While working on launching monitoring of cryptocurrency exchangers on Bits.media, I started compiling a list of risks that I encountered and which users wrote to me about after incidents. And so that the good stuff doesn’t go to waste, I decided to put everything in a separate article. I added a little to it with points when working with p2p sites, since there are also quite a few exchanges taking place there now. The list goes from simple to complex, but do not underestimate the risks of even the most stupid methods of fraud; people fall for them every day, and even the most avid cryptans sometimes lose their vigilance. I will also provide a few rules at the end that will help reduce these risks.
1. Periods and commas
Works mainly with p2p exchanges. Also very often used with exchange redeem codes. You agreed on an exchange, and they promise to send you the payment first, and you then, that is, you have no risks. We agreed, for example, on one thousand and nine, no matter what. A code for 1.009 drops or comes into your account, after a quick look, you send the transfer on your part, and then you are surprised to discover that it is one point nine thousandths, and not one thousand nine. This is often tried in systems where a period or comma separates the digits in the display, and the user can confuse one with the other.
2. False exchangers
False exchangers most often consist of several pages and a script that imitate the operation of an exchanger. Users are lured by very tasty courses, sometimes even the purchase price of cryptocurrency is higher than the sale price. Some “exchangers” only allow the exchange of fiat money for cryptocurrency, because receiving cryptocurrency is the safest for criminals. And users most often will not go beyond the blacklists of exchangers on forums to complain. Which most often does not matter for the attacker, just a few “exchanges” discourage the idea, and then change the name + domain and in a new circle. The rest of the interior does not need to be changed.
3. Phishing
is also common on existing exchangers, when domains similar to real exchangers are created, advertisements from search engines are placed on them, links are planted in thematic groups in social networks, chats, and forums. Of the most distinguished “exchangers,” they try to squeeze the maximum, communicate on behalf of technical support, promise to pay everything, talk about bank delays, false users appear who write that they were paid everything after a delay, they can safely change, etc. They threaten the owners of forums and monitoring sites for inclusion in blacklists. By the way, I have not yet seen a single case where the owners of large sites fell for this, but attempts are being made all the time. They mainly threaten with DDoS attacks, uploading child pornography, complaints to authorities, etc. Some offer bribes or leak lists of false exchangers from competitors.
4. Address substitution
Most often occurs during p2p exchange on forums and social networks, where the credentials of a representative of the exchanger service are hacked and false addresses for accepting cryptocurrency are posted. Often, access to the account is not taken away; the representative communicates as usual and does not immediately notice that the addresses are forged. They do the same with contacts, for example, they replace the telegram contact, and when contacting, they scam the client. Sometimes this can happen with exchangers, and the clients who apply are offered VIP conditions only for you and only now, the main thing is to send the bitcoins here.
5. Pouring dirty money
They can honestly exchange your cryptocurrency for rubles, but then you will have problems. Most often this concerns exchanges on Qiwi, but it has also occurred in other electronic payments and payments to bank cards. Sometimes it’s completely blatant, when you request an exchange for 100,000 rubles, and a stream of 1500 rubles, 750 rubles, 2300 rubles, etc. starts pouring in, that is, they simply send a stream of payments for drug stashes to your address, until the required amount is poured. Usually, after this, the account is blocked and then you wonder what problems await you next.
6. Social engineering
Most often concerns p2p exchanges. For example, knowing with whom you usually conduct exchanges, a clone of the account is created on the site, visually indistinguishable from your counterparty. The name can most often be made identical by replacing symbols, for example, the English “o” with the Russian “o”. The same avatar, profile data, etc. Then they knock on your private messages and offer an exchange, then everything is clear.
7. Chargeback
Why doesn't anyone like selling Bitcoin for PayPal? Because Bitcoin will definitely go away, but the incoming PayPal can be canceled with a chargeback. And the one who canceled most likely will not receive anything, since such an exchange is prohibited by PayPal, and the stick takes the side of the false payer. In other payment systems, chargebacks can also be done, but usually much more complicated and with less predictable results.
8. “Draining of schemes”
“Stolen” enrichment schemes come to light, or someone shares it out of the kindness of their hearts, it doesn’t matter. The essence of the scheme is approximately the following: we make money on the exchange rate spread between exchangers. We go to exchanger 1 and change our money there in any form to Qiwi. The exchanger is reliable, has a reputation, has been working for many years, don’t be afraid. In exchanger 2 we exchange Qiwi for bitcoins, this is a large reliable exchanger, here are the reviews, 100% everything will be fine. Now in exchanger 3 we change bitcoins to Qiwi, this is a large American wholesale exchanger, it buys at rates higher than ours, it is absolutely reliable, here are the reviews. As a result, you get a difference in Qiwi of 5-10% per lap and you can continue racing like this, increasing your earnings. Of course, exchanger 3 here is fraudulent, and its task is to collect cryptocurrency from gullible young businessmen. The expectation is that by checking the reviews and reputation of the first and second exchanger, at the third exchanger, attentiveness already subsides, because everything goes so well according to the instructions, and the thirst for freebies turns off critical thinking. It seems funny, but people actually get caught, I have seen more than one review of those deceived by this scheme.
