Fraudsters can plan scams and take advantage of technology to exploit users’ trust. Many cryptocurrency investors have fallen victim to these tricks.
Advanced Phishing Attacks
Phishing attacks targeting crypto wallets and exchange accounts can be carried out through a variety of sophisticated tactics, exploiting users' trust to steal private keys or login credentials.
To carry out these attacks, criminals will create fake websites that look like legitimate platforms. They will then send phishing emails impersonating trusted organizations to trick victims into sharing sensitive information.
Fraudsters can create fake websites that look and feel like legitimate platforms (Photo: National Economy Newspaper).
Attackers can use the following sophisticated tactics:
- Wallet drainers: These are malicious programs used in phishing attacks. Once the victim connects the wallet to the phishing site and approves a malicious transaction or grants token permissions, the attacker can automatically transfer funds out of the wallet.
- Quishing: Fraudsters use malicious QR codes placed in emails, text messages, or public places. When scanned, these codes redirect users to fraudulent websites or trigger malicious downloads intended to steal personal, financial, or authentication information.
- Spear phishing: This method targets specific individuals or organizations. The scammer will compose personalized messages, often using urgent phrases such as “Immediate action required” to create a sense of panic and pressure the victim into making a mistake.
In August, an Ethereum developer's crypto wallet was drained after he installed a malicious extension. After his private keys were stolen, all of his cryptocurrency was transferred.
Rug pull (Liquidity withdrawal)
Scammers often use decentralized finance (DeFi) platforms and NFT projects to do this. Rug pulls are a common tactic, where developers suddenly withdraw liquidity and disappear with investors' money.
These projects always promise unusually high returns or exclusive digital assets. Many projects are over-hyped on social media sites but do not provide real value.
Rug pull is a common tactic in which developers suddenly withdraw liquidity and disappear with investors' money (Photo: CNN).
Warning signs of a rug pull project include unrealistically high returns promises with low risk, an anonymous team unwilling to share identity, or a lack of transparent auditing.
According to CoinTelegraph , since the beginning of 2025, rug pulls have caused nearly $6 billion in damage in the Web3 ecosystem. A prominent example is the Libra token on the Solana network. The market value of this token skyrocketed after being mentioned by the President of Argentina on social network X. After the post was deleted, the token price fell by more than 94%, leading to the rug pull accusations.
Impersonation
Impersonation is a common problem on social media. Scammers pose as trusted influencers, developers, or support staff on platforms like X.
They then hijack chats or create fake profiles to exploit users looking for quick profits. Fraudsters often host fake giveaways, promising double profits for sending a small “verification” payment.
They can also create impersonation accounts that copy celebrities or send direct messages pretending to be exchange support to access wallets or request urgent transfers.
By 2024, crypto scams will cost $9.9 billion globally, with impersonation scams increasing fourfold.
AI-Powered Deepfake Scam
AI-powered deepfake scams have emerged as a major threat, using advanced technology to trick users and steal assets. Criminals leverage artificial intelligence (AI) to create incredibly realistic videos or voice clones of executives, influencers, and celebrities.
AI-powered deepfake scams have emerged as a major threat (Photo: GlobalNews).
These deepfakes are highly misleading and can fool even cautious users. They blur the line between real and fake communication, exploiting trust and creating fear of missing out (FOMO).
In August 2024, the New York Times called Elon Musk’s deepfake “the biggest scammer on the internet.” Steve Beauchamp, 82, was so convinced by the deepfake video that he invested his entire $690,000 savings over several weeks. Then the money disappeared.
Fake Crypto Support
Fake crypto support scams are a growing threat. Fraudsters often pose as customer support staff from trusted exchanges or wallet providers.
They will contact victims through social media platforms like X, Telegram or fake websites that closely resemble the official domain. By offering seemingly genuine assistance, they exploit the trust of users.
Some common tricks used include sharing phishing links disguised as support portals, asking for private keys or seed phrases, etc.
Source: https://dantri.com.vn/cong-nghe/5-chieu-tro-lua-dao-tien-dien-tu-pho-bien-20251008005941088.htm
![[Photo] Impressions of the Can Gio Whale Festival](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/10/09/1759984089762_image12334-5642-jpg.webp)
Comment (0)