3 Cryptocurrency Scams and How to Avoid Them

 

1. Crypto Wallet Scams (Address Poisoning)  

A cryptocurrency wallet holds the entire value of your digital assets, and while it makes blockchain easily accessible, it must be managed as well.

Firstly, cryptocurrency wallets are bits of data scattered in a database. When you key in the necessary information, the wallet gathers vital information such as a living address, IP, and several other factors to present the notional value indicated on a computer, tablet, or phone interface. Or for cold wallets, the key is provided from the thumb drive, paper, or CD.

Address Poisoning

However, in recent times, Address Poisoning is one of the main techniques that is used by scammers to target that process. In such an attack, the perpetrator “poisons” a victim by making several copies of similar addresses from the front and last lines of a crypto address wallet.

The scammer then sends an amount of cryptocurrency into the victim’s account. This scam transaction tricks the victim into mistaking the scammer’s account for their own (some accounts indicate only the first and last digits of the account and most people identify their account by familiarizing themselves with these set of digits).

Unfortunately, some may copy and paste directly from the blockchain or transactional history and send money to the wrong place.

Particularly, the threat of Address Poisoning is high as cryptocurrency wallets do not offer a freeze account option or reversal where the money can be retrieved. This means that the cryptocurrency that has been transferred is permanently lost. This can also be done for other forms of transactions such as a bank transfer to bank accounts.

Additionally, in response to these forms of attacks, Metamask and several reporting sites have increasingly posted relevant information via articles on January 2023 to raise awareness.

2. NFT Scams

Prior to cryptocurrencies, NFTs have also emerged as the most recent fad amongst the younger population. Non-Fungible Tokens take the form of e-art, virtual properties, and characters. In several countries such as the Philippines, a Pokémon-like game named Axie Infinities has also gained popularity.

From wionews.com, “at the peak of the game’s growth last year, a starter team could cost hundreds of dollars”, and farming for a reward took the form of “Smooth Love Potion” which could be exchanged for cryptocurrency and cash. The game expanded to the degree where agencies and scholarships were offered for players to profit from the game.

The Fake Job Scam

On July 2022, one of the biggest crypto heists was from this game.

Scammers created an elaborate fake job scheme to steal over $600 million in crypto by tricking a senior engineer of the game to apply for a scam job. The procedures for applying for that job followed procedural and proper processes such as interviews and aptitude tests. Upon hiring, the engineer was sent an offer letter. 

However, this was a false offer as the letter was filled with spyware. Upon download, the North Korean-based hackers gained access to the blockchain “Ronin” and quickly carried out the heist.

This heist was a great loss for the company and impacted the functional operation of the game, but it has proven to be a monumental lesson on the importance of cybersecurity. Individuals should always be aware of Phishing Fake Job Offers, as these attacks are targeted at corporations as well as individuals.
 

Cyber Security and Prevention

From the Axies Infinity Heist, Mavis (the company of the game) implemented additional validator nodes and the implementing of a zero-trust security model. This model assumes that every individual connecting to the company is suspicious and will require verification. Some companies also take it a step further by cleansing every file and preparing them for destruction and disposal. Regardless of which approach is chosen, it is important for companies to maintain a cautionary stance against external files and maintain a web of security measures to prevent malware.
 

 

3. Bitcoin Scams

Digital Currency is the trend of the current generation, but regulations and structuring mechanisms are lacking. In 2022, finance yahoo records that up to $3.5 billion was lost in 2022 to scams from crypto markets.

Man-In-The-Middle Scams

Bitcoin and forex trading are all prone to “Man-In-The-Middle” scams where a scammer intercepts the connection between a user and a server to carry out scams or directly hack into the system.

Arp Spoofing

Specifically, the term ARP spoofing or ARP poisoning is the technique that is used.

ARP spoofing can only work when an attacker has access to the network, this allows them to acquire the IP addresses of the 2 devices such as a computer and a router.

Following the acquisition of the networks, the attacker will send forged ARP responses to impersonate as the computer to the router and the router to the computer respectively. The term “man in the middle” is the direct representation of the external threat as the imposter. Both sources, the router, and the computer are now connecting to the hacker instead of to each other, he/she is in the middle of all communication, which entails being able to steal data, hijack the account or carry out other forms of attacks such as a Distributed Denial of Service (DDOS).    
 

Conclusion

As the financial markets continue ahead into the grim outlook of 2023, more attempts to scam individuals will continue.

To avoid NFT scams, investment scams or crypto scams, it is paramount to research on what is being invested and the risks of these investments. If the cyber security measures put in place are lacking or if you do not possess the necessary infrastructure for countermeasures, it can be beneficial to invest in third-party security features or malware removal software.    

Lastly, excessively lucrative packages on social media accounts or NFT giveaways are almost always a deliberate phishing scheme. Regardless of the offer, do not provide personal details such as credit cards, bank account numbers or download unknown attachments.  

 

Start Trading With Orient Futures Singapore 

Being an Overseas Intermediary of Shanghai International Energy Exchange (INE), Dalian Commodity Exchange (DCE), and Zhengzhou Commodity Exchange (ZCE), when foreign clients participate in internationalised futures contracts in these Chinese markets with us, they have direct access to trading, clearing, and settlement. Our parent company, Shanghai Orient Futures, is the largest broker in terms of aggregated volume across the five regulated exchanges in China.

Orient Futures Singapore also currently holds memberships at the Singapore Exchange (SGX), Asia Pacific Exchange (APEX), and ICE Futures Singapore (ICE SG).

We provide premium customer service at an affordable cost to all our clients. Our team will be there for you 24 hours on trading days to provide a one-stop portal for all your trades, with simple processes and an intuitive user interface that has low or near-to-zero latency.