Report: Cryptocurrency – Scams, schemes, and frauds

Hacks, ICOs, memecoins, multi level marketing schemes and pump and dump groups are a few of the ways that scammers have been duping crypto enthusiasts from their hard earned money. Our aim here is to look at some of the scams and frauds of past and present to provide the reader with a complete picture of the underbelly of the cryptocurrency market. This article is by no means meant to deter you from getting involved in cryptocurrency. Far from it. It is meant to make sure we know the animal we are dealing with and to ensure we are extra vigilant when we enter what we call the wild wild west of finance.

The most common cryptocurrency frauds are unsophisticated. The usually involve the straight forward theft of cryptocurrency by hacking into the exchange’s central wallet. There are two choices when buying cryptocurrency. You can either hold your coins in your own wallet or you can allow the exchange in which you buy your coins, to hold it. The later method of custody is where the majority of the frauds happen.

The early exchanges were started by amateur enthusiasts. Whilst the world of real money is stringently regulated and you’ll need to give copious amounts of ID, inside the cryptocurrency exchanges its the wild west or at least it was. Things have tightened up somewhat over the last few years.

Read our article Crypto Exchanges — The Good, The Bad and The Ugly for a deeper dive into the good and bad practices of exchanges.

Almost everyone who owns cryptocurrency holds their tokens on an exchange. Hackers supposedly disappearing with client money remain dismally regular occurrences. The majority of cryptocurrency exchanges have been hacked at some point. In 2020 there were 28 hacks and nearly $300m stolen.

Introducing the Inside Track podcast on iTunes — Views and opinions from movers and shakers in the cryptocurrency market. Learn from the best in the industry here

Hackers in action

Research (Chain Analysis) has revealed that 90 percent of cryptocurrency hacks are the responsibility of two Russian based hacking groups. These groups transfer the stolen funds up to 15,000 times before they cash out. Their average time from the hack to cashing out is 30 days. It is estimated that these groups have been responsible for over $1 billion in hack related thefts. Below are some of the most prominent hacks and cryptocurrency related frauds.

Bitomat

Once the third largest exchange. They kept the whole sites wallets file on Amazon Web Services (Cloud) — they didn’t keep a backup. Hackers stole 17,000 bitcoins.

Bit Pay

Claimed to be fully insured. It suffered a phishing attack, where the attacker stole 5,000 bitcoins. The insurer refused to pay out, pointing out that they’d taken out a policy that only covered computers and physical cash.

Cryptsy

Appeared to collapse from a hack in January 2016. The court appointed receiver detailed how the owner ran off with all the bitcoin and moved to China to set up a new exchange.

Bitstamp

The first licensed cryptocurrency exchange in Europe. Regulated by the Luxembourg Supervisory Authority. That wouldn’t have given me much comfort. [Author’s note: beware of crypto exchanges stating they are regulated. Regulated by authorities in Malta, Estonia or Bermuda really doesn’t cut it!] Hackers stole 18,000 bitcoins through a simple phishing attack.

Mt Gox

Perhaps one of the biggest hacks/frauds. Mt Gox was one of the largest exchanges of all time. 850,000 bitcoins were hacked from this site. $400 million in customer dollars and bitcoin went missing; one of the founders McCabb went on to develop cryptocurrencies Ripple and Stellar!

Bitfinex

Taiwan based Bitfinex is one of the more popular bitcoin exchanges. It was based on a new deposit exchange Bitcoinica, which was founded by a 16 year old and shut down after being hacked. On 2ndAugust 2016 nearly 120,000 bitcoins (Around $68 million) were stolen from Bitfinex customer’s accounts. Rather than close down they reduced all customer accounts by 30 percent including non bitcoin deposits. Bitfinex has the same owners as the stable coin Tether.

