Since the inception of Bitcoin in 2009, the cryptocurrency market has registered exponential growth. Cryptocurrency usage is snowballing; total transaction volume grew to US$15.8 trillion in 2021, up 567% from 2020, according to Chainalysis.
Given this roaring adoption, it is no surprise that the countenance of fraud and scam cases has grown. From year to year, more cybercriminals exploit cryptocurrencies to perform scams, some potentially untraceable.
To track the evolution of fraud cases and trends, we’ve compiled an overview of a wide range of cryptocurrency-related scams observed from 2019 to 2021.
In the process, we relied on the following questions: How did scams evolve over the years? Is the number of scam cases likely to decrease in the future, and what countermeasures can be applied to achieve this?
Let’s dive in.
2019’s cryptocurrency boom attracted significant attention from scammers. While cryptocurrency-based scam revenue dropped sharply to US$1.7 billion in 2018, scammers more than tripled their revenue in 2019, extorting US$4.3 billion worth of cryptocurrency from millions of victims. Note that the vast majority of the scam revenue came from Ponzi schemes, which accounted for 92% of the total.
Ponzi schemes are fraudulent investment scams that promise astronomical returns with little to zero risk. These schemes use the money collected from new investors to pay off early investors, intending to maintain some semblance of legitimacy and attract new investors. Because Ponzi schemes rely on a steady flow of cash to function, when the flow ceases, the schemes collapse.
According to the Chainalysis Crime Report 2020, Ponzi schemes accounted for 92% of the total scam revenue in 2019, meaning victims lost US$3.9 billion to Ponzi schemes alone. Note that the Plus Token scam remains one of the biggest Ponzi schemes in the history of digital assets.
Based in China, Plus Token presented itself as a cryptocurrency wallet that would reward users with an outstanding ROI — as high as 30% per month — if they purchased the wallet’s native PLUS token with Bitcoin or Ethereum. These fake promises brought over US$2 billion worth of cryptocurrency investments from over 3 million victims. The game, however, changed when the wallet abruptly ceased fund withdrawals. Following several complaints, Chinese authorities launched an investigation and discovered Plus Token to be a Ponzi scheme.
2020 was marked as an incredible year for the crypto space. The widespread adoption of digital assets — thanks to the Covid-19 pandemic — propelled the crypto market to post growth rates like never before. Besides this, total cryptocurrency scam revenue dropped by 75%, from roughly US$9 billion in 2019 to just under US$2.7 billion in 2020.
According to the hypothesis from AMLBot, scam revenues dropped as cryptocurrency users and the general public became more aware of Ponzi schemes like Plus Token. However, in 2020, a new type of scam known as the “investment scam” emerged, accounting for nearly all scam revenue during the year.
With investment scams, scammers lure investors into pouring in capital — most often, cryptocurrencies — promising to grow the investment and provide excellent returns. However, once the money is in, the scammers disappear. For instance, Mirror Trading International (MTI) executed the year’s most significant investment scam.
According to a report by the Commodity Futures Trading Commission, South Africa-based crypto trading platform Mirror Trading International swindled over US$1.7 billion worth of cryptocurrencies, robbing thousands of innocent investors. J-enco.com followed the MTI scam at US$300 million and PGIGlobal.trade at around US$200 million. Other names on the list included MMMOffice.global, Forsage.io, MiningCity.com, PranceGoldHoldings.com, QubitTech.ai, JubileeAce.com, and TorqueBot.net.
Cryptocurrency-based crimes hit a new all-time high last year. Overall revenue from crypto scams rose 82%, to US$7.8 billion, per the Chainalysis Crime Report for 2022. Note that over US$2.8 billion of this aggregate came from “rug pulls,” a relatively new type of cryptocurrency scam.
Ever heard of a crypto project being “too good to be true?” Beware, as it might be an investor trap.
Under the appearance of a legitimate cryptocurrency project, scammers promise massive investment returns and draw in hefty investments as a part of the deal. However, the game changes as the brains behind the project decide to drain the funds abruptly. This type of scam is dubbed “rug pull,” i.e., pulling the rug out from underneath.
