Article featured image

Common crypto scams and how to identify them

By Romeo F.
23 Jun 2023
21 min read

Crypto scams are a reality that we have to live with. The more crypto and crypto-related digital assets gain popularity, bad actors with malicious intents find new ways to manipulate the market and commit fraud.

Although we can’t stop bad actors, we definitely can uphold the spirit of DYOR—Doing Your Own Research.

In this article, we will explore the most common scams in the crypto market and provide you with valuable insights on how to identify and protect yourself from them. By raising awareness and promoting a cautious approach, we aim to empower readers with the necessary information to make informed decisions in their crypto ventures.

Join us as we delve into the intricate world of cryptocurrencies and uncover the tactics used by scammers, ultimately arming you with the knowledge to navigate this ever-evolving landscape safely.

Ponzi Schemes and Pyramid Schemes

Ponzi scheme definition

Ponzi schemes and pyramid schemes are among the oldest and most well-known types of financial fraud, and unfortunately, they have found their way into the crypto market as well. Understanding their mechanics is essential for protecting yourself against these deceptive practices.

A Ponzi scheme is named after Charles Ponzi, who orchestrated one of the most infamous financial scams in history. In a Ponzi scheme, the fraudster promises high returns to investors, often exceeding what traditional investments can offer. Initially, early investors may receive their returns as promised, which creates an illusion of legitimacy.

However, these returns are not generated through legitimate means but rather from the investments of subsequent investors. The scheme collapses when the number of new investors dwindles, making it impossible to sustain the promised returns.

On the other hand, pyramid schemes rely on recruitment and the establishment of a hierarchical structure. Participants are enticed to join by paying a fee or purchasing a product with the promise of earning commissions for recruiting others into the scheme.

As the pyramid grows, the individuals at the top benefit the most, while those at the bottom struggle to find new recruits. Pyramid schemes eventually collapse, leaving most participants with significant financial losses.

Common characteristics and red flags

To protect yourself from Ponzi and pyramid schemes in the crypto market, it is crucial to be aware of their common characteristics and red flags. Some of the warning signs include:

Unrealistic and guaranteed high returns: Scammers often entice investors with promises of unusually high and guaranteed returns, regardless of market conditions or risk factors. Remember, investments inherently involve risks, and any claim of guaranteed profits should be treated with suspicion.

Lack of transparency: Ponzi and pyramid schemes thrive on secrecy. If the scheme fails to provide transparent information about their operations, investment strategies, or the identity of key individuals, it should raise a red flag. Legitimate investment opportunities should have clear and verifiable information available.

Pressure to recruit new members: Pyramid schemes heavily rely on recruitment. If the focus is more on recruiting new investors rather than on the underlying product or service, it is likely a pyramid scheme. Be cautious if you feel pressured to bring in more participants.

Complexity and confusion: Scammers may intentionally create complex investment structures and use convoluted jargon to confuse potential investors. Legitimate investment opportunities should be transparent and explained in a clear and understandable manner.

Tips to identify and avoid such scams

Protecting yourself from Ponzi and pyramid schemes in the crypto market requires a proactive approach. Here are some tips to help you identify and avoid falling victim to these scams:

Research and due diligence: Thoroughly research any investment opportunity before committing your funds. Look for credible information about the company or project, its founders, and their track record. Verify their claims and be cautious if information is scarce or inconsistent.

Professional advice: Consult with reputable financial advisors or experts who can provide objective insights and help you assess the legitimacy of an investment opportunity. Their expertise can provide valuable guidance in identifying potential scams.

Skepticism towards unrealistic returns: Exercise caution when encountering investment opportunities that promise exceptionally high and guaranteed returns. If it sounds too good to be true, it probably is. Evaluate the risk-reward ratio and be realistic about investment outcomes.

Beware of recruitment-based structures: Be wary of investment opportunities that heavily emphasize recruitment and offer incentives for bringing in new investors. Legitimate investments should primarily rely on the strength of the underlying asset or business model.