Bitconnect

One of the biggest cryptocurrency frauds happened in 2018. Bitconnect token soared in market value to over $2.8 billion in a year with thousands of investors buying in on the back of promises of lucrative returns for little risk supported by a global network of promoters. Bitconnect collapsed when the company closed its main operation after Texas regulators filed an emergency cease and desist order. Losses are estimated at over $1 billion.

Plus Token

The second largest cryptocurrency fraud as of writing. The founders stole over $3 billion in cryptocurrency. Plus Token had a significant following in Korea and China. Its high yield investment program promised 9 percent to 18 percent monthly returns on investment. 10 million investors were scammed in a classic Ponzi scheme. The ringleader is still at large and at the time of writing he had recently shuffled hundreds of millions of dollars of coins around.

OneCoin

This is the biggest crypto fraud to date. It is estimated that between $5bn to $15bn was duped from roughly 3.5 million unsuspecting investors from 2014. Amazingly people were still buying after the fraud had been exposed and many of the ring leaders arrested. The OneCoin scam isn’t your typical crypto scam.

It was marketed using the tried and tested method of multi level marketing (MLM). The founder assembled ‘educational packages’ which consisted of plagiarized literature on the benefits of investing in the crypto market plus a bunch of tokens which could be converted into OneCoin. These packages started at $100 with a premium package priced at $118,000. The founders recruited some of the best MLM professionals in the market and the investment quickly went viral. In one week alone they raised over $60m.

OneCoin wasn’t even a cryptocurrency. Not one exchange had listed the ‘coin’ and there was no blockchain, the mainstay of any cryptocurrency.

When word got out this was a scam the co-founder and face of OneCoin, Dr Ruja, a Bulgarian eccentric who dresses like she is going to the prom, did a runner and hasn’t been seen since. But that wasn’t the end of the story. Her brother took over and cleverly turned his attention to markets in less developed countries where word of the scam had not percolated through, the internet connection is not great in Uganda and the Ivory Coast… The money continued to role in.

In fact some of the early OneCoin recruits have launched a new coin — DagCoin operated on exactly the same principles as OneCoin. We recommend you listen to the BBC podcast The Missing Cryptoqueen. It will provide you with a glimpse of the inner workings of this scam.

Take advantage of our many free resources including online courses, cryptocurrency bootcamp, books, podcasts and reports. All for free.

The phenomenon of memecoins

One of the most popular words in the crypto moonshot hunters vocabulary is ‘memecoin’ closely followed by ‘rugpull’.

What are memecoins? They are mostly associated with Dogecoin, the first cryptocurrency that used a meme. A meme is an element of a culture or system of behavior that may be considered to be passed from one individual to another by non genetic means, especially imitation. A humorous image, video, piece of text, etc., that is copied (often with slight variations) and spread rapidly by internet users. (Source: Oxford Languages)

A memecoin could be defined as a joke that turns into a cryptocurrency. Dogecoin, the inspiration for many, has a market cap of $7 billion. You can even buy a Tesla using Dogecoin. Multiple memecoins are sprouting up every day, many of them scams. The playbook is simple. The founder/s of the newly minted cryptocurrency parks his or her holding with Uniswap, the leading decentralized exchange, and then coordinates a mass campaign of pumping the price of his new GuineaPigCoin. He usually succeeds in exiting a good proportion of his holdings and moves on to his next coin, GuineaFowlCoin. This is not the case with all memecoins of course, but it is an area you probably want to avoid if you are looking for a coin with fundamentals.

There are other memecoins, such as Hoge Finance and Safemoon, which have seen price increases of over 65,000% in 30 days, that claim to solve a real-life problem. However, memecoins are for the speculator who thinks they can ride the wave and exit before they hit the rocks.

Join our Telegram Channel here and alert others to scams, and share ideas

Initial Coin Offerings

ICOs or Initial Coin Offerings are not the breeding ground for fraud as they once were. That title probably goes to the pump groups. But when writing an article about cryptocurrency scams it would be impossible to omit the now humble ICO.