According to Chainalysis, cryptocurrency rug pull scams were responsible for more than US$2.8 billion of losses throughout the year. At the same time, decentralized finance (DeFi), the financial arm of crypto, remained a prime victim of rug-pulling among other sectors, such as NFTs (non-fungible tokens).
“Rug pulls have emerged as the go-to scam of the DeFi ecosystem, accounting for 37% of all cryptocurrency scam revenue in 2021 versus just 1% in 2020,” stated the firm’s report. We at AMLBot believe that the reason for this type of scam flourishing is the lack of regulation and the widespread anonymity of the individuals behind such projects.
The chart below shows 2021’s top 15 rug pulls in order of value stolen.
The Turkish cryptocurrency exchange, Thodex, executed the largest rug pull of the year. The exchange’s founders disappeared with over US$2 billion in client funds in April 2021, shortly after the exchange halted the withdrawal ability of its users. Note that the Thodex rug pull represents approximately 90% of the cumulative value stolen in rug pulls during 2021.
The Dogecoin-inspired AnubisDAO followed the Thodex rug pull at US$58 million, and the Binance Smart Chain-based exchange Uranium Finance at US$50 million. Other names on the list ranged from funny to absurd, from SQUID and Meerkat Finance to Polybutterfly. Besides rug pulls, Finiko perpetrated another type of scam in 2021. Finiko — a Ponzi scheme that promised 30% monthly returns — collapsed in July 2021 after receiving more than US$1.5 billion from victims, primarily from Russian and Ukrainian regions.
In 2022, we’ve witnessed the Web3 movement attract scammers who target sensitive data such as personal information and payment card details through fake websites. Malware, distributed via infected hardware wallets, is becoming a problem for private users as well.
Another trend we see is the activity of scam tokens, particularly in the BSC blockchain net. After listing their token on PancakeSwap, scammers promote it on niche portals, launch pre-IDO, pull in the money, and withdraw it immediately through Tornado Cash. Due to this problem, the matter of controlling mixers stands very acute nowadays, as it is an integral chain for this type of scammer.
So what is in store for the rest of this year and beyond? First, during the bear market, we’ve seen a slight increase in scam projects that use launchpads. Second, new participants are entering the crypto market, which means another wave of fraudulent schemes based on ignorance of the basic principles of cybersecurity.
If nothing cardinally changes in the geopolitical arena, we will continue to observe these two trends until mid-2023.
Crypto adoption grows gradually from year to year. It’s worth noting that, despite the increase in criminal activities, statistics collected by AMLBot show that less than 1% of all crypto transactions are illegal. Moreover, the amount of scams is not correlated directly to Bitcoin’s price.
The year 2022 is indelibly marked by the collapse of FTX crypto exchange. But let’s lean into the numbers. The total sum of the assets managed by FTX before the crash was estimated to be US$6 to US$10 billion, while the crash of Lehman Brothers in 2008 led to US$613 billion in losses, causing a much harder hit on the global financial system.
It is safe to conclude that as the crypto industry continues to flourish, the scams are also becoming more elaborate. Still, proactive implementation of regulations and the growth of security protocols will bolster the crypto space and eradicate scams to a greater extent. As the broader public stop perceiving crypto as an asset for investment but more of a means of transaction, including payments and smart contracts in different variations, the number of fraudsters will likely significantly decrease.
Slava Demchuk is the Hong Kong-based cofounder and CEO of AMLBot, a service for checking cryptocurrencies for connections with illegal activities, to help institutions with regulatory compliance. He is also CEO of PureFi, an anti-money laundering protocol for DeFi. Originally from Kiev, he serves as a vice president of the Blockchain Association of Ukraine and a member of Foresight Virtual Assets 2030, which advises the European Commission on digital assets.
Delivered weekly on Thursdays
An unmissable weekly round up of the biggest stories in emerging tech from an Asian perspective, featuring commentary from Forkast Editor-in-Chief Angie Lau. Check out recent editions.
Delivered weekly on Thursdays
An unmissable weekly round up of the biggest stories in emerging tech from an Asian perspective, featuring commentary from Forkast Editor-in-Chief Angie Lau. Check out recent editions.
Author
Administraroot