Reporting suspicious activities: If you come across a suspected Ponzi or pyramid scheme, report it to the relevant authorities in your jurisdiction. By reporting such scams, you can help protect others from falling victim to fraudulent practices.

By understanding the mechanics of Ponzi and pyramid schemes, recognizing their red flags, and conducting thorough due diligence, you can significantly reduce the risk of being ensnared in these fraudulent schemes. Stay vigilant, trust your instincts, and remember that legitimate investments rely on sound fundamentals and transparent practices.


OneCoin was a cryptocurrency that was launched in 2014 by Ruja Ignatova, a Bulgarian woman who claimed to have invented a new blockchain technology. OneCoin promised investors high returns, and it quickly attracted a large following. However, it was later revealed that OneCoin was a Ponzi scheme. The company did not have any real blockchain technology, and it was simply paying out early investors with money from later investors.

Phishing and Impersonation Scams

Diagrammatic representation of a phishing attack
Credit: Cointelegraph

Phishing and impersonation scams are prevalent in the crypto market and can lead to significant financial losses if not detected and prevented. These types of scams rely on social engineering tactics to deceive individuals into disclosing their sensitive information or sending funds to fraudulent accounts.

Phishing scams typically involve the use of fraudulent emails, messages, or websites that mimic legitimate platforms or services. The goal is to trick unsuspecting victims into revealing their login credentials, private keys, or other personal information that scammers can exploit.

Impersonation scams, on the other hand, involve fraudsters posing as trustworthy individuals or entities. They may impersonate reputable cryptocurrency exchanges, project founders, or customer support representatives to gain the trust of their targets. Once trust is established, scammers manipulate victims into sending funds to fraudulent addresses or providing sensitive data.

Tactics used by scammers

Scammers employ various tactics to execute phishing and impersonation scams. These tactics can be subtle and convincing, making it crucial to remain vigilant. Some common strategies include:

Email spoofing: Scammers send emails that appear to be from legitimate sources, such as cryptocurrency exchanges or wallets. These emails often contain links that direct victims to fake websites, where their login credentials or personal information are harvested.

Malicious attachments: Fraudulent emails may include attachments infected with malware. When opened, these attachments can compromise the victim's device, allowing scammers to gain unauthorized access to sensitive information.

Fake websites: Scammers create websites that closely resemble legitimate platforms. They may use similar domain names, logos, and design elements to deceive visitors into entering their login credentials or providing personal information.

Social media impersonation: Scammers create fake social media profiles, pretending to be influential figures, cryptocurrency projects, or customer support representatives. They engage with users, build trust, and lure victims into sharing sensitive information or sending funds.

Ways to detect and protect against phishing and impersonation scams

Safeguarding yourself against phishing and impersonation scams requires a combination of awareness, caution, and security measures. Here are some ways to detect and protect against these scams:

Verify website URLs: Always double-check the URL of a website before entering any sensitive information. Be cautious of minor variations in domain names or suspicious-looking URLs. Bookmark official websites to ensure you are visiting the correct platform.

Be skeptical of unsolicited communications: Exercise caution when receiving unsolicited emails, messages, or social media contacts, especially if they request personal information or financial transactions. Independently verify the legitimacy of such requests through official channels.

Check for secure connections: When accessing cryptocurrency platforms or entering sensitive information, ensure that the website has a secure connection. Look for the "https://" prefix in the URL and a padlock symbol in the browser's address bar.

Enable two-factor authentication (2FA): Utilize 2FA whenever possible to add an extra layer of security to your accounts. This additional step of authentication can help protect your funds even if your login credentials are compromised.

Educate yourself on phishing techniques: Stay informed about the latest phishing techniques and scams. Be wary of any requests for personal information, passwords, or private keys, as legitimate platforms and organizations will never ask for these details via email or unsolicited messages.