Most ICOs are the sale of cryptocurrencies or tokens with the purpose of circumventing the strict regulations that are applicable to raising money by way of IPO through the issue of securities.

Take the example of the now defunct Bitconnect. SEC investigations into the scheme found that it was primarily a Ponzi scheme and sent out cease and desist letters. This was a reasonably popular cryptocurrency, and its value had risen to just over $300. After the scandal broke the value plummeted to $32.

Another high profile example was that of the messaging app Telegram. Telegram raised over $1.7bn in an ICO for its token ‘Gram’. The SEC has deemed the ICO an issue of securities and ordered restitution of $1.22bn and a fine of $18 million.

Another casualty was a coin called Basis which raised $133 million but returned clients money after figuring out that their coin would have to be regulated by the SEC and marketed only to accredited investors. The investors were lucky in this case.

In the early days the vast majority of ICOs were either frauds or based on hair brained ideas with no chance of success. In many cases the promoters had no intention of developing the projects.

Here are a few areas to look out for to identify an ICO scam care of: ICO — The Ultimate Guide by Ikuya Takashima:

1. The ICO is shrouded in secrecy; they don’t want to know who owns it, you cannot trace the domain name. You cannot access the contracts (called Smart Contracts) to see how they were set up.

2. A hard sell or company desperate to push you to invest — I think we can all recognize this by now.

3. Not verifiable on LinkedIn.

4. Is the company registered anywhere? If so, the country it is registered in could give you an indication of how good the investment is. For example the laws of Singapore regarding ICOs are more flexible than the US.

5. Anonymous domain registration: try running a search on a site such as www.whois.net to see if you can find out who the owners of the site are. If the owner is private you have to wonder why.

6. Where do the funds go? Legitimate companies will have put the money into an escrow account that is administered by an independent third party.

7. There is no white paper.

The reality is the ICO was invented to raise money outside of normal regulation which is bound to attract unsavory characters. Whilst it may have been invented for legitimate purposes it took on a new life of fraud.

The finest ICO fraud remains Ponzico. The founder’s pitch was: ‘In today’s age, it seems better to promote the plausibility of future profit rather than waste energy on actually delivering!’

Join our Telegram channel and participate in the lively discussion including sharing ideas, opinions and warnings. Join here

Pump and dump schemes

The Wolf of Wall Street made the phrase ‘pump and dump’ famous, but in fact that phrase had been a mainstay of the dark side of stock trading for years even before Jordan Belfort was pumping shares in Madden Shoes. But the pump and dump scheme has taken on a new lease of life in the world of cryptocurrency. By combining cryptocurrency with social media we are witnessing blatant schemes that are conducted in the open with thousands of participants across hundreds of groups.

The security genius MacAfee was one such alleged pumper. Currently innocent until proven guilty, he was arrested in Spain under a US warrant charged with conspiracy to commit fraud and money laundering. His case relates to the promotion of various ICOs and cryptos through his Twitter feed without declaring his interest. This is significant because there are many pump groups doing the exact same thing but in a more organized way.

These pump groups operate on social media platforms like Reddit, Discord and Telegram encouraging investors to register for the next hot cryptocurrency they intend to pump. Many pump groups talk about the possibility of 500–1,000% returns like it was all in a typical day’s work. Of course there are numerous complaints of investors losing thousands of dollars while the organizers off load their cryptocurrency for a fortune.

Groups operating on Discord include:

WallStreetBets Crypto Pumps

QuickPump Crypto Bot

What many have forgotten is that these ‘pump’ schemes are in fact pump and dump scams with the dumping orchestrated by a few key players who make a killing whilst the average person involved loses out. Below is a scam alert which we ran recently.

Pump and Dump scams are rampant. Beware of @Telegraph groups ‘Wall Street Bets — Pumps’ and ‘We Pump Today’

This morning one investor lost $19k in 3 minutes to these scammers.

