Skip to site content Skip to main menu

Cryptocurrency scams

What is Cryptocurrency?

Cryptocurrencies are digital currencies that are known for their market volatility so the value of investor’s assets go up and down quickly. Criminals can take advantage of the unregulated nature of cryptocurrencies to scam consumers. Cryptocurrency can be traded or exchanged online to buy from people or companies who accept this form of payment.

Cryptocurrency investments are often made via currency exchange platforms. These are websites where you can buy, sell or exchange cryptocurrencies for other digital currency or traditional currency like GBP or US dollars.

Criminals benefit from the volatility of the cryptocurrency markets, pressuring people to make decisions without due diligence or consideration.

People who have been scammed often don’t realise for some time. They may make multiple or regular payments to the criminal and only realise when they try to withdraw their money from the investment scheme.

If something goes wrong with a cryptocurrency investment you are unlikely to get your money back because they are mostly not covered by the UK’s Financial Services Compensation Scheme.How do people use cryptocurrency?

People use cryptocurrency for many reasons – for quick payments, to avoid transaction fees that traditional banks charge or because it offers some anonymity. Others hold cryptocurrency as an investment, hoping the value goes up.

How do you get cryptocurrency?

You can buy cryptocurrency through an exchange, an app, a website, or a cryptocurrency ATM. Some people earn cryptocurrency through a complex process called ‘mining’ which requires advanced computer equipment to solve highly complicated mathematical calculations.

The National Cyber Security Centre (NCSC) published figures which showed that as of March 2022, 11 million crypto currency phishing scams were reported which resulted in 78,000 scams being removed.

Who is behind this crime?

This type of crime can be carried out by lone individuals or organised crime groups, often based overseas. For perpetrators it's a low risk way to make money and they can reach a wide range of individuals easily online. The perpetrator is gambling that enough people will respond so that their scam is profitable.

Examples of Cryptocurrency Frauds

Investment or business opportunity frauds

Investment or business opportunity frauds often begin with an unsolicited offer, typically to become a cryptocurrency investor, that lures you to a fraudulent website to learn more about the apparent opportunity. Once on the site, you’re encouraged to invest and make money quickly. The website might even have celebrity endorsements or testimonials that are fake.

Once you complete your transaction the offer never comes to fruition and you don’t see your money again.

Imposter or impersonation scams

An imposter or impersonation scam is when a cybercriminal poses as a trusted source to convince victims to complete a cryptocurrency transaction. This might be under the guise of government authorities, credit card providers, banks, a service provider or even a fake celebrity and they will often reach out via email and request you complete payment via cryptocurrency.

Remember, the government does not regulate cryptocurrency and it’s also not yet widely accepted by businesses so you should exercise caution whenever you receive email requests for crypto payments.

Blackmail or extortion scams

Blackmail or extortion is when you receive a message that someone has compromising information about you – be it photos, videos, confidential data etc. – and they request you pay them money or else they’ll release it.

Social media cryptocurrency scams

Often, this is via a false social media post or advertisement requesting payment in cryptocurrency. You might even see other users responding to the post or leaving reviews.

In reality, these could be artificially generated trying to lure you into a social media scam. The post or message might be from a friend whose account got hacked. Alternatively, social media influencers might tout new and potentially fake crypto and encourage users to sign up or send them payments that might multiply.

Giveaway cryptocurrency scams

Giveaway scams are when cybercriminals lure victims into sending them money while promising they’ll multiply the payment.

For example, this could occur if a fake celebrity social media account posts that if followers send them a certain amount of cryptocurrency, they will send back twice the amount. In reality, followers will send money directly to scammers, never to see their investment again.

Romance cryptocurrency scams

Cybercriminals play the part of an online love interest and gain a victims trust before asking them to send money. Once the victim does, the cybercriminal takes the money.

Romance cryptocurrency scams follow the same approach, but the funds are requested in cryptocurrency and are much more difficult to reverse.

Fraudulent initial coin offerings (ICO)

Scammers have found ways to make money by creating fake cryptocurrencies or hyping an existing currency by offering buyers a chance to get in on the ground floor of an ICO. Once they have enough investors, they will disappear with all of the ‘invested’ funds, leaving investors with nothing.

Recovery scam

It is not uncommon that criminals, at a later date, contact the victim again, pretending to be from a cryptocurrency recovery company, having knowledge of the scam and offering to recover the victims funds for a fee. Once the fee is paid the scammers either cease communication or provide fake updates and reports. Ultimately no recovery takes place and the victim loses more money.

