While working on the launch of the monitoring of cryptocurrency exchangers on Bits.media, I started compiling a list of risks that I faced, and which users wrote to me about after the incidents. And in order not to be wasted, I decided to arrange everything in a separate article. I slightly supplemented it with points when working with p2p sites, since there are also quite a few exchanges there. The list goes from simple to complex, but do not underestimate the risks of even completely stupid fraud methods, people come across them every day, and even the most inveterate cryptans sometimes lose vigilance. Also, at the end, I will provide a few rules to help mitigate these risks.
1. Dots and commas
Works mainly with p2p exchanges. Also very often used with exchange redeem codes. You have agreed on an exchange, and they promise to send you a payment first, and you later, that is, you seem to have no risks. We agreed, for example, for one thousand nine, no matter what. A code for 1.009 falls or comes to your account, after a cursory glance, you send a transfer from your side, and then you are surprised to find that it is one whole and nine thousandths, and not one thousand and nine. This is often tried on systems where a period or comma separates the digits in the display, and the user may confuse one with the other.
2. Fake exchangers
Fake exchangers are most often a few pages and a script that imitate the work of the exchanger. Users are attracted by very tasty courses, sometimes even the purchase price of cryptocurrency is higher than the selling price. Some "exchangers" leave exclusively the exchange of fiat money for cryptocurrency, because for cybercriminals, obtaining cryptocurrency is the safest way. And users, more often than not, will not go beyond the blacklists of exchangers on the forums. That for the attacker most often does not matter, only a few "exchanges" discourage the idea, and then the change of the name + domain and in a new circle. The rest of the vnutryanka can be left unchanged.
3. Phishing
Phishing is also common on existing exchangers, when domains similar to real exchangers are created, advertisements from search engines are given on them, links are sown in thematic groups in social networks, chats, forums. Of the most distinguished "exchangers" they try to squeeze out to the maximum, communicate on behalf of technical support, promise to pay everything, talk about bank delays, false users appear who write that they were paid everything after a delay, you can safely change it, etc. Threatening the owners of forums and monitoring sites for being blacklisted. By the way, I have not yet met the owners of large sites for this, but attempts are constantly being made. They threaten mainly with DDoS attacks, flooding of child pornography, complaints to the authorities, etc. Some offer bribes or leaked competitors' list of fake exchangers.
4. Address spoofing
Most often occurs during p2p exchange on forums and in social networks, where the credentials of a service representative of the exchanger are hacked, and false addresses are placed for accepting cryptocurrency. Often, access to the account is not taken away, the representative communicates as usual and does not immediately notice that the addresses are forged. They also do the same with contacts, for example, they replace the telegram contact, and when they contact them, they throw the client. Sometimes this can be the case with exchangers, and they offer VIP conditions only for you and only now, most importantly, send bitcoins here.
5. A flood of dirty money
They can honestly change your cryptocurrency for rubles, but then you will have problems. Most often this concerns the exchange for Qiwi, but it was also found in other electronic payments and payments to bank cards. Sometimes quite insolently, when you request an exchange for 100,000 rubles, and a stream of 1,500 rubles, 750 rubles, 2,300 rubles, etc. starts pouring in, that is, just the flow of payment for drug bookmarks is sent to your address, until the required amount is poured. Usually, after this, the account is blocked and then you wonder what problems await you next.
6. Social engineering
More often it concerns p2p exchanges. For example, knowing with whom you usually carry out exchanges, a clone of an account is created on the site, visually indistinguishable from your counterparty. The name can most often be made identical by replacing characters, for example, the English "o" with the Russian "o". The same avatar, profile data, etc. Then they knock on private messages and offer an exchange, then everything is clear.
7. Chargeback
Why doesn't anyone like to sell bitcoin for paypal? Because bitcoin will go away for sure, but paypal that has come can be canceled with a chargeback. And most likely there will be nothing to the canceler, since such an exchange is prohibited by paypal, and the stick takes the side of the false payer. In other payment systems, chargebacks can also be done, but usually much more complicated and with a less predictable result.
8. "Draining circuits"
“Stolen” enrichment schemes emerge, or someone, out of the kindness of their soul, shares, it doesn't matter. The essence of the scheme is approximately the following: we earn on the exchange rate spread between exchangers. We go to exchanger 1 and exchange our money there in any form for Qiwi. The exchanger is reliable, with a reputation, has been working for many years, do not be afraid. In exchanger 2, we change Qiwi to bitcoins, this is a large reliable exchanger, here are the reviews, 100% everything will be fine. Now in exchanger 3 we change bitcoins to Qiwi, this is a large American wholesale exchanger, it buys at rates higher than ours, absolutely reliable, here are the reviews. As a result, you get a difference in Qiwi of 5-10% per lap and you can keep driving like that, increasing your earnings. Of course, exchanger 3 is fraudulent here, and its task is to collect cryptocurrency from gullible young businessmen. The expectation is that by checking the reviews and reputation of the first and second exchangers, on the third, attentiveness is already decreasing, because everything goes so well according to the instructions, and the thirst for freebies turns off critical thinking. It seems ridiculous, but in reality people come across, I saw more than one review cheated by this scheme.
