Popular Crypto Scams and How to Spot Them

The rapid growth and decentralised nature of cryptocurrencies have created a breeding ground for fraudsters, leaving unsuspecting investors vulnerable to losing their life savings.

Scam #1: Crypto ponzi schemes

Ponzi schemes have been around since the 1870s, but they have found a new home in the world of cryptocurrencies. These scams lure investors with promises of high returns and rely on the continuous influx of new participants to sustain their payouts. However, every Ponzi scheme is ultimately doomed to failure, as the pool of new investors dries up.

OneCoin was a classic crypto Ponzi scheme and one of the largest fraud schemes ever perpetrated, scamming investors out of $4 billion(1). OneCoin was launched in 2014 as a Bitcoin killer, even as its founders referred to it privately in emails as a "shitty coin". In fact, it was designed from the very beginning as a way to defraud investors.

Investors were sold educational packages costing anywhere between EUR 100 and EUR 225,500(2), with the fictitious promise of future mining rights. OneCoin also operated as a multilevel marketing network in which investors were rewarded for recruiting others. It allegedly promised investors a five-to-tenfold return on their investment.

However, the mask started to slip in 2016 when investors faced increasing difficulties recouping their investment. As rumours started to spread online that the venture was a scam, international and US federal investigators eventually got involved.

Here are some red flags that can help you spot a Ponzi scheme:

  • If an investment is too good to be true, it probably is a lie;
  • A lack of clarity over how the returns are actually generated;
  • Withdrawals are discouraged or made conditional on recruiting others;
  • Celebrity endorsements or testimonials that often turn out to be false.

Scam #2: Fraudulent crypto exchanges

You may be surprised to learn that the first crypto-currency exchanges were regulated as early as 2013, when the US Department of Treasury's Financial Crimes Enforcement Network (FinCen) classified virtual currency businesses as Money Service Businesses(3).

However, most crypto-currency exchanges have traditionally shied away from government regulation, preferring instead to run their businesses from offshore jurisdictions, often through complex company structures.

In 2021, the founders of Africrypt, South Africa's largest cryptocurrency exchange disappeared with $3.6 billion worth of Bitcoin(4), after sending investors an email claiming that their platform had been hacked. They have never been seen since.

Unfortunately, cryptocurrency exchanges have a long history of being hacked. Mt. Gox was the largest cryptocurrency exchange in the world when it was hacked in 2014 and lost over 850,000 Bitcoins, worth around $460 million at the time.

Here are some tips for avoiding fraudulent cryptocurrency exchanges:

  • Only use exchanges that are regulated by a reputable financial authority. This provides assurance that a regulator is satisfied that the exchange is a safe and secure place to trade.
  • Do your research on the exchange before depositing any funds. This includes checking the exchange’s reputation and that of its founders. It’s also a good idea to read reviews from other users to get a sense of their experience.
  • Move your cryptocurrency to cold storage once your purchase is done. When you store your assets on exchange, you’re essentially handing over control to the exchange. If the exchange were to be hacked or go out of business, you could lose the entirety of your investment. This is the meaning of the expression "not your keys, not your coins".

Scam #3: Rug pulls

A rug pull is a scam whereby the developers of a new cryptocurrency project abandon their project shortly after launch and vanish with investors' funds. The expression "rug pull" implies that investors had a rug pulled from under their feet.

A rug pull usually unfolds as follows:

  • Developers create a new cryptocurrency project and promote it heavily. They may launch a website, draft a white-paper and open social media accounts for the project.
  • They’ll usually make bold claims about how their project could revolutionise how people live, work or play. They may also imply price appreciation through their token’s economics.
  • Once they have raised enough funds, the developers will sell their tokens and abandon the project, leaving it worthless.

Squid Game was a cryptocurrency project inspired by the popular Netflix series of the same name. The project promised to create a play-to-earn game that would allow users to earn SQUID tokens by playing games. However, the project was a rug pull, and the developers abandoned the project after raising $3.36 million from investors.

Here are a few red flags that could indicate that a project is a rug pull:

  • The token isn't listed on centralised exchanges, and/or may only be available to investment through liquidity pools. Liquidity pools are the most common kind of rug pull rug because they easily allow the project’s backers to withdraw liquidity.
  • The developers are anonymous or have a limited online presence. Look-up their credentials on LinkedIn or even Github to get a feel for their contributions to open source projects.
  • The project's website was recently launched and/or their social media accounts have either few followers or low engagement.

Scam #4: Phishing

A cryptocurrency wallet is the digital equivalent of your purse or bank account. These wallets are secured by seed phrases: long combinations of words that provide a higher level of protection than passwords. However, seed phrases have also become a target for fraudsters seeking to steal your cryptocurrency.

Fraudsters may send you emails that contain links that, when clicked, take you to a website that replicates your wallet provider or even crypto-currency exchange. They’ll prompt you to login with your seed phrase and take control of your wallet shortly after that.

Here are a few things you can to avoid crypto wallet scams:

  • Never, under any circumstance, share your wallet's seed phrase. Your wallet provider will never ask you to share your seed phrase. Keep this seed phrase private and store it in a safe place.
  • Never click links in emails that claim to be from your wallet provider. Instead, hover over any links to reveal where they will take you and pay close attention to the sender’s email address. However, as even email addresses can be spoofed, it's always advisable to visit your wallet provider's website directly.
  • Always be suspicious of urgent calls to action, no matter how important they may seem. Scammers often create a sense of urgency to compel you to act and reveal your wallet's seed phrase. If in doubt, contact your wallet provider directly to verify the accuracy of any information you've received.


Cryptocurrency is an exciting field full of promise. However, it's also been a profitable breeding ground for unscrupulous actors. This is why TrustedBrokers only partners with established CFD brokers, overseen by credible regulators. We also monitor the validity of their licences in near real-time and mark valid licences with a checkmark to help you find a broker you can trust.

Share this article:


About the author

I'm Stefan, a trader and an entrepreneur. My mission with TrustedBrokers is to help you find the right broker for you, whether you're a beginner or a pro. I've personally used and tested the brokers on our service, opening and funding real-money accounts, contacting customer service and placing trades. I started my career in investment banking in London.

Leave a comment

Your email will not be published. Required fields are marked with *