UK consumers reported 10,000 incidents of cryptocurrency fraud between October 2021 and September 2022, amounting to a total loss of £226 million and representing a 32% increase from the previous year, according to data from Action Fraud.
In response to the rise of cryptocurrency fraud, Cybersecurity expert VPN Overview reveals the ways in which consumers can avoid five common cryptocurrency scams.
1. Phishing and email impersonation
Phishing – sending emails with the purpose of obtaining personal information – is the most common form of cybercrime. The UK had the highest number of people falling victim to phishing in 2022, averaging at 4783 for every million internet users, a 40% rise from 2020.
These cyber criminals may impersonate cryptocurrency apps, such as Bitcoin. They are likely to issue a “security alert” in an attempt to lure you to a fraudulent site, where you’ll be asked to enter your security and account credentials. This will then allow them to gain illicit access to your cryptocurrency account.
How to protect yourself against phishing
– Be critical before you click on links. More often than not, hackers will make minor changes to URLS, such as grammatical errors, strange wordings, and misspellings.
– Type out the name of a website. By doing this yourself, you can discover whether an email is really from a reputable sender and protect yourself against phishing.
– Before entering any personal information, remember to double check your browser for incriminating evidence. An unlocked padlock in front of the URL, not having ‘https://’ before the full site address and a misspelt website are all signs of phishing.
2. Phone impersonation fraud
Cybercriminals are able to create false customer support phone numbers for cryptocurrency exchanges, wallets or apps. They are also able to spoof real customer support numbers, which are more likely to lure you into a false sense of security.
How to protect yourself against phone impersonation fraud
– Don’t overlook multifactor authentication information. Two-factor codes add an extra layer of security to your account in case your passwords are compromised.
– Protect your personal information. Don’t share any passwords over email or phone. Instead, you should only enter these into secured parts of legitimate websites.
– Cryptocurrency customer service representatives do not require remote access to your computer. Decline if the scammer requests this to “fix and issue”.
3. Fake cryptocurrency social media giveaways
There are countless cyber criminals running fake cryptocurrency social media giveaways. They will likely imitate a public figure to promote the competition, guiding you to a fraudulent website which will ask for your personal information.
Before continuing with the giveaway, you may be asked to verify your address by sending Bitcoin to the giveaway’s blockchain address. This can lead to you clicking on malicious links, scanning fraudulent QR codes and being scammed with a huge amount of money.
How to protect yourself against fake cryptocurrency social media giveaways
– Before click on any links, remember to double check the URL. The website will likely be misspelt if the cryptocurrency social media giveaway is a scam.
– Don’t use blockchain address verification. In other words, you should never “verify” your blockchain address by sending Bitcoin or cryptocurrency.
– Do your own research. A quick online search can reveal if the legitimate company is running a cryptocurrency giveaway. Then, you can go ahead and report the fraud.
4. Extortion, sextortion and cryptocurrency
Extortion continues to threaten consumers and businesses. In the UK, more than one in eight organisations (82%) was manipulated using ransomware, a type of malware which allows criminals to hold information at ransom in exchange for money or cryptocurrency.
In addition to extortion, cybercriminals may also use sextortion scam tactics. This is when they claim to have accessed your computer, obtained explicit content and threaten to release them if you don’t send money or cryptocurrency to their blockchain address.
Fraudsters and hackers can also purchase passwords and corresponding emails on the dark web from old data breaches. You might see one of your old passwords in the subject of an email – they’re almost always fraudulent even if these scams can make your heart jump.
How to protect yourself against extortion and sextortion
– Don’t reply. It’s best to ignore them, mark the email as spam or block the number that has called you and report it to the local authorities.
– Regularly change your passwords. Make sure they’re different across accounts – they should contain uppercase and lowercase letters, symbols and numbers.
– It’s always a good idea to run a malware scan on your device. If you’re unsure how to do this, here are our top five antivirus software picks.
5. A man-in-the-middle attack
A man-in-the-middle attack is when a hacker intercepts the data between your device and the internet router. This often happens when you’re using public Wi-Fi, although it can happen at home if the hacker is close enough to intercept the signal from your Wi-Fi.
This allows cyber thieves to read any data you send, including passwords, login information and private keys. They can also gain access to your cryptocurrencies if you’re logged into a crypto app and drain your accounts, hold information at ransom and so on.
How to protect yourself against a man-in-the-middle attack
– Think before joining a public network. If you’re not able to use 5G, ask businesses if they provide any Wi-Fi for customers.
– Download a reliable VPN. This will encrypt all data going to and from your device. So, if a hacker intercepts your data at the airport, they won’t be able to read it.
A spokesperson from VPN Overview has commented: “The rise of cryptocurrency fraud poses a threat for businesses and consumers alike. Cybercriminals are relentless – they will impersonate others, hold information at ransom and more in pursuit of illegally obtaining cryptocurrencies. By understanding the main cryptocurrency scams, you can avoid them and protect your crypto assets during this turbulent time.”
HedgeThink.com is the fund industry’s leading news, research and analysis source for individual and institutional accredited investors and professionals