that you got where you intended to go before entering any login information. Even our industry-leading security can’t help you at Xcions.com. (See what we did there?)

Finally, be careful about using any site you haven’t heard of before. There’s nothing wrong with a new cryptocurrency service getting itself started, but be very careful before handing over control of your money. Look them up and do some due diligence. It will pay off in the end.

For all its revolutionary technology, con artists have just as many ways to steal your money online as they do in real life. Don’t let your guard down just because Bitcoin invented a terrific new security system.

If someone is running a charity, make sure your money will actually get to those recipients in need. If they’re promising a business venture with guaranteed returns, remember that’s what Bernie Madoff’s clients heard too.

Take care, think your trades through, and you’ll be just fine. 

While you're here, take a second to learn about how Xcoins.com can help keep you safe while buying cryptocurrencies!  Sign up for free to learn more about how we keep your transactions safe and secure every day!

 

Back to home