With $3.7 billion lost, the Crypto Scams Report projects that 2022 was the most significant year yet for crypto scams, though, the count of individual scamming events rose from 219 in 2022 to 231 in 2023, monies stolen dropped by roughly 54.3% to $1.7 billion in 2023
Although consumers are more conscious of the strategies used to steal crypto assets and technology has grown more safe and stable, if care is not taken vulnerabilities can still be taken advantage of.
Protechbro has produced a list of fresh crypto frauds under usage together with tips for spotting and avoiding them.
New Crypto Scams in 2024 – 2025
- Initial Coin Offerings (ICO) scam
- DeepFake Scam
- NFT Scam
- Social Media Scam
- Crypto Rug pull
- Crypto Romance Scam
- Approval Phishing Crypto Scam
ICOs (Initial Coin Offerings) scam
An interesting fresh approach to finance is ICOs, or Initial Coin Offering. They could be able to replace the current startup funding pushed by venture capitalists. There are some drawbacks to this evolution, but as well. Funding ICOs comes with risk. Scams abound, and occasionally it might be difficult to recognize dubious initiatives at first look.
The Olympic 2024 Token ICO Fraud (Case Study)
March 30, 2024, saw the registration of the domain name theolympictoken.com; its website went up a day following the release of an Olympics Games Token, a digital asset available to any internet user to invest. It says it uses the Olympic 2024 emblem, is connected to the International Olympic Committee, and even counts down for the event.
It lets investors trade tokens on a respectable Bitcoin exchange, Raydium. Although many exchanges let users add and remove liquidity for any token, being able to trade a token on official exchanges does not guarantee that the token is valid.
The phoney ICO website links to a whitepaper as well, but it goes to the official olympics.com website instead of a real whitepaper concerning the project. This is a red sign right away: honest ICOs always present a whitepaper outlining the inner idea of the enterprise.
Cybercriminals running an X (previously Twitter) account began simultaneously advertising the website with its launch. A Telegram channel also aggressively pushed its members into urgently purchasing what it refers to as Olympic Games Token (OGT).
Cybercriminals most likely have used other social networking channels to lure individuals to the Telegram channel or the phoney ICO website. Usually, ICO frauds work this way: once the fake website is launched, aggressive marketing drives traffic and possible victims to invest in the project on social networks, forums, and other online platforms.
The website was closed a few days after its domain was registered, but we believe the fraudsters behind the scheme started running under olympictokensolana.com, which shares the same material as the first bogus ICO website.
How to spot ICO scams: You can ask yourself the following questions:
Do you understand the project?
Do the projects have actual use cases you can also understand, or are they just using many buzzwords like AI, blockchain, decentralized, revolutionary, and such? If a project’s whitepaper conveys little information on the project’s real purpose and you need clarification as you dig deeper, then you should be on alert. Generally, it’s prudent not to invest in something you can’t explain yourself.
Will the project provide real value?
Does the project do anything of worth? If not, it probably won’t garner any traction. People will only buy something if it has value. Otherwise, what’s the point?
If things look fishy, they probably are
You have looked at the project website, checked out a video, and read the whitepaper, yet you still ask yourself what the whole project is about.
Does the project need a blockchain?
Can the project the team is working on only be realized with blockchain? Or could the project quickly be done without employing the technology? Ensure the project’s whitepaper explains why this specific project needs a blockchain and its role in developing its future product.
Do your research
Don’t just believe random people on the internet, but do your research on a project you are interested in. Read the whitepaper, read the posts on Medium, and join official discussions on Telegram or Discord. Find out what you want to know.
DeepFake Scam
Artificial media produced with computer processing and machine learning methods—more especially, “deep” learning—is known as a “deepfake.” These methods are employed to produce completely original information or modify already-existing content to give the impression that someone said or did something they did not.
In deepfakes, the body of another person is frequently replaced with the face of another in a picture or video. The “face-swapping” method is accomplished through the use of a generative adversarial network, or “GAN,” a type of deep neural network.
To produce deepfakes, GANs employ two machine learning algorithms: one generates the image, while the other looks for it.
Deepfake technology is useful for producing special effects in the entertainment sector, but threat actors can also use it to create misleading content that disseminates false information, manipulates public opinion, and impersonates real people (e.g., to trick staff members into transferring money to fraudulent accounts).
Pete Pachal, the author of the great Media CoPilot Substack, stated recently in a paper regarding deepfakes, AI, and cryptocurrency that “there is no easy way to deal with the problem because it’s multiple problems, each with its variables and solutions.”
Speaking at a Consensus 2024 session titled “From Taylor Swift to the 2024 Election: Deepfakes vs. Truth,” Pachal claimed that as AI picture production has advanced, deepfakes have been harder to identify.
For example, earlier this month, a spoof video of Elon Musk endorsing the Quantum AI trading platform went viral on social media, misleading a good number of consumers with false promises of returns.