9. Man in the middle or "triangle"
Works with exchangers and p2p exchanges. The bottom line is this: the fraudster contacts both the exchanger and the victim. The victim is represented by the exchanger, the exchanger is represented by the client. Both can provide any verification information, as they can request it from the other party. For example, the exchanger says that he wants to exchange rubles from Sberbank for bitcoins, and to the client that he, as an exchanger, will exchange rubles for bitcoins. Asks the exchanger for the details for replenishment, sends them to the victim. The victim can even make sure that these are the details of the exchanger, if they are officially posted, as some do in the p2p exchange. The victim makes a transfer and sends the scammer a bitcoin address for replenishment. The fraudster gives the exchanger his bitcoin address. The exchanger sends bitcoins to the fraudster, and then there is a debriefing between the exchanger and the victim, who threw whom.
10. Cheating with goods
A slightly complicated previous scheme. The victim may not even know what cryptocurrencies are and certainly not want to exchange them. For example, a fraudster places a lot on Avito with the sale of something valuable for a very tasty price, however, an advance payment is required (this may become clear later) or has already been postponed for another buyer, but if you pay now, take it. A guarantee for the buyer - from a scan of documents (linden) to a chargeback from a bank and a criminal case, because the seller shines his card where the payment will go. The price is delicious, there are many who want to, whoever pays first will leave. The one who agrees is given the card number from the exchanger, but the exchanger is told that this is payment for the purchase of cryptocurrency, here is the address for replenishment. The result is the same as in the previous case.
What measures should be taken to minimize exchange risks?
If you know more ways of fraud, or you have methods of counteracting it, write in the comments.
If this article helps at least one person not to fall for the tricks of scammers, then I did not write it in vain) You can save it to your favorites if you find it useful as a checklist. If more methods appear, I will add here.
1. Dots and commas
Works mainly with p2p exchanges. Also very often used with exchange redeem codes. You have agreed on an exchange, and they promise to send you a payment first, and you later, that is, you seem to have no risks. We agreed, for example, for one thousand nine, no matter what. A code for 1.009 falls or comes to your account, after a cursory glance, you send a transfer from your side, and then you are surprised to find that it is one whole and nine thousandths, and not one thousand and nine. This is often tried on systems where a period or comma separates the digits in the display, and the user may confuse one with the other.
2. Fake exchangers
Fake exchangers are most often a few pages and a script that imitate the work of the exchanger. Users are attracted by very tasty courses, sometimes even the purchase price of cryptocurrency is higher than the selling price. Some "exchangers" leave exclusively the exchange of fiat money for cryptocurrency, because for cybercriminals, obtaining cryptocurrency is the safest way. And users, more often than not, will not go beyond the blacklists of exchangers on the forums. That for the attacker most often does not matter, only a few "exchanges" discourage the idea, and then the change of the name + domain and in a new circle. The rest of the vnutryanka can be left unchanged.
3. Phishing
Phishing is also common on existing exchangers, when domains similar to real exchangers are created, advertisements from search engines are given on them, links are sown in thematic groups in social networks, chats, forums. Of the most distinguished "exchangers" they try to squeeze out to the maximum, communicate on behalf of technical support, promise to pay everything, talk about bank delays, false users appear who write that they were paid everything after a delay, you can safely change it, etc. Threatening the owners of forums and monitoring sites for being blacklisted. By the way, I have not yet met the owners of large sites for this, but attempts are constantly being made. They threaten mainly with DDoS attacks, flooding of child pornography, complaints to the authorities, etc. Some offer bribes or leaked competitors' list of fake exchangers.
4. Address spoofing
Most often occurs during p2p exchange on forums and in social networks, where the credentials of a service representative of the exchanger are hacked, and false addresses are placed for accepting cryptocurrency. Often, access to the account is not taken away, the representative communicates as usual and does not immediately notice that the addresses are forged. They also do the same with contacts, for example, they replace the telegram contact, and when they contact them, they throw the client. Sometimes this can be the case with exchangers, and they offer VIP conditions only for you and only now, most importantly, send bitcoins here.
5. A flood of dirty money
They can honestly change your cryptocurrency for rubles, but then you will have problems. Most often this concerns the exchange for Qiwi, but it was also found in other electronic payments and payments to bank cards. Sometimes quite insolently, when you request an exchange for 100,000 rubles, and a stream of 1,500 rubles, 750 rubles, 2,300 rubles, etc. starts pouring in, that is, just the flow of payment for drug bookmarks is sent to your address, until the required amount is poured. Usually, after this, the account is blocked and then you wonder what problems await you next.
6. Social engineering
More often it concerns p2p exchanges. For example, knowing with whom you usually carry out exchanges, a clone of an account is created on the site, visually indistinguishable from your counterparty. The name can most often be made identical by replacing characters, for example, the English "o" with the Russian "o". The same avatar, profile data, etc. Then they knock on private messages and offer an exchange, then everything is clear.
