There are few industries that are as closely associated with scams as the crypto industry is, and unless that changes it’s debatable if its ideas around digital money and decentralized finance will achieve mass adoption. Fortunately, there are people in the industry who recognize this fact and are dedicated to making life much more difficult for the legions of hackers and scammers looking to manipulate and exploit people’s emotions.
It’s a fact that the vast majority of crypto scams are done via manipulation. The average crypto hacker doesn’t have the first clue how to break the encryption of established cryptocurrencies like Bitcoin and Ethereum. In fact, doing so is believed to be impossible. So instead, scammers aim to trick unsuspecting users into giving up their usernames, passwords, seed phrases and two-factor authentication codes.
How Scammers Scam
Scammers employ a method known as “phishing”, which involves the use of social engineering attacks to manipulate people’s emotions and create a sense of trust and urgency. Phishing is believed to be the main tactic behind most crypto wallet thefts.
Phishing attacks take many different shapes and forms, including fake emails and messages from individuals purporting to be customer support representatives of known crypto brands.
Some scammers even go as far as to build an entirely fake crypto application to steal user’s funds, using the trust and authority of real-life brands to create a false sense of security. In one case highlighted by the FBI, hackers posed as the now-defunct YiBit crypto exchange, convincing investors to download a bogus application and send funds to their “account” within the app. Unbeknown to the investors, the real YiBit crypto exchange actually shut down its operations in 2018, and the scammers reportedly made off with more than $5.5 million worth of crypto that was sent by unsuspecting users to the fake app.
Another common scam is the fake website using a trick known as “domain name spoofing”, wherein a familiar-looking URL is used. For example, the hacker might use “Bimance.com” instead of “Binance.com”. Earlier this year, CoinTelegraph reported that someone had set up a fake website for the popular Ethereum Denver conference earlier this year, using it to steal more than $300,000 worth of Ether from site visitors.
In that case, the hackers simply duplicated the original site almost in its entirety, and invited users into linking their MetaMask wallets to pay for their tickets. All told, more than 2,800 users fell victim to that scam, losing a combined total of 177 ETH over a period of around six months. The scammers even went as far as to pay for a Google ad to promote the fake website, ensuring that it ranked above the legitimate site when people searched for the conference.
The Startup Fighting Back
The above example of the fake Ethereum Denver website went unnoticed for several months, but it was ultimately spotted by crypto security startup Blockfence, which immediately red-flagged its smart contract as “high-risk” the moment it came to its attention.
Blockfence has emerged as an unheralded savior for thousands of cryptocurrency users over the last year since the launch of its popular browser extension, which provides real-time protection against phishing attacks and similar types of scams. The unobtrusive extension integrates seamlessly into any Chrome-based web browser and runs quietly in the background, only popping up in instances when it identifies a possible threat, such as a malicious website, fake email or suspect smart contract.
To identify potential threats, Blockfence combines AI technology with a community-informed knowledge base that’s constantly being updated. If the user is about to click on a suspect link, or send funds to a wallet known to be used by scammers, they’ll be alerted prior to taking that action, in this way preventing scams before they happen.
One of Blockfence’s most admirable goals is that it doesn’t just warn users about known scams, but also tries to foresee new ones too. To do this, it relies on advanced machine learning algorithms capable of predicting fraudulent behavior and schemes, even if they’re entirely new. Its knowledge is further boosted through its partnerships with the industry’s leading security specialists, and although it concedes it will never be able to offer 100% protection against scams, it is committed to pursuing a 99% success rate.
The Crypto Sleuth
Blockfence’s war against crypto scammers is aided by a number of individuals who’re equally dedicated to shutting them down. One of the best known crypto sleuths goes by the name of “ZachXBT”, who has amassed a small legion of followers on Twitter through his crypto crime-fighting exploits. ZachXBT describes himself as a “rug pull survivor turned 2D detective, and since May 2021 he has dedicated much of his life to exposing NFT scammers.
To identify fake NFT projects, ZachXBT relies on his expertise to carry out detailed on-chain research, such as tracking crypto transactions and wallets associated with known hacks, phishing attacks and scams. His intention is to shed light on any new scams as they emerge, before too many people fall victim to them. Whenever he comes across a new scam, he shares his findings on Twitter, where his dedicated army of more than 400,000 followers will ensure the threat is widely publicized.
ZachXBT’s work has famously helped in a number of criminal investigations. Last October for instance, French police announced they had arrested five individuals suspected of stealing Bored Ape Yacht Club NFTs worth around $2.5 million, and cited information provided by ZachXBT as being instrumental to the success of their investigation.
A Long Road Ahead
Crypto crime fighters like Blockfence and ZachXBT share a common goal. The aim is to expose the scammers and hackers and make crypto a much safer and healthier space, where investors can legitimately pursue opportunities without worrying about becoming the next victim.
No one is under the illusion that crypto will ever be completely free of crime. But by fighting back and exposing new scams before users are tricked into investing in them, it’s hoped that the payback for scammers will diminish over time, making it less enticing and less common than it is now.