These kinds of cases are probably just going to increase. Cryptocurrency was “the main target sector,” according to verification company Sumsub, for over 90% of deepfake scams found in 2023.
The FBI’s cyber crime report indicates that losses from cryptocurrency investments in the United States increased by 53% to $3.9 billion in the previous year, while it is unknown how successful these scams were.
5 Best Deepfake Detector Tools & Techniques
1. Sentinel
Leading artificial intelligence-based security tool Sentinel helps businesses, defense teams, and democratic governments neutralize the threat of deepfakes Leading companies around Europe apply Sentinel’s technologies.
Users of the system can submit digital media through their website or API, automatically checked for artificial intelligence forgery. The system imagines the manipulation and finds whether the media is a deepfake.
2. WeVerify Deepfake Detector
WeVerify Deepfake Detector is a is a corporation dedicated to solve advanced content verification related issues. Its Deepfake Detector system searches web material and social media to find false information and created or manipulated content.
This can then be revealed via a public database of known fakes built on a blockchain. It uses open-source techniques, a participatory verification approach, in-the-loop machine learning with little human involvement, and clear-cut visuals.
3. Reality Defender
Designed at the enterprise level, Reality Defender finds and neutralizes deepfakes in images, audio, and video materials. Using cutting-edge deepfake and generative content fingerprinting technologies, the platform offers companies thorough and proactive scanning as well as rich reporting and actionable insights to protect against false digital content.
Reality Defender’s Generative Text Detection—which can find AI-generated text—is one of its most prominent qualities. Capable of scanning material from many language models including ChatGPT, Bard, and Bing AI, the tool provides fast, actionable data showing the possibility of text manipulation. The Reality Defender API or the web application let users identify text to upload several files at once.
4. Google SynthID
Google SynthID is a watermarking tool created for AI-generated content, has beta-launched DeepMind, Google’s research unit dedicated on artificial intelligence and machine learning.
SynthID lets digital watermarks be included into AI-generated photos, films, and audio recordings, therefore facilitating simple identification. Though invisible to human senses, this watermark enables developers of AI content to assert content provenance and build confidence in artificial intelligence-generated materials.
5. Microsoft’s Video Authenticator Tool
Microsoft’s Video Authenticator Tool is a offers a potent tool for analyzing a still picture or video to generate a confidence score indicating media manipulation presence. It finds the mixing point between the imperceptible to human eye deepfake and subtle grayscale parts.
It also offers real-time confidence score so that deepfakes may be found right away. Advanced artificial intelligence algorithms in the Video Authenticator Tool examine media to identify evidence of manipulation. It searches for minute variations in the press’s grayscale parts, frequently a clue of a deepfake. The instrument gives users a real-time confidence score so they may decide fast whether the press is real.
How to protect yourself from Deepfakes
- Avoiding deepfakes starts with extreme caution about the personal information you publish online. Limit the quantity of personal data you have on file, particularly high-quality images and videos fit for a deepfake creation.
- Encourage better internet behavior. Promote strong password hygiene, multi-factor authentication, and careful personal information sharing to reduce the possibility of data leaks utilized to produce deepfakes.
- Even if they come from someone you know, be wary of unwanted calls or messages.
- Based alone on a phone call or video chat, never send money or divulge personal information.
- Try phoning the person you are chatting with back at a known number or getting in touch via another channel to help you confirm their identify.
- Learn about the most recent deepfake technologies and their applications in fooling others.
NFT Scam
NFTs are all the rage because they allow artists and content creators to sell their NFT collections for thousands, if not millions, of dollars. In 2021 alone, NFT trades totaled a whopping $17 billion, up 21,000% from the previous year. Unfortunately, the boom has also attracted a deluge of NFT scams.
These scams can make you lose your NFTs or make them worthless in one fell swoop. You may even end up buying NFTs that will disappear before you can turn a profit.
6 Most common NFT Scam
1. Fake Artwork and Counterfeit NFTs
Making and marketing phony artwork or counterfeit NFTs is one of the most often used NFT frauds. Scammers could copy well-known digital art works or produce fresh ones, passing them off as original and valuable.
For worthless or stolen artwork, naive purchasers could spend big bucks. Verifying the legitimacy of the artwork and the NFT before buying will help you to protect yourself. Investigate the artist, look for any past sales or shows, and search for reliable markets or platforms verifying the NFTs on their lists.
2. Phishing Scams
Generally speaking, hackers access your NFT account details using phishing. They use phoney links—often from email or prominent social media channels and forums like Twitter and Discord—to do this.
Hackers access and compromise your account via keylogging or spyware once you click the link and input your data.
Not surprise, NFT phishing schemes are proliferating. For instance, in a phishing assault aiming at OpenSea, the most often used NFT platform, hackers stole around $1.7 million worth of NFTs in February 2022.