Keep software and devices updated: Regularly update your operating system, web browser, and security software to protect against known vulnerabilities. These updates often include security patches that can help prevent attacks.

Use reputable security tools: Install reliable antivirus and anti-malware software on your devices. These tools can help detect and block potential threats, reducing the risk of falling victim to phishing or malware attacks.

The Mt. Gox hack

The Mt. Gox hack was one of the most significant events in the history of cryptocurrency. In 2014, hackers stole over 740,000 bitcoins from the Mt. Gox exchange, which at the time was the largest bitcoin exchange in the world. The hack resulted in the loss of over $460 million worth of bitcoin, and it shook the confidence of many investors in the cryptocurrency market. The Mt. Gox hack was a complex event, and there is still some debate about how it happened. However, it is believed that the hackers were able to steal important credentials to exploit the Mt. Gox software. They were able to gain access to the exchange's servers and steal the bitcoins that were stored there.

Fake Initial Coin Offerings (ICOs)

Initial Coin Offerings (ICOs) have emerged as a popular fundraising method in the crypto market. ICOs allow blockchain projects to raise funds by issuing and selling their own tokens in exchange for cryptocurrencies like Bitcoin or Ethereum. Investors participate in ICOs with the expectation that the tokens they acquire will increase in value as the project develops and gains adoption.

ICOs provide an opportunity for individuals to invest in early-stage projects and potentially benefit from their success. However, the rising popularity of ICOs has also given rise to fraudulent schemes aiming to deceive unsuspecting investors.

Common signs of fraudulent ICOs

Identifying fraudulent ICOs is essential to protect yourself from financial losses. Here are some common signs that may indicate the presence of a fraudulent ICO:

Lack of a solid project and team: Fraudulent ICOs often lack a credible project plan or a well-defined development roadmap. They may provide vague or unrealistic goals without a clear strategy for implementation. Additionally, the absence of a qualified and experienced team can be a warning sign.

Unrealistic promises and guarantees: Be cautious of ICOs that make exaggerated claims or promises of guaranteed profits. Legitimate projects focus on delivering innovative solutions, whereas fraudulent ICOs prioritize hyped-up marketing and unrealistic returns.

Plagiarized whitepapers: A whitepaper is an important document that outlines the project's concept, technology, and roadmap. Fraudulent ICOs may plagiarize or copy whitepapers from legitimate projects, altering details to create a false sense of credibility. Always verify the authenticity of the whitepaper.

Lack of transparency and communication: Legitimate ICOs prioritize transparency and engage with their community. If an ICO lacks open communication channels, fails to address concerns or inquiries, and provides limited information about the project or team, it raises doubts about its legitimacy.

Suspicious token distribution and allocation: Pay attention to how tokens are distributed in an ICO. Fraudulent projects may allocate a significant portion of tokens to the team or use unfair distribution models that disproportionately favor insiders. This can indicate a lack of transparency and potential manipulative intentions.

Steps to verify the legitimacy of an ICO

To protect yourself from fake ICOs, it is crucial to conduct thorough due diligence. Here are steps you can take to verify the legitimacy of an ICO:

Research the project and team: Investigate the background of the project and the team members involved. Look for their previous experience, track record, and involvement in the crypto community. Genuine projects will have credible team members with a proven history of success.

Scrutinize the whitepaper: Read the whitepaper carefully, examining the project's technology, concept, and roadmap. Look for innovative ideas, a well-defined vision, and a feasible plan for implementation. Cross-reference the whitepaper's content with other reputable sources to check for originality.

Check for regulatory compliance: Research the legal and regulatory aspects of the ICO. Determine if the project complies with the regulations of the jurisdiction in which it operates. Compliance with relevant laws and regulations adds credibility to the project.

Analyze the community and online presence: Evaluate the project's online presence, including its website, social media accounts, and community forums. Look for active engagement, community support, and transparent communication. Genuine projects will have an active and enthusiastic community.