7. Chargeback
Why doesn't anyone like to sell bitcoin for paypal? Because bitcoin will go away for sure, but paypal that has come can be canceled with a chargeback. And most likely there will be nothing to the canceler, since such an exchange is prohibited by paypal, and the stick takes the side of the false payer. In other payment systems, chargebacks can also be done, but usually much more complicated and with a less predictable result.
8. "Draining circuits"
“Stolen” enrichment schemes emerge, or someone, out of the kindness of their soul, shares, it doesn't matter. The essence of the scheme is approximately the following: we earn on the exchange rate spread between exchangers. We go to exchanger 1 and exchange our money there in any form for Qiwi. The exchanger is reliable, with a reputation, has been working for many years, do not be afraid. In exchanger 2, we change Qiwi to bitcoins, this is a large reliable exchanger, here are the reviews, 100% everything will be fine. Now in exchanger 3 we change bitcoins to Qiwi, this is a large American wholesale exchanger, it buys at rates higher than ours, absolutely reliable, here are the reviews. As a result, you get a difference in Qiwi of 5-10% per lap and you can keep driving like that, increasing your earnings. Of course, exchanger 3 is fraudulent here, and its task is to collect cryptocurrency from gullible young businessmen. The expectation is that by checking the reviews and reputation of the first and second exchangers, on the third, attentiveness is already decreasing, because everything goes so well according to the instructions, and the thirst for freebies turns off critical thinking. It seems ridiculous, but in reality people come across, I saw more than one review cheated by this scheme.
9. Man in the middle or "triangle"
Works with exchangers and p2p exchanges. The bottom line is this: the fraudster contacts both the exchanger and the victim. The victim is represented by the exchanger, the exchanger is represented by the client. Both can provide any verification information, as they can request it from the other party. For example, the exchanger says that he wants to exchange rubles from Sberbank for bitcoins, and to the client that he, as an exchanger, will exchange rubles for bitcoins. Asks the exchanger for the details for replenishment, sends them to the victim. The victim can even make sure that these are the details of the exchanger, if they are officially posted, as some do in the p2p exchange. The victim makes a transfer and sends the scammer a bitcoin address for replenishment. The fraudster gives the exchanger his bitcoin address. The exchanger sends bitcoins to the fraudster, and then there is a debriefing between the exchanger and the victim, who threw whom.
10. Cheating with goods
A slightly complicated previous scheme. The victim may not even know what cryptocurrencies are and certainly not want to exchange them. For example, a fraudster places a lot on Avito with the sale of something valuable for a very tasty price, however, an advance payment is required (this may become clear later) or has already been postponed for another buyer, but if you pay now, take it. A guarantee for the buyer - from a scan of documents (linden) to a chargeback from a bank and a criminal case, because the seller shines his card where the payment will go. The price is delicious, there are many who want to, whoever pays first will leave. The one who agrees is given the card number from the exchanger, but the exchanger is told that this is payment for the purchase of cryptocurrency, here is the address for replenishment. The result is the same as in the previous case.
What measures should be taken to minimize exchange risks?
- Mindfulness, adequacy, critical analysis. Always.
- Divide large amounts into parts and exchange the next part after receiving payment of the previous one, then the probability of losing a large amount is sharply reduced.
- Create complex passwords that are unique for each site. If one is hacked, then all other similar ones are traversed through its base.
- Recheck the details at each step. There is even malware that replaces bitcoin addresses in the clipboard. And sometimes users themselves get confused, they send a BCH wallet instead of BTC.
- When working, check additional data. In case of p2p exchange, this can be the user's id on the forum, in social networks, in the messenger. The counter of messages on the forum. If a user had 1500 messages, and now he writes to you, and he has 15, this should raise suspicion. For sites, you can put some kind of puzomerka in the browser. For example, if google.com gives a value for alexa 1 usually, but here it gave out 6 million, then obviously you are on the wrong page, as it seems to you. You can check the domain registration date, etc.
- Google reviews about services and money changers on independent platforms, such as exchanger monitors (for example), and forums. It is useless to look at the reviews on the exchanger's website, anything can be drawn there.
- When accepting payment, ask for a fresh (!) Photo of the card with which the payment will be or a photo of the product. Better yet, a video where it is said in a voice for whom it is being filmed. This will not remove all the risks, but it will weed out those who completely "work" at random.
- Any invoices, files with details, photos, etc. open in a separate virtual machine, in which there is no access to anything of value.
- Do not make transactions at the request of third parties. Even if it's the best friend of my mother's friend's brother.
- Pay attention to the limits of the payment systems you work with.
- When sending cryptocurrencies, select a sufficient level of commission so that the payment does not hang for a long time. In this case, many services can change courses to a disadvantage for you.
- Contact the counterparty through several communication channels for confirmation, for example, via mail, messenger and private messages of the site where the ad is posted. At least on first contact.
If you know more ways of fraud, or you have methods of counteracting it, write in the comments.
If this article helps at least one person not to fall for the tricks of scammers, then I did not write it in vain) You can save it to your favorites if you find it useful as a checklist. If more methods appear, I will add here.