9. Man in the middle or “triangle”
Works with both exchangers and p2p exchanges. The bottom line is this: the scammer contacts both the exchanger and the victim. The victim appears to be an exchanger, and the exchanger appears to be a client. Both can provide any verification information, as they can request it from the other party. For example, he tells the exchanger that he wants to exchange rubles from Sberbank for bitcoins, and the client that he, as an exchanger, will exchange rubles for bitcoins. Requests the exchanger for details for replenishment and forwards them to the victim. The victim can even make sure that these are the details of the exchanger if they are officially posted, as some do in p2p exchanges. The victim makes a transfer and sends the scammer a Bitcoin address for replenishment. The scammer already gives his Bitcoin address to the exchanger. The exchanger sends bitcoins to the scammer, and then there is a debriefing between the exchanger and the victim about who cheated whom. Now most exchangers know about such schemes, but they are still trying to use this method.
10. Deception with goods
A slightly more complicated previous scheme. The victim may not even know what cryptocurrencies are and certainly may not want to engage in their exchange. For example, a scammer places a lot on Avito with the sale of something valuable for a very tasty price, but prepayment is required (this may become clear later) or he has already put it aside for another buyer, but if you pay now, take it. Guarantee for the buyer - from scanned documents (linden) to chargeback from the bank and criminal case, because the seller shows his card where the payment will go. The price is delicious, there are a lot of people willing, the first one to pay will go. The person who agrees is given a card number from the exchanger, and the exchanger is told that this is payment for the purchase of cryptocurrency, here is the address for replenishment. The result is the same as in the previous case.
What measures should be taken to minimize risks during exchange?
If you know other ways of fraud, or you have methods to counter it, write in the comments.
If this article helps at least one person not to fall for the tricks of scammers, then I didn’t write it in vain) You can save it to your favorites if you find it useful as a checklist. If more methods appear, I will add them here.
1. Periods and commas
Works mainly with p2p exchanges. Also very often used with exchange redeem codes. You agreed on an exchange, and they promise to send you the payment first, and you then, that is, you have no risks. We agreed, for example, on one thousand and nine, no matter what. A code for 1.009 drops or comes into your account, after a quick look, you send the transfer on your part, and then you are surprised to discover that it is one point nine thousandths, and not one thousand nine. This is often tried in systems where a period or comma separates the digits in the display, and the user can confuse one with the other.
2. False exchangers
False exchangers most often consist of several pages and a script that imitate the operation of an exchanger. Users are lured by very tasty courses, sometimes even the purchase price of cryptocurrency is higher than the sale price. Some “exchangers” only allow the exchange of fiat money for cryptocurrency, because receiving cryptocurrency is the safest for criminals. And users most often will not go beyond the blacklists of exchangers on forums to complain. Which most often does not matter for the attacker, just a few “exchanges” discourage the idea, and then change the name + domain and in a new circle. The rest of the interior does not need to be changed.
3. Phishing
is also common on existing exchangers, when domains similar to real exchangers are created, advertisements from search engines are placed on them, links are planted in thematic groups in social networks, chats, and forums. Of the most distinguished “exchangers,” they try to squeeze the maximum, communicate on behalf of technical support, promise to pay everything, talk about bank delays, false users appear who write that they were paid everything after a delay, they can safely change, etc. They threaten the owners of forums and monitoring sites for inclusion in blacklists. By the way, I have not yet seen a single case where the owners of large sites fell for this, but attempts are being made all the time. They mainly threaten with DDoS attacks, uploading child pornography, complaints to authorities, etc. Some offer bribes or leak lists of false exchangers from competitors.
4. Address substitution
Most often occurs during p2p exchange on forums and social networks, where the credentials of a representative of the exchanger service are hacked and false addresses for accepting cryptocurrency are posted. Often, access to the account is not taken away; the representative communicates as usual and does not immediately notice that the addresses are forged. They do the same with contacts, for example, they replace the telegram contact, and when contacting, they scam the client. Sometimes this can happen with exchangers, and the clients who apply are offered VIP conditions only for you and only now, the main thing is to send the bitcoins here.
5. Pouring dirty money
They can honestly exchange your cryptocurrency for rubles, but then you will have problems. Most often this concerns exchanges on Qiwi, but it has also occurred in other electronic payments and payments to bank cards. Sometimes it’s completely blatant, when you request an exchange for 100,000 rubles, and a stream of 1500 rubles, 750 rubles, 2300 rubles, etc. starts pouring in, that is, they simply send a stream of payments for drug stashes to your address, until the required amount is poured. Usually, after this, the account is blocked and then you wonder what problems await you next.
6. Social engineering
Most often concerns p2p exchanges. For example, knowing with whom you usually conduct exchanges, a clone of the account is created on the site, visually indistinguishable from your counterparty. The name can most often be made identical by replacing symbols, for example, the English “o” with the Russian “o”. The same avatar, profile data, etc. Then they knock on your private messages and offer an exchange, then everything is clear.
