In 2020, 98% of lost funds were stolen through fraud and fraud. We tell the main tricks of criminals and how to avoid serious financial losses.
This year may be the second in history in terms of the number of crimes in the field of cryptocurrencies. According to Cipher Trace, from January to May 2020, over $ 1.36 billion in digital money was lost as a result of theft, hacking and fraud. Most of the lost funds, 98% of the total amount, was lost due to fraud and misappropriation.
In connection with the COVID-19 pandemic, a lot of phishing sites on this topic have appeared on the network that trick users into cryptocurrency or steal their personal data. The largest fraudulent scheme in 2020 was the Ponzi Wotoken scheme in China. Its participants were promised income through the use of non-existent trading software. Over 715,000 people were affected, they lost more than $ 1 billion.
Every year, users are more attentive to the protection of their funds, and exchanges strengthen security systems. Therefore, the amount of stolen funds as a result of hacker attacks becomes smaller. Now criminals are mainly putting pressure on human psychology, promising high profits with minimal time, effort and investment.
Cryptocurrency distributions from celebrities
https://s0.rbk.ru/v6_top_pics/resized/945xH/media/img/7/06/755942228155067.png” width=”404″ height=”202″ />In early July, a website appeared on the network that looked like a Medium portal, on which the official page of Elon Musk reports on the free distribution of cryptocurrency. Users were informed that Tesla gives Bitcoin and Ethereum to all fans of the company.
The site has fake comments from the lucky ones who were able to get rich in this way. The fraud is that users are offered to send from 0.1 to 20 BTC or from 1 to 100 ETH to a specific address in order to get back twice as much. Of course, criminals do not send anything back.
Such a scheme has long been common in the crypto industry, and Elon Musk is one of the most favorite figures for criminals. However, fraudsters can use the name and image of any character known in the blockchain community. For example, in March of this year, the YouTube channel was launched on behalf of the head of Ripple Brad Garlinghouse. A real interview was published there, and in the description of the video, users were asked to send from 2 to 500 thousand XRP to a specific address in order to receive from 20 thousand to 5 million coins in return.
How to protect yourself:
It’s easy to save your coins: in fact, in this way no one gives out cryptocurrency for free, even the richest and most famous. In order to strengthen this idea in the heads of crypto enthusiasts, the creator of Ethereum Vitalik Buterin even added the phrase “Not giving away ETH” to his Twitter nickname, which means “I do not distribute the ether”.
The scheme has been operating for several years and always looks the same: a celebrity in honor of an event gives all cryptocurrencies. Users only need to send part of their coins to a specific address.
Financial pyramids
https://s0.rbk.ru/v6_top_pics/resized/945xH/media/img/5/57/755942227946575.png” width=”398″ height=”199″ />For the second year in a row, the bulk of the money that users lose is accounted for by financial pyramids. This year, as we said earlier, the leader is Wotoken, which attracted over $ 1 billion from more than 715 thousand investors.
In the general list of schemes, Ponzi continues to lead OneCoin. According to various estimates, fraudsters raised from $ 4 billion to $ 15 billion in cryptocurrency.
On July 8, 2020, a U.S. court was to sentenced one of the founders of the pyramid Konstantin Ignatov. However, the prosecutor asked to postpone the hearing for four months, as the defendant assists the prosecution, and this cooperation has not yet been completed. Ignatov faces up to 90 years in prison.
How to protect yourself:
All financial pyramids have certain properties by which fraud can be recognized. For example, if the user is offered to earn on attracting other investors. Also, almost always, the organizers of such schemes promise participants high profits if they contribute funds or invite new participants. The latter are given a similar task.
All the profit that early investors receive is formed from the investments of the later ones. As a rule, the organizers take most of the funds for themselves, the rest of the participants are left with nothing.
Phishing sites
https://s0.rbk.ru/v6_top_pics/resized/945xH/media/img/0/89/755942232112890.png” width=”392″ height=”196″ />Phishing sites are used by criminals to steal user confidential data. For example, it can be a fake exchange start page, which is almost impossible to distinguish from the real one. After a user tries to log into his account and enters a username and password, the data will be in the hands of attackers. Sometimes criminals use different characters, similar to the letters of the Latin alphabet, so that even after reading the address of the site, it was difficult for the user to notice the substitution.
In June 2020, a copy of the Privnote website was discovered on the network. It does not encrypt messages that change in such a way as to replace bitcoin addresses. To do this, use a special script that changes the wallet of the sender of the message to the address of the criminals.
After reading the message, it is deleted, so the victim cannot check which bitcoin address was indicated in it. The only difference between the phishing page, which for a long time hung in the top of Google search results as advertising, is “s” at the end of the name, that is, Privnotes, not Privnote.
How to protect yourself:
It is always necessary to carefully check the address bar. Perhaps drive the desired address with your hands. Even a slight difference in spelling suggests that the site is fake. It is also necessary to check the functionality of the page – often only a window for entering a login and password works on phishing sites. Or, for example, by clicking on one of the tabs, you may find yourself on a page that is not like the original resource.
SIM swapping
https://s0.rbk.ru/v6_top_pics/resized/945xH/media/img/5/70/755942233168705.png” width=”394″ height=”197″ />In February 2020, an unknown person replaced the Muscovite’s SIM card and stole more than 700 rubles from him. in bitcoin. According to law enforcement agencies, then the attacker transferred and sold cryptocurrency using the trading Telegram bot.
At the end of last year, in the same way, 19-year-old Yousef Selassie was able to steal digital money worth more than $ 1 million, as well as data from 75 people. To do this, the teenager cloned the phone numbers of the victims in order to gain access to their mail accounts and accounts on the trading floors.
The scheme works as follows. First, the criminals find out the phone number and personal data of the user through open sources or operator’s employees, then they block the SIM card (for this, just contact the support service and report the loss of the SIM card). Then, the attackers seek to transfer the number to their SIM card and gain access to the account.
How to protect yourself:
To protect against SIM swapping, you need to issue a separate SIM card for registering accounts on exchanges and wallets. Such a phone should not be used in everyday life. It does not need to be published anywhere and not reported to anyone. You can also set an additional password for the SIM card. In this case, to block the number you will need not only a full name.
Also, for two-factor authentication, you can use special programs, rather than a phone number. Now this feature is available on most crypto exchanges.