Review partnerships and advisors: Examine the partnerships and advisors associated with the ICO. Verify the legitimacy of these partnerships by researching the reputation and credibility of the organizations or individuals involved. Legitimate projects often have reputable advisors and established partnerships.

Conduct background checks: Search for any red flags or negative feedback associated with the project or team. Look for news articles, reviews, and discussions on reputable crypto platforms to gather insights from the community's experiences.

Seek expert advice: Consult with experts or professionals in the crypto industry for their opinions on the ICO. They can provide valuable insights and help you assess the project's legitimacy and potential risks.

Pump and Dump Schemes

A typical graph for a coin that has been pumped & dumped
Credit: ICOholder

Pump and dump schemes are deceptive practices that target unsuspecting investors in the crypto market. These schemes involve artificially inflating the price of a cryptocurrency through coordinated buying and promoting activities, followed by a rapid sell-off, causing the price to plummet. The orchestrators of these schemes aim to generate quick profits for themselves at the expense of unaware investors.

How scammers manipulate prices and mislead investors

Scammers employ various tactics to manipulate prices and mislead investors in pump and dump schemes. Some common strategies include:

Pre-pumping accumulation: Scammers accumulate a significant amount of a low-value or lesser-known cryptocurrency before initiating the scheme. This gives them a substantial supply to sell off during the pump phase, maximizing their profits.

Spreading false information: Scammers spread exaggerated or false positive news about the cryptocurrency through social media, forums, and other channels. They create a sense of hype and excitement, enticing investors to buy into the scheme.

Coordinated buying: Once the promotional efforts have garnered attention and attracted investors, the orchestrators execute a coordinated buying spree. This sudden surge in buying activity artificially inflates the price of the cryptocurrency.

Dumping: After the price reaches a peak, the orchestrators swiftly sell off their holdings, flooding the market with their accumulated coins. This massive sell-off causes panic among other investors, leading to a rapid price decline.

Strategies to avoid falling victim to pump and dump schemes

Protecting yourself from pump and dump schemes requires vigilance and caution. Here are some strategies to help you avoid falling victim to these deceptive practices:

Do thorough research: Conduct comprehensive research on any cryptocurrency before investing. Look for reliable information about the project, its technology, team members, and community engagement. Be wary of cryptocurrencies with little substance or those that rely solely on hype.

Beware of unrealistic promises: Exercise skepticism toward cryptocurrencies that promise unrealistically high and guaranteed returns within a short period. Remember that genuine investments carry risks, and sustainable growth takes time.

Be cautious of sudden price spikes: Pay attention to sudden and dramatic price spikes in cryptocurrencies. If a price surge seems unjustified or disconnected from the project's fundamentals, it could be a sign of a pump and dump scheme. Avoid investing in such situations.

Evaluate trading volume: Assess the trading volume of a cryptocurrency. A sudden spike in trading volume accompanied by a price increase may indicate the start of a pump and dump scheme. Look for consistent and organic trading activity as a sign of a healthy market.

Watch for suspicious trading patterns: Monitor trading patterns and price movements of cryptocurrencies. If you notice repeated cycles of sharp price increases followed by rapid declines, it could be indicative of a pump and dump scheme. Exercise caution during such periods.

Avoid acting on rumors or social media hype: Base your investment decisions on solid research and analysis rather than acting on rumors or social media hype. Verify information from multiple reliable sources before making any investment moves.

Use reputable exchanges: Trade cryptocurrencies on reputable and regulated exchanges that implement strict security measures and have transparent trading practices. Such exchanges are less likely to facilitate or tolerate pump and dump schemes.

Trust your instincts: If something feels too good to be true or if you sense manipulation, trust your instincts and proceed with caution. It's better to miss out on a potential opportunity than to fall victim to a pump and dump scheme.

Malware and Wallet Scams

Malware and wallet scams pose significant threats to the security of cryptocurrencies. These scams involve the use of malicious software and deceptive tactics to compromise users' wallets and steal their digital assets. Understanding the types of malware and wallet scams is crucial in safeguarding your funds.

