Centralized exchanges are a major target for hacks, and there’s no shortage of successful robberies on exchanges. Many exchanges today have insurance for such an event. They are also becoming more regulated to help prevent nefarious actors from swindling investors. Using an exchange’s custodial wallet always carries more risks than holding your cryptocurrency. What happens when the exchange, and not the hackers, are the ones doing the scam? There are many ways exchanges can scam their users.
These include embezzlement, Ponzi schemes, and wash trading.
QuadrigaCX is one of the most well-known exchange scams. Exchange founder Gerald Cotton took a trip in December 2018 where he reportedly fell ill and died. At the time of his death, he was the only person who had access to the exchange’s cold wallet vault. This made user encryption inaccessible except to the late founder. It turned out to be a Ponzi scheme. There is still much mystery surrounding the authenticity of Cotton’s death.
Cryptocurrency exchanges can be a great ramp for many people entering the space. Many provide good educational tools for new users and become more regulated with more user protections. However, the best way to avoid falling victim to an exchange scam and losing your cryptocurrency is to assume sovereignty over your cryptocurrency. Cryptocurrencies were designed to eliminate the need for trust in the system. Exchanges using custody wallets reintroduce this level of trust. Storing cryptocurrencies in a wallet to which you hold the keys is a safer option.
New decentralized
exchanges and decentralized financial apps can also be home to many types of scams, so they should also be approached with caution. If something sounds too good to be true, it often is.
Phishing scams
The Nigerian prince’s emails and Social Security phone calls are the classic phishing scams people are familiar with. The purpose is to obtain sensitive information about someone that can be used to access finances and other information. The cryptocurrency industry is no different. The main targets are recovery phrases, although private keys are also targeted. These scams can be found on messaging apps, emails, and many other forms of online communication.
The easiest and most effective way to protect yourself is to never share your private key or recovery phrase with anyone. No exchange or official party will ever ask you for this information and giving it away is like handing over your wallet.
The second security measure you can take is to make sure you have 2FA security installed on all your accounts. Make sure 2FA uses an official 2FA app like Google Authenticator and not via SMS. Using SMS for this is vulnerable to a SIM swapping scam.
Fraudsters have developed methods through website design to mirror the login pages of the crypto exchange. These pages will look and function almost identically to the regular login page of a crypto exchange and ask users to log in with their ID and password. The website address will be very similar but will use a different top-level domain name (TLD). (.com, .io, .eu) than the legitimate exchange they are imitating. These can be very effective if you’re not paying attention.
Buying coins due to celebrities or YouTube influencers
It is important to remember that most influencers are not financial advisors. They outline this very clearly at the beginning of their videos and promotions. Their main goal is to attract views and interactions on their channels which they can then turn into ad revenue. You should be cautious about buying a good just because someone famous is supporting it.
That’s not to say that all YouTubers and celebrities are trying to scam you. Many YouTube channels offer excellent overviews of coins and exchanges. These should be used as an educational resource, but never taken as gospel.
