In light of the increasing number of cryptocurrency scams permeating social media platforms, blockchain security company CertiK has delineated a comprehensive examination of this menacing trend. On October 26, 2023, CertiK took to Twitter to elucidate how the meld of social media's extensive reach and cryptocurrency's decentralized, and often murky, nature concocts a fertile ground for scam artists.
CertiK initiated its discourse by referencing a report from the Federal Trade Commission (FTC). The report stressed that cryptocurrency scams led to a staggering loss of over $1 billion in the 18 months leading up to June 2022. Interestingly, nearly 50% of these losses stemmed from engagements on social media platforms, whether via an advertisement, post, or direct message.
A Kaspersky report also revealed a 40% increase in cryptocurrency phishing attack scams in 2022, with 5,040,520 attacks compared to 3,596,437 in 2021. These attacks involve duping investors through fake websites and communication channels, allowing attackers to access crypto assets. Despite uncertainty about the future of phishing attacks, one in seven Kaspersky survey respondents admitted to being victimized. The attacks usually involve giveaway scams or phony wallet phishing pages, but attackers continue to refine their strategies. Recent incidents like Trezor warning against deception and Arbitrum investors falling victim to phishing links highlight the need for enhanced vigilance, authentication, and hardware wallets for crypto asset storage.
The discourse proceeded to the ominous "pump and dump" schemes. These operations are characterized by artificial inflation of an asset's value to reap profits. Small-cap cryptocurrencies, often hyped by celebrity influencers, are particularly susceptible to such manipulative practices. The Securities and Exchange Commission (SEC) hasn’t turned a blind eye and has taken steps against influencers who promote risky, unvetted tokens, underscoring the significant risks these schemes pose to unsuspecting investors.
Further in the discussion, CertiK highlighted the misuse of verification badges on social media platforms such as Twitter, Facebook, and Instagram. These blue checkmarks, emblematic of a verified account, are exploited by scammers who either acquire verified accounts deceitfully or fabricate the verification badge, misleading the platform users.
The dialogue also touched on counterfeit applications posing as legitimate crypto apps. These sham apps act as Trojan horses, either installing malware or draining funds from users’ accounts. Alarmingly, these apps have managed to infiltrate official app stores like Apple App Store and Google Play, further exacerbating the threat landscape.
Dubbed ‘pig butchering’, romance scams are yet another method that begins on social media and culminates in a loss of crypto assets. Here, scammers feign as traders pledging to amplify victims' savings through trading, only to vanish with their money once trust is established.
In the culmination of the thread, CertiK suggested several measures to bolster security against these scams. Utilizing a hardware wallet, employing multi-signature wallets with timelock, and opting for smart contract security audits were among the recommendations. For a more thorough understanding, CertiK directed readers to their blog, which delves deeper into safeguarding oneself against crypto social media scams.
Image source: Shutterstock