Chargeback scam

Chargeback firms hook victims onto costly retainers after giving false hopes that they can recover lost crypto despite known the chances are slim to none.

There are a few legitimate crypto recovery companies, but most are scams designed to prey on people already under distress.

Legitimate services only charge you after successfully recovering your assets. They will never promise to recover your lost or stolen crypto currency because unfortunately it’s nearly impossible.

Scammers on the other hand, may make such promises and ask for an upfront fee because they know they cannot deliver. Therefore, it’s crucial to be cautious and do your research before trusting any recovery service with your assets.

Also be aware of imposters as legitimate cryptocurrency recovery providers attract scammers who impersonate them with fake websites, emails, and social media posts.

Always research the recovery provider carefully before employing them. Look for reviews, testimonials and comments from other people who may have used them.  Be sure to use reputable review sites and crypto-focused communities and check multiple platforms.

Be mindful that scammers have been known to setup their own fake review platforms to make it appear as if their service is reputable.

Legitimate companies will be registered, have a permanent address and comply with the applicable laws in their country.

How to spot a Cryptocurrency Fraud?

Here are the main cryptocurrency warning signs to look out for:

  • You see adverts on social media, sometimes celebrity endorsed, offering unrealistic returns on investments
  • You’re contacted by phone, email or social media about an opportunity using aggressive techniques and incentives to buy before certain deadlines
  • You’re told you’re buying in at the perfect time. You may be offered a high return on your investment with apparently little or no risk
  • You’re pressurised into making a decision with no time for consideration
  • You’re told the investment opportunity is exclusive to you.

How to secure your cryptocurrency wallet

Be careful with online services – Exercise caution when considering online services for storing your funds. Exchanges and online wallets have suffered from security breaches in the past and such services generally still do not provide enough insurance and security to be used to store money like a bank, therefore, it may be prudent to explore alternative cryptocurrency wallet options. Should you opt for such services, select them with meticulous care. Furthermore, employing two-factor authentication is strongly advised.

Small amounts for everyday uses – A cryptocurrency wallet is like a wallet with cash. Just as you wouldn’t carry a large sum in your pocket, it’s wise to apply the same principal to your cryptocurrency wallet.

Backup your wallet – Stored in a safe place, a backup of your wallet can protect you against computer failures, human errors, and theft of your mobile or computer.To safeguard your wallet:

  • Backup Completely: Some wallets contain hidden private keys. Ensure your backup includes all private keys to recover your full funds.
  • Encrypt Online Backups: Online backups are susceptible to theft. Protect your data with encryption, especially when exposed to the network.
  • Diverse Storage: Avoid single points of failure by storing backups in multiple secure locations, such as USB keys, paper and CD’s.
  • Regular Backups: To include recent cryptocurrency addresses and changes, perform regular backups. In the future, many applications will transition to one-time backups for added convenience and security.

Encrypt your wallet – Encyrpting your wallet or your smartphone allows you to set a password for anyone trying to withdraw any funds. This helps protect against thieves, though it cannot protect against keylogging hardware or software:

  • Remember your password: Losing your password means losing your funds. Cryptocurrency offers limited recovery options, so store it securely. A paper copy in a secure location away from your device is a wise precaution.
  • Strong password: Avoid using predictable passwords (such as dates, family and pet names). Avoid the most common passwords that criminals can easily guess (like 'passw0rd'). To create a memorable password that's also hard for someone else to guess, you can combine three random words to create a single password (for example cupfishbiro)

Offline wallet for savings – An offline wallet, also known as cold storage, provides the highest level of security for savings. It involves storing a wallet in a secured place that is not connected to the network. When done properly, it can offer very good protection against computer vulnerabilities. Using an offline wallet in conjunction with backups and encryption is also a good practice. Here is an overview of some approaches:

  • Hardware Wallets: Have a balance between high security and ease of use with hardware wallets. These dedicated devices offer robust protection against computer vulnerabilities and online threats. They are incapable of installing additional software and backup options ensure recovery in case of lost devices.
  • Offline transaction signing: Employ two computers, one offline with the complete wallet and transaction-sigining capability, and one online with a watching wallet for unsigned transactions. This enables secure transaction issuance:
  • Create a new transaction on the online computer and save it to a USB key
  • Sign the transaction with the offline computer
  • Send the signed transaction using the online computer. In the event of network compromise, the online computer cannot withdraw funds.

