Over the last few years, more and more people have been interested in and investing in the crypto market. Deceptive threats have also since become more sophisticated and have more serious consequences.

Deceivers can plan scams and leverage technology to exploit users’ trust. Not many people who have invested in cryptocurrencies have fallen victim to these tricks.

Advanced phishing attacks

Phishing attacks targeting crypto wallets and accounts on exchanges can be carried out through a variety of sophisticated tactics, exploiting users’ trust to steal private keys or credentials.

To carry out these attacks, the scammer will create fake websites that look similar to the legitimate platform. They then send scam emails masquerading as trusted organizations to trick victims into sharing sensitive information.

The attacker may employ the following sophisticated tactics:

– Wallet drainers: These are malicious programs used in deceptive attacks. After the victim connects the wallet to the scam site and approves the malicious transaction or grants the token rights, the attacker can automatically transfer money out of the wallet.

– Quishing: Malicious QR codes are used in email, text messaging, or public places. When scanned, this code redirects users to fraudulent websites or triggers malicious downloads to steal personal information. financing or credentials.

– Spear phishing: This method targets specific individuals or organizations. Scammers will compose personalized messages, often using emergency phrases such as “It’s time to act” to create panic and pressure the victim to make a mistake.

In August, a developer’s crypto wallet on the Ethereum network was drained after he installed a malicious extension. After the private key information was stolen, all of his electronic money was also transferred.

Rug pull (Liquidation withdrawal)

Scammers will often take advantage of decentralized financial platforms (DeFi) and NFT projects to do so. Rug pull was the common tactic, in which developers abruptly withdrew their liquidity and disappeared with the investor’s money.

These projects always promise unusually high profits or proprietary digital assets. Many projects are overblown on social media sites but do not provide real value.

Signs that warn rug pull projects include unrealistic high-margin promises with low risk, an anonymous team, unwillingness to share identity, or a lack of transparent audit.

Theo CoinTelegraphSince the beginning of 2025, rug pull has caused nearly $6 billion in damage in the Web3 ecosystem. A notable example is the Libra token on the Solana network. The token’s market value soared after being mentioned by the President of Argentina on social networking site X. After the post was removed, the token price dropped by over 94%, leading to the alleged rug pull.

Anonymizer

Impersonation is a common problem on social media. Scammers will pose as trusted influencer, developer, or support staff on platforms such as X.

 

They will then infiltrate conversations or create fake profiles to tap users who are seeking quick returns. Cheaters often run fake gift programs that promise double the profit if you send a small “verify” amount.

They may also create impersonation accounts to copy celebrities or send direct messages posing as a floor support department to access wallets or request emergency transfers.

In 2024, crypto-offensives caused $ 9.9 billion in damage globally, with impersonation fraud up 4-fold.

AI – enabled Deepfake scam

Deepfake fraud using AI has emerged as a major threat, using advanced technology to trick users and steal property. Criminals use artificial intelligence (AI) to create videos or extremely authentic voice replicas of executives, influencers, and celebrities.

Deepfake content can be very misleading, even to wary users. They blur the lines between real and fake communication, exploit trust, and create fear of missing out (FOMO).

In August 2024, the newspaper New York Times called Elon Musk’s version of the deepfake “the biggest con man on the Internet.” Steve Beauchamp (82) was convinced by the deepfake video and invested his entire $ 690,000 savings over several weeks. Then, the money disappeared.

Forge Crypto Support

Cryptographic support fraud is a growing threat. Scammers often pose as customer support agents from trusted exchanges or wallet providers.

They will contact the victim via social media platforms such as X, Telegram, or fake websites that closely resemble the official domain name. By offering seemingly genuine support, they will tap into users’ trust.

Some common moves are phishing links, masking them as support portals, requesting private key information or seed phrases, etc..

 

– Q.T.T –