The future of the cryptocurrency scam

The popularity of the ICO has declined substantially from its peak in 2017/2018, but it is by no means dead. There has been a move away from ICOs to something called IEOs (Initial Exchange Offerings). These are similar to ICOs except they are offered through an exchange. Effectively the exchange (Binance is the biggest player in this field) is providing a rubber stamp to these offerings and opening up the projects to their own clients. The advantage to the investor is he or she has the comfort that the exchange has vetted the project and is unlikely to rubber stamp a fraudulent one. This however does not change the fact that many of these offerings are still unregulated securities.

Telegram is the most high profile case where the SEC demanded the return of 72 percent of investors money. Investors took the hit for Telegram’s incompetence.

The sensible money is being invested into Blockchain startups in the form of equity or quasi equity by the likes of the Silicon Valley venture capitalists. VCs wouldn’t dream of investing in a crappy ICO (although a few invested in Telegram!). Saying all this, there are exceptions to every situation and the quality of the ICO has definitely improved 10 fold. But you must still be aware of the risks and the history when exploring this market for opportunities.

Read our article here about the ICO. The ICO is dead, long live the ICO

It is also worth mentioning the StableCoin. Tether is the leader in this field. A stable coin as the name suggests is a digital coin whose value is pegged against the USD (or a basket of currencies). As the coin’s value varies additional coins are either issued or withdrawn to ensure that the rate between the stable coin and the USD is maintained. Stable coins are in response to the extreme volatility of bitcoin and other alternative coins.

This concept has undeniable merit, however Tether is a prime example of a disaster waiting to happen. It is backed by the USD and in its white paper discusses the transparency of its reporting and the reserves it maintains in its Taiwanese (now Caribbean) bank account which match the value of the Tether issued. Court papers revealed that only 74 percent of the Tether currency is backed by US dollars.

As recently as March 2021 Tether disclosed a review of its reserves by a firm of accountants which showed on the face of it that Tether’s gross liabilities were more than covered by its assets. But this failed to answer the billion dollar question. How much of these assets are in the form of cash equivalents and ‘other assets’ and are these recoverable? Until these questions are answered there will always be a question mark over Tether. However it will all come out in the wash at some point especially if the New York Attorney takes issue with this report which still leaves many unanswered crucial questions.

Price manipulation in the crypto market is another big problem. Even bitcoin is subject to price manipulation. According to a study in 2019 (John M Griffin — University of Texas) half of the increase of the price of bitcoin between 2017 and 2018, when the price reached nearly $20,000, was the subject of manipulation — by one account holder! This kind of thing stacks the odds against the private investor. Even Coinbase was fined recently for price manipulation.

One crucial factor to remember is that many of cryptocurrency exchanges are based in tin pot jurisdictions. If an exchange has to close because the US Justice department is in hot pursuit, rest assured if your coins are being held in a ‘segregated’ wallet you will never see your money again.

Also keep an eye out for mining frauds. This is where the scammer offers a share of the rewards from mining cryptocurrency or borrowing your currency in exchange for a fee/interest. Both of these situations usually end in disappointment.

Finally it is worth mentioning the area of decentralized finance. Whilst Bitcoin has gone mainstream the world of DeFi is largely unregulated. Many projects are copies of other popular platforms which in the main haven’t had their code audited. Auditing a project’s code does not guarantee that the platform is hack proof but it does provide some level of comfort. There have been many instances of DeFi projects being formed overnight, accumulating vast sums of money and then having their money stolen when the ‘smart contracts’ are hacked. If you are attracted to DeFi projects because of their passive income benefits, select the leaders and avoid the newer projects where the founders are anonymous and the code hasn’t been audited.

Not Financial Advice

This article does not constitute financial advice or a recommendation to buy in any way. Always do your own research and never invest more than you can afford to lose. Investing in cryptocurrencies is high risk, and you could lose 100% of your investment. The article should be treated as supplementary information to add to your existing knowledge.