Keep your software up to date – Ensuring your Bitcoin softeware is up to date is pivotal. The latest version provides critical stability and security enhancements, preventing a range of issues and introducing valuable features, all while bolstering your wallets security. Equally vital is updating all other software on your computer or mobile to foster a secure wallet environment.

Multi-signature to protect against theft – Bitcoin offers a multi-signature capability, requiring several independent approvals for a transaction to be executed. It’s valuable for organisations, granting access to treasury funds only when, for example, 3 out of 5 members authorise the withdrawal.

Certain web wallets also offer multi-signature functionality, empowering users to maintain control over their assets and preventing theft by protecting against the compromise of a single device or server.

How to protect yourself?

  • Don’t assume it’s real – Professional-looking websites, adverts or social media posts don’t always mean that an investment opportunity is genuine. Criminals can use the names of well-known brands or individuals to make their scams appear legitimate.
  • Don’t be rushed or pressured into making a decision – A genuine bank or financial organisation won’t force you to part with your money on the spot. Always be wary if you’re pressured to invest quickly or promised returns that sound too good to be true.
  • Stay in control – Avoid uninvited investment offers, especially those over cold calls. If you’re thinking about making an investment, get independent advice and thoroughly research the company first.

 

Advice for victims of investment scams

If you or someone you know has been a victim of an investment scam, don’t feel embarrassed, help and support is available.

  1. Contact the Police immediately. The police will take your case seriously, will deal with it in confidence.
  2. Contact your Bank immediately. Ensure all pending/future transactions are cancelled.
  3. Report to Financial Conduct Authority (FCA). Phone their Consumer Helpline on 0800 111 6768 or using their report form.
  4. Don't communicate further with the criminals. Take screen shots of all your communication. If they contacted you via Social Media, suspend your account (but don’t delete it) and use the online reporting process to report the matter to the platform. Deactivating your account temporarily rather than shutting it down will mean the data is preserved and will help police to collect evidence. Also, keep an eye on all the accounts which you might have linked (i.e. other social media platforms, email etc.) in case the criminals try to contact you via one of those. If you were contacted by email, you can forward the email to the NCSC's Suspicious Email Reporting Service (SERS) on report@phishing.gov.uk, and then delete it.
  5. Preserve evidence. Make a note of all details provided by the offenders, for example; the email address, number or social media account that you have been contacted from; the Western Union or MoneyGram Money Transfer Control Number (MTCN); any bank account details; cryptocurrency wallet, etc.
  6. Block and report. Report them to the platform they have contacted you on and block the individual on the platform / in your contacts.
  7. Don’t panic. It can be a very distressing situation for some people but there is lots of help, advice and guidance out there – DO NOT DELETE ANY CORRESPONDANCE

Further help and support

Cryptocurrency related investment scams are prevelant across various social media platforms which can result in significant financial loss (i.e. lifesavings, pension etc.) and in turn have a negative impact on peoples futures and mental wellbeing.

The best way to protect yourself from crypto currency fraud is to be careful and selective about the websites you visit and whom you engage with online, especially when considering to invest large amounts of money. More information on where and how to invest in crypto currency can be found by visiting the Financial Conduct Authority website – Cryptoassets | FCA

If this has happened to you or someone you know please talk to a family member, friend or colleague that you trust. Please check out our useful links section with more support channels available along with guidance and links to trusted partner agencies.

Remember, if you are the victim of Fraud or any other crime please contact the Police by visiting our website or phoning 101.

Links

Support and Wellbeing:

Further information, advice and guidance

featured

Rec 442X294 Feat Web
Recruitment events

Police Scotland support those who wish to become police officers, special constables or police staff by hosting various online and in-person recruitment events throughout the year.

Vision 2030 Web 442X294px 15020 24 Ca (1)
Our 2030 vision

Safer communities, less crime, supported victims and a thriving workforce. Read about our 2030 vision and three-year plan.

BSL Domestic Abuse Feature Article 14944 T3 AR
Disclosure Scheme

Worried that your partner or the partner of someone you know might have an abusive past? You have the #RightToAsk. Domestic Abuse is everyone’s business. Information now available in BSL.

Help Us Improve (Feature) 11414 T1 Pm
Help Us Improve

If you've reported domestic abuse, rape or sexual crimes to us, we'd appreciate your feedback on the service we provided.

Accessibility Statement2
Accessibility Statement

Police Scotland has been working to make its websites more accessible - read our accessibility statement.

Your Police Survey Featured Bnr 13991 T1 24 AR
Your Police

Help shape policing in your local area.

more features