What are Malwares?

Malware refers to malicious software designed to gain unauthorized access or control over a user's device. It can take various forms, such as keyloggers, remote access trojans (RATs), and phishing software. Once installed on a device, malware can intercept sensitive information, including wallet credentials and private keys.

Fake Crypto Wallets

Scammers create counterfeit cryptocurrency wallets that mimic popular and trusted wallet providers. These fake wallets are designed to trick users into entering their login credentials or transferring funds to fraudulent addresses. Users unknowingly provide their sensitive information to scammers, who then gain control over their wallets and funds.

Tactics used by scammers to compromise wallets

Scammers employ several tactics to compromise wallets and deceive users:

Phishing Attacks: Scammers send emails or messages that appear to be from legitimate wallet providers, prompting users to click on malicious links. These links direct users to fake websites where their login credentials are captured. Scammers then use this information to gain unauthorized access to the victims' wallets.

Malware Infections: Users may unknowingly download malware-infected files or software, often disguised as legitimate wallet applications. Once installed, the malware can record keystrokes, capture wallet data, and grant remote access to scammers, compromising the security of the user's wallet.

Fake Wallet Apps: Scammers create fraudulent wallet applications and distribute them through unofficial app stores or phishing websites. These apps may look authentic but are designed to capture users' login credentials or private keys, allowing scammers to gain control over their wallets.

Social Engineering: Scammers may employ social engineering techniques to deceive users into revealing their wallet credentials. They may impersonate customer support representatives or other trusted individuals and convince users to provide their sensitive information or grant remote access to their devices.

Security measures to protect against malware and wallet scams

To protect yourself from malware and wallet scams, it is crucial to implement robust security measures:

Use Official Wallets: Download wallets directly from the official websites or trusted app stores. Avoid third-party sources or links shared through emails or unverified channels.

Verify Website Authenticity: Before entering your wallet credentials, ensure that you are accessing the official wallet website. Double-check the URL, look for secure connections (https://), and verify the website's SSL certificate.

Enable Two-Factor Authentication (2FA): Activate 2FA whenever possible. This additional layer of security requires users to provide a second form of authentication, such as a verification code from a mobile app, when accessing their wallets.

Regularly Update Software: Keep your devices, operating systems, and wallet applications updated with the latest security patches. Regular updates help protect against known vulnerabilities that scammers may exploit.

Use Antivirus Software: Install reputable antivirus software on your devices and keep it up to date. Antivirus programs can detect and remove malware, reducing the risk of compromising your wallets.

Exercise Caution with Links and Downloads: Be cautious of clicking on links or downloading files from unverified sources, especially in emails or messages. Verify the legitimacy of the source before taking any action.

Educate Yourself: Stay informed about the latest wallet scams and malware threats. Be aware of the common tactics used by scammers and learn to recognize phishing attempts and suspicious activities.

Protect Your Private Keys: Safeguard your private keys by storing them offline in hardware wallets or encrypted storage devices. Keep your private keys secure and avoid sharing them with anyone.

Be Skeptical: Maintain a healthy skepticism when approached by unknown individuals or organizations asking for wallet credentials or remote access. Verify their identities and contact the official support channels to confirm their legitimacy.

Rug Pulls in NFTs

We need to give an honorable mention to Rug Pulls. With the rise of NFTs in 2021-2022, rug pulls became one of the mainstream crypto scams.

Rug pulls are a form of scam where scammers trick investors into pouring their funds into an NFT project, only to disappear when the time is right, leaving investors with worthless NFTs and empty pockets.

You will generally see a lot of deceptive marketing tactics to create a buzz around their project, and lure unsuspecting investors into the trap. Once the NFTs are sold, the team will disappear.