OpenSea had urged consumers to change their contact information, but con artists cloned the email of the trading platform and emailed NFT owners access to bogus websites.
3. Bidding Scams
Trying to sell your NFT often results in bidding frauds in the secondary market. Once you post your NFT for sale, scammers deliberately place the highest bid, therefore luring you to complete the deal.
But these dishonest people can subtly change the bitcoin utilized for bidding, unknown of you. You have to regularly confirm the bitcoin you are getting paid with to protect yourself from such frauds.
4. NFT Airdrop Scams
Scammers running airdrop frauds post free NFT prizes on social media sites. Once consumers click the given link, scammers ask them to consent to the given “terms and conditions.”
They also exhange people to forward the tweet or message to others. Users are guided to link their MetaMask wallet credentials to collect the given prize once the link is clicked. The system of the scammers will store the credentials users entered.
As so, the scammers will have illegal access to the MetaMask library, allowing them to rapidly pilfers their valuables.
5. Pump-and-Dump Schemes
In a pump-and- dump NFT fraud, con artists use misrepresentation and dissemination of false information to artificially raise the price of an NFT. They “dump” the NFT and vanish completely without a trace once the price rises, therefore rendering investors with useless assets.
Usually, con artists use celebrity sponsorships and social media to create an obsession around an NFT. Many times, they fund the NFT, therefore increasing the price and challenging investors to ignore.
6. Bidding Scams
Bidding scams often happen in the secondary market when you try to sell your NFT. When you put your NFT up for sale, scammers place the highest bid, and you naturally want to sell it to them. However, these scammers can only change the cryptocurrency used for the bidding with your knowledge.
Imagine a fraudster bids 20 Ether for your NFT art. You’ll expect to receive around $9,000 (per the going rate at the time of writing). However, a crafty scammer can switch the crypto to 50 Dogecoin, worth less than $5.
To avoid such scams, double-check which crypto you’re being paid with and be sure not to accept anything less than the agreed-upon bidding offer.
Social Media Crypto Scam
Though they are not new, social media crypto frauds are still rampant. With bogus crypto and crypto investment scams accounting for a large portion of the estimated $770 million in social media frauds committed by the Federal Trade Commission (FTC), For good reason, crypto con artists enjoy social media.
It’s a reasonably priced means of reaching billions of individuals all around the world. Social media also fosters anonymity, so it becomes increasingly difficult to track crimes back to their offenders.
To fool the public and convince people to take part in their operation, scammers might quickly establish a phoney account or hack into a current profile. After sorting through publically accessible social media profiles, one can quickly modify their approach depending on their learning.
Whether coworkers, acquaintances, or a business, scammers often use public information to pass like someone you would trust.
Scammers can also effectively use the advertising tools on social media platforms to send tailored, phoney ads to potential victims. By guiding users to fake crypto wallets, criminals utilized tailored Google advertising in 2021 to pilfers $500k worth of bitcoin.
Examples of Crypto Scams on Social Media
1. Celebrity impersonation
Scammers often use social media’s built-in trust signals (such as the blue checkmarks on Twitter, for example) to their advantage regarding scams. They create false profiles of famous investors, celebrities, and billionaires and target their victims through fake posts and unsolicited direct messages (DMs).
To appear legitimate and like real-life celebrities, scammers will design profile images that include a blue checkmark for their fake accounts, or they will skillfully insert a blue check emoji at just the perfect position to make it look natural.
A simple way to determine the legitimacy of these accounts is to go through their profile and social media posts. More often than not, these bogus profiles have posts riddled with errors in grammar and spelling and the promise of fantastic rewards for doing nothing other than clicking a link.
There are other clear signs that the account is fraudulent, such as if they don’t have the number of followers they should have or if the account has only been created recently. You can tell if an account has been created recently by timing their first post or the total number of posts to date.
2. Business impersonation:
Like celebrities, businesses can get impersonated, too. This is a particularly thorny issue for small and new crypto startups in the early stages of building an online presence because their reputation is at stake if someone thinks they are investing in these businesses when sending funds to a scammer impersonating them.
For brand owners, brand protection software such as a business impersonation removal tool can help solve this problem. For instance, Red Points’ business impersonation service can automate the detection and reporting of impersonators across all top social media platforms.
However, for general users, the guidelines to avoid businesses that have been impersonated remain the same, so they should study their online presence before deciding to click on any link. If the business’s social media presence doesn’t match what you’d expect from the brand, it’s better to avoid clicking on any links they share or send you.
3. “Giveaway” accounts
Most social media crypto scams succeed for one simple reason: greed. Giveaway scams follow a general pattern. The scammers mimic famous brands and impersonate celebrities to advertise giveaways that promise to double your money if you transfer Bitcoin or other crypto assets into a particular wallet address.
