On the whole, bitcoin is a safe and secure ecosystem. There are threats and risks, however, that all bitcoin users need to be aware of. As with all currencies, bitcoin scams and security threats can range from dramatic multi-million dollar heists, to malware ridden apps and viruses, and rip-offs on minor deals, such as the sale of used goods. Point is, there’s a huge range of security threats within the bitcoin community, as there is with any currency.
Remember, given the anonymity afforded by bitcoin and the Internet in general, it is very hard to go after people through legal means. That’s why we’re going to take a moment to over some of these scams. Instead of focusing on the big heists, like the recent Bitfinex theft, we’re going to focus on the smaller, more subtle scams.
If you’re evaluating a website or service and wondering if it’s a scam, we suggest you jump over to this page and use the scam calculator to compute the risks. Otherwise, if you’re just trying to get an idea of what the risks are, and what red flags you should be watching out for, keep reading!
How You Can Avoid Scams
Before we dig into specific scams, we want to take a moment to highlight a few steps you can take to avoid scams.
- Triple check everything: URLs, security certificates, reviews, etc.
- Triple check for reviews online. Use community websites, like Reddit, to see if other people have experience with the App, website, or service.
- Use different passwords, preferably randomly generated, for EVERY website
- If it sounds too good to be true, it probably isn’t true
- NEVER store all of your bitcoins in one wallet, on one exchange, or in one app. Diversify and divide your holdings.
There are many different types of scams. In most cases, a bitcoin scam is either going to try to steal your bitcoins/other currency, or steal your processing power so some other group can use it to mine bitcoins.
Hijacking Scams Will Steal Processing Power
The idea of stealing process power might be less familiar than traditional scams that steal money, but they are a serious threat. Even if someone “just” steals your processing power to mine bitcoins, they are running up your electricity bills, and slowing down your computer.
Scams looking to steal your processing power will often get users to install apps and programs onto their computers or smartphones. Then these programs will hijack your devices and use the processing power for mining. When bitcoins are mined, the profits are sent back to the people who owned the app.
Watch Out For “Look Alike” Scams
One common way to steal bitcoins is to set up a fake website that looks very similar to a popular exchange or other service. A hacker will basically set up a dummy name at a dummy address, like shapeshit.io instead of shapeshift.io. Unsuspecting users log in and try to either buy bitcoins with their other currencies, or try to sell their bitcoins. Problem is, the website and exchange isn’t real, and once the money is sent, it is gone.
Always, always, always, (always) triple check the URL’s you are typing in. The easiest way to set up a scam site is to simply make a site that features a tiny change in the URL. After changing or dropping just one letter, the scammers then wait for people to mess up while typing in URLS. You go to the site, login, make a transactions, and they steal your information.
Here’s a recent example that was done by Kraken imposters.
To avoid these scams, use bookmarks to bookmark legitimate sites. Also use SSL certificates, and make sure that that the URL begins with HTTPS.
If It’s Too Good To Be True, It Probably Isn’t True
If the website, app, or service simply sounds too good to be true, it probably isn’t true. Quite possibly, it’s a ponzi scheme or other type of scam.
Websites or apps that promise ridiculous returns (i.e. more than say 20% each year), or other amazing benefits, you need to double down and do more research. Don’t sign up and don’t send any money or personal details until you know that the website is legit.
One way scammers trick people is by looking for people who are, by their very nature, trusting. They promise amazing returns precisely because they know that only trusting and naive people will end up signing up for the service. These people, sadly, are the easiest people to trick.
One of the most common ways to scam people through this method is to set up a ponzi scheme. Older users are paid profits with the money of newer users. As a result, some people are making money, and often bragging about it. Eventually, however, the music will stop, money will be lost, and newer users who haven’t been paid back funds will lose out.
Don’t be naive. Ask questions, constantly. Be doubtful, be skeptical, and most importantly, be cautious.
Beware of New Apps and Websites
There are many legitimate apps, mining consortiums, and exchanges. Unfortunately, there are also many scam sites. Usually, the scam sites will offer some seemingly amazing benefit, such as significantly lower processing fees. When signing up for any type of service, you need to examine their website very carefully.
First, check to see if the people in charge of the app or website make themselves known publicly. Is there a biography page? Can these biographies be verified through Linkedin and other websites? Does the management team consist of well-known people? If not, you need to be exceptionally careful. Even if so, you should still be careful.
Whenever you are using a new website or app, check around and look for reviews. Have other people used the website or app successfully? Are there any complaints? If so, what were the complaints?
Finally, when you do sign up for a new account or download a new app, test the app or program with smaller amounts of money. Don’t conduct a huge trade with thousands of dollars worth of bitcoins on a brand new exchange. Test it out with a smaller transaction.
Monitor everything closely. If you download a bitcoin app to your smartphone, for example, monitor your battery life and processor usage. If your battery is being drained faster, or the app is using a large portion of your processing power on a constant basis, it may be hijacking your phone for subversive means.
Watch your balance too. The app or website could be slowly deducting small amounts of money from your account. As already mentioned, don’t put all of your bitcoins in one wallet or on one exchange.
This article was written by Ofir Beigel – a Bitcoin blogger and entrepreneur. He runs the blog 99Bitcoins which is dedicated to helping people getting started with Bitcoin.