Honeypot Deployment – How To Lure Hackers Into a Trap
Become a millionaire overnight. Your first million is just a few clicks away. Ads like this on social media sound very promising. Who doesn't want to earn a lot of money? But if it sounds too good to be true, it's probably fraudulent. According to investigations by the NGO The Better Business Bureau, crypto scams were the second most prevalent scams against consumers in 2022. By comparison, in 2020, they were the seventh most common. Cybercriminals are finding it all too easy to lure potential victims as they are often unfamiliar with Bitcoin and the like. The fact that virtual currencies continue to count among the biggest investment trends only makes things worse, and the scammers are only too willing to exploit the situation in a variety of ways. We explain everything you need to know here about the different scam methods and what you need to watch out for to avoid becoming a victim of fraud.
The most common crypto scam methods: a risk to investors
It really comes as no surprise that cybercriminals are constantly developing new and more deceptive methods to get money. And the hype surrounding digital currencies is playing right into their hands. Media reports on the stories of crypto multi-billionaires do the rest and tempt many people to throw caution to the wind and accept offers from criminals by letting their guard down. According to a report by the blockchain analysis firm "Chain analysis", scammers netted a total of $14 billion in 2021 through their various crypto schemes. None of this is anything new, though.
One of the most prevalent methods is phishing. This involves faking the web pages of well-known trading platforms and crypto wallets to make them look so similar to the originals that it can be difficult to tell them apart. If users enter data into these counterfeit sites, such as their password or private key for their digital wallet, scammers gain access to their sensitive information and can get their hands on its currency.
But these websites can also lure victims into investing new money, and the scammers get their cash.
Emails purporting to come from a trading platform can also be faked and used for phishing attempts. These emails will link to a bogus website that prompts them to confirm their private key. Using this data, the cybercriminals can log into the genuine site and access the user's wallet. But it doesn't have to be an email: text messages from allegedly reputable trading platforms can also contain these dangerous links. This type of fraud is known as "smishing".
But criminals also use other methods to phish for information besides emails and SMS messages. Authorities are warning of ever more counterfeit crypto apps that users can download officially from Google Play or the App Store. At first glance, the apps look identical to the originals.
And while we're talking about apps, dating apps are also now being used to prise open the wallets of unsuspecting victims via a scam called "pig butchering". It's similar to romance scams: criminals use a dating app to contact their victims and manipulate them into opening a wallet on a fraudulent trading platform. Those at most risk are usually inexperienced and have been heavily manipulated, so they think nothing about depositing their money.
Even Initial Coin Offerings, ICOs for short, can be risky. These are when new crypto firms do fundraising for their currency and ask potential customers to invest. Established currencies such as Bitcoin or Ethereum are given to the crypto "start-up" – the investor usually receives a discount on the new currency, which they are assured will be the hot new cryptocurrency. In some cases, there never was a currency – the promise of quick cash only coming true for the fraudsters who walk away with billions.
The Crypto Queen and the snowball effect
One of the most sensational cryptocurrency scams in recent years is the billion-dollar OneCoin scam. The founder of the digital currency, Dr Ruja Ignatova, promised her investors the ultimate get-rich-quick scheme. OneCoin was supposed to be a "Bitcoin killer", and by 2018, the Crypto Queen said the currency would be the topmost transacted cryptocurrency in the world. She was celebrated internationally, and the OneCoin movement took on a cult-like appearance.
But it all came tumbling down in 2017 when it became clear that OneCoin was a giant Ponzi scheme that made its investor a billionaire and left her victims with nothing. Ruja Ignatova relied most of all on the promise of wealth for her investors. In her public appearances, she leant heavily on the success of Bitcoin and promised her victims a large fortune with just a few "coins". She repeatedly referred to the Bitcoin millionaires. Her plan worked perfectly. Within six months, she quadrupled the value of OneCoin: from 50 cents to two euros.
But the Crypto Queen didn't operate the currency herself at all. Instead, she offered her investors "educational packages" costing between a few hundred euros and several thousand. By purchasing these packages, investors gained access to an online portal where training materials were offered. Depending on the package they bought, investors received tokens that they could exchange for OneCoins via the blockchain. They could receive additional tokens by recruiting other buyers with a snowball effect. The more investors recruited by a person, the higher they climbed up the hierarchy and the bigger their share of the profits.
But there was a catch: the blockchain never existed, and the supposedly high exchange rate was set by her employees at whatever level they wanted.
As Dr Ignatova kept breaking her promises, investors became ever warier starting in 2016 and felt that something wasn't quite right about OneCoin. In April 2017, the German Federal Financial Supervisory Authority (BaFIN) prohibited transactions with OneCoin. Ignatova disappeared in October 2017, and the authorities lost all traces of her. How many investors and followers actually lost money as a result of the scam is still not known to this day.
Identifying scams
There are some red flags for spotting scams. The higher the guaranteed returns, the more caution is needed. Even experts can't predict how prices will move in the crypto world as the market is unregulated. Overblown marketing campaigns are often run online and offline to get the word out to as many people as possible, and this can be a sign that it's a scam. It's even plainer to see when the advertising promises cannot be backed up by anything.
Being asked to provide personal details via unsolicited emails, texts, social media requests or even on the phone is a red flag that cybercriminals are behind it. Another way to play it safe is only to download trading apps from official app stores. A good look at the reviews or how the app looks is worthwhile.
You should also protect your wallet with two-factor authentication or multi-factor authentication. This adds another layer of security by linking your login to two independent components. This is how you can protect yourself from cybercriminals in the crypto-verse.
