Avoiding Crypto Scams

I asked grok3, the AI behind x.com, formerly twitter, the following question:

List for me the most common ways people get tricked out of their cryptocurrencies. Then, list the top ways people lose their cryptocurrencies.

Grok responded:

Most Common Ways People Get Tricked Out of Their Cryptocurrencies

  1. Phishing Scams: Attackers impersonate legitimate platforms (e.g., exchanges, wallets) via fake emails, texts, or websites to steal private keys, seed phrases, or login credentials.

    (My comments: Impersonation is a big problem. People can pretend to be me, TEXITcoin, coinbase, or a representative of these organizations. Coinbase’s employees were recently bribed.

    https://www.usatoday.com/story/money/2025/05/20/how-to-protect-yourself-coinbase-data-breach/83743823007/

    So-called “trusted” sources can contact you, and tell you that your wallet “has been” hacked, and then tell you to quickly send your crypto to a new wallet, (theirs), which they will say is your new one, but it is really their wallet. That’s the scam! Or they will say they need your private key and they will take care of it for you, or look into it. It’s a scam.)
  2. Ponzi Schemes and Fake Investment Platforms: Scammers promise high returns through “crypto investment opportunities” that are actually Ponzi schemes or non-existent trading platforms.
  3. Social Engineering: Fraudsters manipulate victims through fake customer support, romance scams, or impersonation of trusted figures to trick them into sending crypto or revealing sensitive information.
  4. Fake Crypto Projects and ICOs: Bogus initial coin offerings (ICOs) or token projects lure investors with fake whitepapers or promises of revolutionary technology, only to disappear with funds.
  5. Malware and Keyloggers: Malicious software installed on victims’ devices captures private keys, seed phrases, or wallet credentials, often through fake apps or downloads.
  6. Rug Pulls: Developers of a crypto project hype it up, collect funds, and then abandon it, leaving investors with worthless tokens.
  7. Giveaway Scams: Scammers pose as influencers or companies, promising to double crypto sent to a specific address, but never return funds.
  8. SIM Swapping: Hackers take over a victim’s phone number to bypass two-factor authentication (2FA) and access crypto accounts.

Top Ways People Lose Their Cryptocurrencies

Human Error: Mistakes like entering incorrect transaction details, overpaying fees, or failing to secure accounts (e.g., weak passwords) lead to losses.

Lost Private Keys or Seed Phrases: Forgetting or misplacing private keys/seed phrases renders wallets inaccessible, with no recovery option.

Hacked Exchanges or Wallets: Centralized exchanges or poorly secured wallets are breached, leading to theft of users’ funds.

Sending to Wrong Addresses: Users accidentally send crypto to incorrect or nonexistent wallet addresses, where funds are irretrievable.

Scams and Fraud: Falling for phishing, fake projects, or other scams (as listed above) results in direct loss of funds.

Device Loss or Failure: Losing a device (e.g., phone, hardware wallet) without backing up private keys/seed phrases leads to permanent loss.

Market Manipulation and Pump-and-Dump Schemes: Investors buy into hyped tokens that crash after insiders sell off, causing significant financial losses.

Malware Infections: Malware compromises devices, stealing crypto directly or redirecting transactions to attackers’ wallets.

=====

I then asked grok:

Explain SIM Swapping: Hackers take over a victim’s phone number to bypass two-factor authentication (2FA) and access crypto accounts.

SIM swapping is a type of cyberattack where a hacker tricks a mobile carrier into transferring a victim’s phone number to a SIM card controlled by the attacker. This allows the hacker to intercept calls, texts, and authentication codes, bypassing two-factor authentication (2FA) to gain unauthorized access to cryptocurrency accounts. Here’s how it works and why it’s a threat:

How SIM Swapping Works

  1. Information Gathering: Hackers collect personal details about the victim (e.g., name, address, date of birth, or phone number) through phishing, data breaches, or social media.
  2. Social Engineering: The hacker contacts the victim’s mobile carrier, impersonating the victim. Using the gathered information, they convince the carrier to port the phone number to a new SIM card (controlled by the hacker).
  3. Number Takeover: The carrier reassigns the victim’s phone number to the hacker’s SIM. The victim’s phone loses service, and the hacker receives all calls and texts.
  4. Bypassing 2FA: Many crypto accounts use SMS-based 2FA, sending a code to the user’s phone to verify login attempts. With control of the phone number, the hacker intercepts these codes.
  5. Account Access: The hacker resets passwords or logs into the victim’s crypto exchange, wallet, or related accounts, transferring funds to their own wallets.

Why It’s a Threat to Crypto

  • Irreversible Transactions: Cryptocurrency transactions are typically irreversible, so stolen funds are nearly impossible to recover.
  • Widespread Use of SMS 2FA: Many crypto platforms rely on SMS-based 2FA, which is vulnerable to SIM swapping.
  • High Value Targets: Crypto holders are prime targets due to the potential for large, quick profits.
  • Difficult to Detect: Victims may not notice the attack until their phone loses service or funds are gone.

Real-World Impact

SIM swapping has led to significant losses. For example, in 2019, attackers stole millions in crypto from high-profile individuals by exploiting weak carrier security and SMS-based 2FA.

Prevention Tips

  • Use Non-SMS 2FA: Opt for authenticator apps (e.g., Google Authenticator, Authy) or hardware keys (e.g., YubiKey) instead of SMS-based 2FA.
  • Secure Carrier Account: Add a PIN or passphrase to your mobile account and ask your carrier to restrict SIM changes without in-person verification.
  • Limit Personal Information Exposure: Avoid sharing sensitive details online and be cautious of phishing attempts.
  • Use Cold Storage: Store most of your crypto in offline wallets (e.g., hardware wallets) to reduce exposure to online hacks.
  • Monitor Accounts: Regularly check crypto accounts and set up alerts for suspicious activity. If your phone loses service unexpectedly, contact your carrier immediately.

SIM swapping exploits weaknesses in mobile carrier security and SMS-based authentication, making it a potent threat to crypto holders who don’t use stronger 2FA methods or secure their accounts properly.

I remain confident that TEXITcoin is NOT a scam.

https://revealingfraud.com/2025/05/health/the-integrity-behind-texitcoin/

Disclaimers:  I, Jason Hommel, am paid to research and write about TEXITcoin.  My wife and I own TEXITcoin and we are miners of TEXITcoin.

Leave a comment