Crypto Scams to Look Out For and How to Avoid Them

Tell you something I see far too much of? Tweets from people saying they got bit by a crypto scam. Losing all their savings purely because they clicked a dodgy link, fell for a fake celeb scam, or were rug pulled. It happens far too often.

So, here at Hedgeblog, we've decided enough is enough! We have collected a comprehensive list of the most, uh, ‘popular’ (for lack of a better word) scams and how to avoid them.

Let’s dive in.

Top 5 Crypto Scams

The Comments Section

I recently promoted a piece I wrote for Hedgeblog on Instagram. Since I threw a couple of crypto-related hashtags on there for good measure, I was swarmed with comments.

The wrong kind, obviously.

With just four hashtags, I had 12 comments — including one account who wanted me to send my pictures to them (???)… I mean, at least like the picture before you ask, you know?

Some comments were mildly malicious — promoting a page that shills random projects and sprinkles in the odd paid ad that promises unsustainable gains. Others are far more hostile with giveaways designed to drain my wallets if I even click their link out of curiosity.

How do you avoid these? Simply don't click them.

Oh god, I'm starting to sound like an unsupportive father to their depressed son. "Just be happy lol".  But in this case, it's true.

Painfully obvious signs to avoid are: Weird language, fonts, shilling one project on another’s page, and emojis.  

You’ve to apply critical thinking while trying to sniff out these scams. Such as, "how can this account be giving away $600,000 of ETH when they only have 100 followers?" Speaking of which, the next scam on our list is…

Fake Social Media Accounts

Oh, hey look, Vitalik just requested to follow me on Instagram. Sweet! I really must be doing something right.

…Wait, what do you mean he's fake? He has one million followers and photos dating back to 2015. No scammer would do such a thing… would they?

Well, yes, they would. The Vitalik Instagram scam is one of the most sophisticated scams on this list as it's been running for so long. The scam artist's dedication to this is almost impressive.

For the record, Vitalik has no legit Instagram account. Do not fall for any account reaching out to you — it isn't him.

One of the most common scams these accounts run involves posting a fake giveaway photo from Buterin followed by a link to a site that I dare not click.

It is a classic duplication glitch scam — anyone who played Runescape back in the day would be familiar with this one. "Send me some ETH and I'll send double back". In reality, it's "send me some ETH and I'll enjoy your money".

The account makes up “references”. Through the highlight tab on their page, you can see 'happy customers' thanking him for the service.

One of his testimonials read, "I sent you all my savings. I don't know how to thank you. You changed my life."

I understand people, especially crypto newbies, might read this as an inspiring and life-changing tale and be tempted to send their money to the advertised address. I mean — it falls in line with Shiba Inu making millionaires, right? However, this is a blatant and obvious scam.

The closer to mass adoption, the more of an issue this is. I always think – how would my grandparents deal with this situation? The sad part is I can see them falling for it.

We could blame Instagram. How has this account existed since 2015 and gained a million followers? It has even given itself a fake verification badge!

Unfortunately, this is only one of many fake celeb scams on Instagram and other platforms (it's even happening to smaller content creators like our friend Taylor Mitchell).

Another scam I've recently become aware of are Twitter lists. You'll get a notification saying you've been added to a list by Elon Musk (!!!). Once you click through, you see Elon advertising a crypto airdrop. All you have to do is go to this dodgy site to participate!

Again, just don't do it. Elon doesn't want to give you money.

As a general rule of thumb, just remember that no famous person will randomly reach out to you and ask you for your money, private details, or anything of the sort. If it feels too good to be true, well, it probably is. Buterin has more important things to do.

Fake Livestreams

Just like the last scam, fake livestreams involve impersonation. But, this time, it’s a little more believable than the last.

We've often seen this scam with the Cardano founder, Charles Hoskinson, as the main star. The scammer uploads the livestream of Charles’ previous video. Therefore, the stream looks extremely real.

The difference is they'll slap a banner on the stream telling viewers to send their tokens to an address to earn unprecedented staking rewards or free money. Of course, since it comes from “Charles” himself, users tend to believe it.

For instance, this post on the Cardano forum reads: "Yesterday my emotions (and greed of course) caused me losing 2600 ADA. This was started by watching live stream (apparently) by Charles Hoskinson [which directed me to a] exact replica of the Cardano site [that was] all fake."