Of course, the opposite is true; once you send your cryptocurrency, you can never get it back.
Crypto Rug Pull
A rug pull is an exit scam involving a team raising money from investors and the public by selling a token only to quietly shut down the project or suddenly disappear, stealing the raised funds and leaving “investors” (i.e., their victims) with worthless tokens.
Rug pulls can be extensively orchestrated, with nefarious actors leveraging social media influencers and hype-generating campaigns to lure as many victims as possible.
Common types of rug pulls include:
- Malicious actors withdraw liquidity from a token pool, therefore reducing the value of the token via a lack of buyers and sellers.
- Scammers start apparently respectable enterprises, collect money, then vanish with it, leaving investors with worthless tokens.
- By means of coordinated buying, fraudsters artificially raise the price of a token, so selling their holdings at the peak and hence wrecks the value.
- The team members of the project vanish or leave without warning, therefore depriving investors of assistance and a collapsing token.
How To Identify and Avoid Rug Pulls
- Investigate the personnel, technology, objectives, and community of the initiative before making any investment. Search for red flags include lacking openness or unidentified teams.
- Reputable projects may go through outside security audits. See whether the project has been audited and go over the audit report looking for flaws.
- Community involvement: interact on social media and through forums with the community of the project. A strong and involved community can point to a worthy initiative.
- Avoid exaggerated returns and yields, too aggressive marketing, and pressure to invest fast. Use your gut feeling to steer clear of FOMO (Fear Of Missing Out).
Crypto Romance Scam
Romance scams are another traditional scam that has crossed the crypto space. In this scam, a con artist forms a relationship with someone they have met online. The relationship usually develops quickly, with professions of love soon made by the scammer.
Once the scammer has tightened their grip over the victim, they tend to employ tactics to extract money, such as distancing themselves; when questioned, they may claim it is due to financial hardship or caring for a sick family member who needs treatment they cannot afford. In other cases, scammers want to meet the victim but cannot afford the trip expenses.
Combined with other factors, one tell-tale sign is if the scammer never agrees to video calls. An excuse is a poor internet connection. In all cases of romance scams, the scammer claims they urgently need funds while promising repayment, which never arrives.
How to Avoid Falling for a Romance Scam
- Reason rather than emotionally when meeting someone whose behavior fits the description above or demonstrates other reasons to raise suspicions.
- Never having seen the person (even on a video call) throughout the relationship may be a red flag for scams.
- Relationships that develop quickly, notably when combined with other factors, are another cause for concern and may signal this type of scam.
- Use a reverse image search to see if the scammer uses another person’s photo.
- To hide their identity and location, the scammer often insists on transferring funds in cryptocurrency, prepaid cards, or gift cards.
Approval Phishing Crypto Scam
According to a new Chainalysis analysis, at least $1 billion in cryptocurrencies have been pilfers using approval phishing scams since May 2021.
According to the researchers, crypto users have lost at least $374m in 2023 via this method, which romance scammers routinely employ.
Approval phishing is a crypto fraud whereby attackers try to fool targets into signing a hostile blockchain transaction approving their address to spend particular tokens inside the victim’s wallet. This lets the con artist empty the victim’s address of these tokens at will with some targets losing tens of millions.
Usually, the phisher sends the money to another wallet from the one the victim approved once she signs the transaction.
According to the report, approval phishers target particular crypto users more and more, developing connections with victims and usually employing romance scam tactics to get them to sign approval transactions.
The data indicates that a small number of very successful actors mostly drives most approved phishing theft. Believed to have pilfers $44.3 million from thousands of victim addresses, the most successful address accounts for 4.4% of all the cryptocurrencies taken over the investigated period.
Of the sum stolen, the ten biggest approval phishing thefts accounted for 15.9%; the 73 most extensive account for half.
Given the chronically underreporting of romance scams, Chainalysis thinks the real damages from this fraud could be far more.
How to Tackle Approval Phishing
The report set out a range of steps crypto compliance teams can take to tackle this threat:
- Educate cryptocurrency users about this crypto scam and only sign approval transactions if they trust the person or company on the other side.
- We are monitoring the blockchain for suspected approval phishing consolidation wallets with heavy exposure to destination addresses.
- Take steps such as automatically freezing the funds or reporting to law enforcement when suspect wallets move funds to their platform.
Conclusion
Notwithstanding technological developments and growing awareness, crypto scammers keep taking advantage of weaknesses using sophisticated methods such deepfakes, ICO fraud, NFT manipulation, and social media deceit.
From ICOs and deepfake fraud to rug pulls and crypto romance scams—the variety and intricacy of these schemes reflect the always changing terrain of crypto assets risks.
Growing awareness of alertness, education, and strong security measures is matched by the expansion of the crypto realm. Users have to keep updated on these new dangers and implement aggressive plans to protect their cryptocurrency against frauds..