Anyone with stashes of Ether cryptocurrency might want to watch out for increasingly cunning scammers, who’ve found out how to make big funds with simple swindles.
In 2018, tricksters made $36 million by duping Ether owners into handing over their money for no one’s profit but the crooks’. That was double the $17 million for 2017, according to a report from Chainalysis, which tracks cryptocurrencies for all manner of government agenices, private entities and exchanges. (Chainalysis classes scammers as different to hackers who exploit bugs and outright steal cryptocurrency, such as those who stole $32 million in Ether in 2017. Indeed, hackers are making more than scammers, thanks to repeat smash and grabs from 2016 through 2019.)
And while the number of scams actually started decling through 2018, they “were bigger, more sophisticated and vastly more lucrative,” according to the analysis, exclusively provided to Forbes. Chainalysis found more than 2,000 scam addresses on Ethereum, the blockchain-based platform on which Ether (also known by its acronym ETH) is distributed. Those accounts received funds from nearly 40,000 unique users over last year. That’s four times more people scammed in 2018 than 2017.
Classic ponzi schemes are working
According to Philip Gradwell, chief economist at Chainalysis, one of the most significant scams of 2018 was the classic ponzi scheme. This saw scammers send out emails to Ether owners, asking them to contribute money for which they’d see a guaranteed return. Of course, the return was simply derived from other people contributing to the pot, not from any genuine investment.
One of the most significant pyramid schemes was that of 333 ETH, said Gradwell, which made off with $3.5 million worth of Ether. Running on the Ethereum-based DApp decentralized application, it promised a daily 3.33% payout from an initial buy-in. Though it was called out as a scam, it still attracted a significant number of Ether owners. Forbes attempted to find contact details for 333 ETH, but its Russian-language website was down at the time of publication and there were no contacts listed in the site’s registration details.
The other major scam, which was leading to more significant losses in the first half of 2018, was the fake initial coin offering (ICO). Gradwell said this was down to an ICO “fever” in the early stages of last year. In some cases, entirely fake ICOs were created with legitimate-looking websites and campaigns behind them, encouraging people to buy up some fancy new currency. The coins then mysteriously disappeared, as the ICO turned out to be a fraud.
Finally, standard phishing, where unwitting victims were duped out of their account passwords. Once inside Ether wallets, the hackers ransacked the cryptocurrency within.
An emerging Android threat
While it’d be wise for Ether owners to use complex passwords and be aware of scammers tricks, there’s an emerging threat out there in the form of fake Android apps.
Lukas Stefanko, a cybersecurity researcher at ESET, has found a number of fake Ether wallets going around Google Play. Often they impersonate MyEtherWallet or MetaMask, trying to rob users of their login details for the real apps. Each time Stefanko has warned Google, the apps have been swiftly removed.
Just earlier this week, the researcher tried out a mini social experiment, asking his Twitter followers to pick one of two MyEtherWallet apps that were on Google’s market. A worrying 40% chose the fake.