Let’s be honest, scammers are constantly looking for ways to steal your money and cryptocurrency. With the recent rise in cryptocurrency investing, opportunities for online fraud and theft have increased as well. Surveys show that crypto scammers stole a total of $14 billion in 2021, almost doubling the amount stolen from the year before. Experts predict these statistics will only worsen moving forward unless users take active steps to protect their information and accounts online.
Coin IRA is fully committed to safeguarding the security and privacy not only of our account holders but of cryptocurrency investors everywhere. We believe raising awareness of the common scams is the best defense against fraudsters and hackers.
The following information outlines some of the top scams to watch out for and tips to avoid falling victim to these scams.
Fabricated Websites and Apps of Legitimate Companies
Fraudsters have been known to duplicate legitimate websites or applications to trick innocent investors into using their platforms. Fortunately, there are some simple signs that can help point out a fake website or app. For instance, fake cryptocurrency trading websites and downloadable apps might use a URL that closely resembles the legitimate one. This makes it easier for innocent users to mistake the fake website or app for the real one. Keep an eye out for inconsistencies such as misspellings in the website’s domain name and for spelling or grammatical errors on the site. Taking a minute to verify the URL for accuracy could prevent you from becoming the victim of a scam. And finally, when in doubt, use the domain lookup tool, https://whois.domaintools.com/.
Always pay attention to the address bar, and be extra cautious about entering your personal information into a site beginning with http instead of https. The “s” indicates that the website uses a security protocol that protects your data while it is in transit between your computer and the website you are visiting. And make sure the contact information on any site asking you to send money or cryptocurrency is reliable.
Be especially suspicious of apps that are not downloaded from the Apple or Google Play stores but instead are downloadable links sent to you via social media apps such as LinkedIn and Facebook. Scammers may target you using something you have in common as an icebreaker, and eventually befriend you, building your trust and then drawing you in with promises of huge returns. If it sounds too good to be true, be wary of engaging with that person and do not download the app.
There are entire websites devoted to identifying fraud, such as https://fraudwatch.com/blog/, which contain invaluable free information on protecting yourself. It is well worth your time to put their recommendations into practice.
Phishing scams are often used to trick you into giving up vital personal and financial details, such as your Social Security number, account number, or login details. Scammers who are phishing will send you fabricated emails or text messages containing deceitful messages or updates.
For instance, they may send you an email informing you about an issue with your account and ask you to click on a link to enter and reconfirm your login details. Clicking on the link will send you to a fake website where the scammer can then proceed to steal your information without you even knowing.
There’s another variation of phishing called smishing that you need to watch out for. Smishing scams or SMS phishing are conducted through text messages and contain the same dishonest intent as phishing scams.
To spot a phishing or smishing scam, you should watch out for the following warning signs:
- Text or email contains misspellings.
- Text or email has grammatical errors.
- Text or email makes unrealistic promises of substantial returns on your investment.
- Text or email creates a false sense of urgency in the user.
- Text or email requires you to disclose sensitive information, such as birth dates, passwords, and user IDs.
- Text or email threatens you with negative consequences.
- Text or email is demanding or nagging.
If you receive a suspicious text message or email, here are some precautions to consider:
- Confirm that the message is trustworthy by running it through a URL scanner such as Norton Safe Web or Google Transparency Report
- Avoid immediately responding to the suspicious text message or email.
- Don’t click on any attachment links or documents.
- Avoid disclosing sensitive information in emails, like your Social Security Number, login credentials, and banking information.
- Avoid calling any numbers contained in a suspected phish.
- Examine the sender’s email address for subtle differences in the spelling (i.e., @cionira.com vs. @coinira.com).
Most people have grown accustomed to applications and software that need constant updates to fix vulnerabilities and flaws. As cryptocurrency platforms are also a type of software, people easily get tricked into thinking that they also need updates. Scammers can plant deceitful upgrade notifications in your email and social media inboxes. During this “upgrade,” they trick you into giving up your private keys and other account information. Before falling victim to this type of scam, call the company who you believe sent it to verify it was real.
Social Media and Romance Scams
Scammers attack vulnerable victims anytime and anywhere they find opportunity, even on dating apps like Tinder and Bumble. Scams conducted on these platforms are often referred to as “romance scams.” Often these scams are strictly online and long-distance. The scammer tries to win over the trust and affection of the victim. They’ll have a very convincing story or too-good-to-be-true opportunity enticing the victim to send money or cryptocurrency and disappearing when it’s time for you to withdraw your funds. Some even just pose as a person with whom you might bond over a common interest, background, or ethnicity. Some may have a money laundering scheme using cryptocurrency they’ll pull you into. Listen to your intuition. If it sounds too good to be true, you’ve never met the person, can’t verify they don’t live in the U.S., and you can’t verify what they’re telling you through a reliable source, proceed with extreme caution or not at all.
Fortunately, users aren’t completely defenseless against cryptocurrency scams. Here are some suggestions on how to avoid becoming the victim of fraud:
Use Multi-Factor Authentication in Your Accounts
Multi-factor authentication (MFA) is a verification method that asks a user to provide two or more verification factors to access a particular resource like an application, trading platform, online account, or VPN. Using MFA decreases the likelihood of scammers accessing your account. (All Coin IRA accountholders are required to use multi-factor authentication.)
Regularly Change Passwords
Most people use a single password or slight variation thereof for every account they have. This makes it easy for scammers and cybercriminals to guess your passwords. Cybersecurity experts from McAfee recommend changing your passwords once every three months. If you find that your account has been hacked or is part of a data breach, change your password immediately.
Don’t Respond to Requests Asking You to Send Cryptocurrency
If you receive an email, a phone call, or a text with a link to download an app to your phone or computer that requires you to send Bitcoin or any other crypto to fund your account, don’t respond, and definitely do not send any cryptocurrency or money.
Before sending money or crypto to anyone online, confirm that you know the person you’re sending it to. If you send cryptocurrency to the wrong wallet or to a scammer’s wallet, there’s no way for you to retrieve your crypto unless the other person sends it back to you. Double-check the recipient’s information before you hit send.
For your information, all Coin IRA accounts must be funded with US dollars, not cryptocurrency, and we have two secure websites you can trust. Our main site is https://www.coinira.com and https://secure.coinira.com. If you receive a link to a site similar to one of these but not exactly the same, report it immediately to our customer support team at email@example.com.
Don’t Share Your Trading Platform Details
If you call Coin IRA regarding information about your account, we will text a six-digit verification code to your cell phone to verify your identity. You never have to provide us with any other information – not your email address, password, phone number or account number. If someone purporting to be an employee of Coin IRA calls you asking for any of your login details, don’t respond. Report the call to our Customer Support Team via firstname.lastname@example.org. The easiest way to record suspicious calls or fraudulent text messages, emails, or websites that appear to be from Coin IRA is to take a screenshot and email it to Coin IRA Customer Support.
Report Cryptocurrency Scams
If you’ve been a victim of a cryptocurrency scam, you can report the incident to the following authorities:
- The Federal Trade Commission at ftc.gov
- Securities and Exchange Commission
- Internet Crime Complaint Center
- Commodity Futures Trading Commission
Coin IRA strives to protect all our users from malicious online scams and theft. If you believe you may have responded to a fraudulent text or email and disclosed personal or account-related information, change your trading account details immediately. After you’ve changed your account details, contact us immediately at 888-998-COIN or 866-924-5421.