7. Chargeback
Why doesn't anyone like selling Bitcoin for PayPal? Because Bitcoin will definitely go away, but the incoming PayPal can be canceled with a chargeback. And the one who canceled most likely will not receive anything, since such an exchange is prohibited by PayPal, and the stick takes the side of the false payer. In other payment systems, chargebacks can also be done, but usually much more complicated and with less predictable results.
8. “Draining of schemes”
“Stolen” enrichment schemes come to light, or someone shares it out of the kindness of their hearts, it doesn’t matter. The essence of the scheme is approximately the following: we make money on the exchange rate spread between exchangers. We go to exchanger 1 and change our money there in any form to Qiwi. The exchanger is reliable, has a reputation, has been working for many years, don’t be afraid. In exchanger 2 we exchange Qiwi for bitcoins, this is a large reliable exchanger, here are the reviews, 100% everything will be fine. Now in exchanger 3 we change bitcoins to Qiwi, this is a large American wholesale exchanger, it buys at rates higher than ours, it is absolutely reliable, here are the reviews. As a result, you get a difference in Qiwi of 5-10% per lap and you can continue racing like this, increasing your earnings. Of course, exchanger 3 here is fraudulent, and its task is to collect cryptocurrency from gullible young businessmen. The expectation is that by checking the reviews and reputation of the first and second exchanger, at the third exchanger, attentiveness already subsides, because everything goes so well according to the instructions, and the thirst for freebies turns off critical thinking. It seems funny, but people actually get caught, I have seen more than one review of those deceived by this scheme.
9. Man in the middle or “triangle”
Works with both exchangers and p2p exchanges. The bottom line is this: the scammer contacts both the exchanger and the victim. The victim appears to be an exchanger, and the exchanger appears to be a client. Both can provide any verification information, as they can request it from the other party. For example, he tells the exchanger that he wants to exchange rubles from Sberbank for bitcoins, and the client that he, as an exchanger, will exchange rubles for bitcoins. Requests the exchanger for details for replenishment and forwards them to the victim. The victim can even make sure that these are the details of the exchanger if they are officially posted, as some do in p2p exchanges. The victim makes a transfer and sends the scammer a Bitcoin address for replenishment. The scammer already gives his Bitcoin address to the exchanger. The exchanger sends bitcoins to the scammer, and then there is a debriefing between the exchanger and the victim about who cheated whom. Now most exchangers know about such schemes, but they are still trying to use this method.
10. Deception with goods
A slightly more complicated previous scheme. The victim may not even know what cryptocurrencies are and certainly may not want to engage in their exchange. For example, a scammer places a lot on Avito with the sale of something valuable for a very tasty price, but prepayment is required (this may become clear later) or he has already put it aside for another buyer, but if you pay now, take it. Guarantee for the buyer - from scanned documents (linden) to chargeback from the bank and criminal case, because the seller shows his card where the payment will go. The price is delicious, there are a lot of people willing, the first one to pay will go. The person who agrees is given a card number from the exchanger, and the exchanger is told that this is payment for the purchase of cryptocurrency, here is the address for replenishment. The result is the same as in the previous case.
What measures should be taken to minimize risks during exchange?
- Attentiveness, adequacy, critical analysis. Always.
- Divide large sums into parts and exchange the next part after receiving payment for the previous one, then the likelihood of losing a large amount is sharply reduced.
- Create complex passwords, unique for each site. If one is hacked, its database is then searched through all other similar ones.
- Double-check your details at every stage. There is even malware that replaces Bitcoin addresses on the clipboard. And sometimes users themselves get confused and send a BCH wallet instead of BTC.
- When working, check additional information. In p2p exchange, this can be the user id on a forum, social network, or messenger. Counter of messages on the forum. If a user had 1500 messages, and now he writes to you, and he has 15, this should raise suspicions. For websites, you can put some kind of bloatware in the browser. Let's say, if google.com usually gives an alexa value of 1, but here it gives 6 million, then obviously you are on the wrong page as you think. You can check the domain registration date, etc.
- Google reviews of services and money changers on independent sites, such as monitoring exchangers and forums. It is useless to look at reviews on the exchanger’s website; anything can be written there.
- When accepting payment, ask for a recent(!) photo of the card with which payment will be made or a photo of the product. Or better yet, a video where it is spoken out in a voice for whom it is being filmed. This will not eliminate all risks, but it will weed out those who are just “working at random”.
- Any invoices, files with details, photos, etc. open in a separate virtual machine, in which there is no access to anything valuable.
- Do not make transactions at the request of third parties. Even if it's my mother's friend's brother's best friend.
- Pay attention to the limits of the payment systems you work with.
- When sending cryptocurrencies, select a sufficient commission level so that the payment does not hang up for a long time. In this case, many services can change the rates in a direction unfavorable for you.
- Contact the counterparty through several communication channels for confirmation, for example through mail, instant messenger and personal messages of the site where the ad is posted. At least on first contact.
If you know other ways of fraud, or you have methods to counter it, write in the comments.
If this article helps at least one person not to fall for the tricks of scammers, then I didn’t write it in vain) You can save it to your favorites if you find it useful as a checklist. If more methods appear, I will add them here.