Red Flags and Warning Signs

To protect yourself from rug pulls, it's essential to be on the lookout for warning signs that something fishy might be going on. Here are some red flags to keep in mind:

Anonymous Team: If the project's creators remain anonymous or hide their identities, it's a major red flag. Transparency and accountability are crucial in the crypto world, so be wary of projects where the team prefers to stay in the shadows.

Lack of Documentation: Legitimate projects typically provide detailed documentation, such as whitepapers or roadmaps, that outline their goals, technology, and roadmap. If a project lacks proper documentation or fails to provide a clear plan, it's a sign that something might be amiss.

Unrealistic Promises: If a project promises massive returns in a short period or guarantees little to no risk, it's time to put on your skeptic hat. Remember, no investment comes without risks, and anyone promising otherwise is likely trying to pull a fast one on you.

Unaudited Contracts: Reputable projects often undergo audits by trusted third-party firms to ensure the security and functionality of their smart contracts. If a project lacks proper audits or fails to provide verifiable information about its contract's security, it's a warning sign.

Tips for DYORing Against Crypto Scams

Conduct thorough research before investing

Before investing in any cryptocurrency project or participating in a transaction, it is crucial to conduct thorough research. This includes understanding the project's purpose, technology, team members, and community engagement. Scrutinize the whitepaper, website, and social media channels for legitimacy and viability. Look for credible reviews and seek opinions from experts in the crypto industry. Taking the time to gather information and evaluate the project's merits can help you make more informed investment decisions and avoid potential scams.

Verify the legitimacy of projects and individuals involved

Verify the legitimacy of projects and the individuals associated with them. Check for the project's legal status, registration, and compliance with relevant regulations. Research the backgrounds and reputations of team members, advisors, and partners involved in the project. Look for verifiable credentials, past experiences, and contributions to the crypto community. Be cautious if there are discrepancies or limited information available. Legitimate projects are transparent about their identities and qualifications.

Be cautious of unrealistic promises and high returns

Exercise caution when confronted with unrealistic promises or high returns within a short period. Cryptocurrency investments carry inherent risks, and sustainable growth typically takes time. Beware of projects or individuals guaranteeing extraordinary profits or those using aggressive marketing tactics to create a sense of urgency. Remember that legitimate investments involve calculated risks and responsible decision-making. If something sounds too good to be true, it likely is.

Keep software and devices up to date with security patches

Regularly update your software, operating systems, and crypto wallet applications with the latest security patches. Software updates often include essential bug fixes and security enhancements that can help protect against known vulnerabilities. Enable automatic updates whenever possible and ensure you download updates from official and trusted sources. By keeping your software and devices up to date, you reduce the risk of falling victim to known exploits or vulnerabilities that scammers may target.

Use hardware wallets for added security

Consider using hardware wallets for storing your cryptocurrencies. Hardware wallets are physical devices designed specifically for securely storing private keys offline. They provide an additional layer of security by keeping your keys isolated from internet-connected devices, reducing the risk of exposure to malware or phishing attacks. Hardware wallets require physical confirmation for transactions, adding an extra barrier against unauthorized access. Investing in a reputable hardware wallet is an excellent investment in the long-term security of your cryptocurrencies.

Closing Thoughts

To wrap it up, we've shared some essential tips for safeguarding yourself against crypto scams. Do your research, verify the legitimacy of projects and individuals, and be skeptical of unrealistic promises. Stay up to date with security patches and consider using hardware wallets for that extra layer of protection.

In case you do fall prey to a crypto scam, don't panic! Report the incident to the relevant authorities, seek legal assistance if needed, and take advantage of the resources available to victims of crypto scams. You're not alone in this fight, and together, we can make the crypto world a safer place.

Remember, the crypto market is filled with incredible opportunities, but it also attracts its fair share of scammers. By staying informed, using common sense, and following the tips we've discussed, you'll be better equipped to navigate the crypto jungle and keep your funds secure.

Article tags

Follow Dyor

Share the article

© 2024 Dyor Labs. All rights reserved.