These scams got so bad that Charles Hoskinson has to go live (on his official YouTube account) just to set the record straight.

Normally, Hoskinson wears a calm and calculated face. This time, not so much; he was far more animated and angry about the situation than I've seen him before.

"We will never give away ADA." He said, "these are criminals, these are people trying to steal from you. Use common fucking sense, you don't get something for free. You never get something for nothing."

This echoes the advice we've given so far. Not falling for many of these scams simply requires some common sense and critical thinking. So, whenever you see something dodgy, think of Charles waving his arms and shouting, "use some common fucking sense".

Hacks

Not all hacking is bad (yeah, ethical hackers do exist), but in crypto, there are far too many hacks with malicious intent.

We've seen some of the biggest crypto exchanges lose millions. In January 2022, $35 million was stolen from Crypto.com — one of the most popular crypto exchanges.

Despite the huge loss of funds, the company shielded its customers from the hack. Most withdrawals were blocked, and customer wallets that slipped through the cracks were fully reimbursed.

However, there could come a day when the victims are not so lucky. If a smaller exchange is hacked, or the amount was too large for an exchange to cover, customers might face the brunt of it.

A good way to avoid this sort of unwarranted attack is to take your money off centralized exchanges and onto decentralized wallets. Add another layer of security by opting for a cold wallet — such as a Ledger Nano S.

Decentralized wallets prevent hackers from just needing to hack a centralized company (such as Crypto.com) to get your funds. Instead, they'll need your personal seed phrase, which requires sophisticated hacking skills.

Cold wallets make the process of hacking even harder. They will securely store your private keys offline. That means your keys are immune to viruses and online attacks on your computer. Even when using the wallet, your private keys never come in contact with your computer. If you get hacked on a cold wallet, you probably signed for something you shouldn’t have.

Also, don’t store the private keys digitally as that would be counter-effective. Instead, keep it written down in a secure and hidden place in your house. Just make sure that you don’t forget where it is.

Rug Pulls

Ah, the godforsaken rug pull. It almost became a trend in 2021 and has stayed hip in 2022. It feels like we're only a few months away from it being a TikTok trend.

If you’ve wandered into the degenerate side of crypto, this type of scam is rampant. A project is created with promises of amazing returns, a thriving community, and an even better ecosystem. Just for its developers to vanish and have the token go to zero before you can load the Lamborghini website.

Let’s see how you can avoid getting ripped off.

First, check if the project has a whitepaper. This is the most basic requirement a project should have. If they don't have this, you either are extremely early to the project, or it’s a rug pull. Usually the latter. The project needs a whitepaper before launch though. No project has any business raising millions of funds if they don’t have a whitepaper.

Once you have checked that, it is worth seeing if the identities of the creators are known. If the founders are nowhere to be seen, this is a red flag. This is because they are in the position to disappear with your money, with no repercussions. Who will the police even catch?

Therefore, people like the creators to be fully doxxed. However, a doxxed team doesn’t guarantee success. Do some research on them. Get to know who you are trusting your money with. What are their past projects? What is their public image? Ask the hard questions just like you’d do if this wasn’t crypto.

Next, feel out the community and social media. Sometimes you'll find people calling it a scam or backing up its legitimacy. Always take this with a pinch of salt, however, as the people commenting may have a stake in the success (or failure) of the project.

Checking the source code for ruggable functions is a good practice. Some sites like Bogged.Finance will do it for you with their analytics section. Audits from reputable brands like Solidity Finance or Certik also shields you from rug pulls.

TL;DR on crypto scams

So, here are the main takeaways from today's class on crypto scams:

First, before investing into a project, give it the good ol’ "if it's too good to be true… it probably is" check. Unfortunately, no one is going to double your money or give you free money. That's not how the world works.

Lesson two: celebrities and powerful people will never contact you first. Sadly, they probably don't have a clue who you are. Yes, even if you have a thousand followers on Twitter.

Third: To protect yourself from potential hacks, store your crypto in a cold wallet like a Ledger Nano.

Lastly, when investing in smaller projects, be sure to do your own research. Read their whitepaper (if they have one), find out about the project's creators and give it a quick google.

And most importantly, take the advice of Charles Hoskinson and "use common fucking sense".

Stay safe. We’re rooting for you.


Check out writer Ryan S. Gladwin's website, follow him on Twitter, and of course, subscribe to the weekly Hedgehog newsletter!