Bitcoin with shadowy figure

Cryptocurrencies have long been an attractive avenue for fraudsters. Why?

Just as fraudsters target online banks and loan providers, crypto exchanges are one of the quickest ways they can access the equivalent of digital cash. An FBI report found that reported losses from cryptocurrency-related fraud in 2023 increased 45% compared to the previous year, exceeding $5.6 billion.

At Onfido, we've also seen a concerning trend when it comes to crypto fraud. As public interest in crypto spikes or as the price of cryptocurrencies rises, fraud attempts also increase. With Bitcoin hitting an all-time high of $78,795 in November 2024, and estimates that there are now over 9,000 different cryptocurrencies worldwide, it’s unsurprising that crypto-related fraud has increased in 2024.

With this in mind, this article will examine some steps cryptocurrency businesses can take to enhance fraud detection.

What makes cryptocurrency so attractive to fraudsters?

As a sector, crypto is highly volatile and has seen a large amount of public interest. This in itself makes it an attractive and lucrative market for fraudsters. In addition:

  • Cryptocurrencies are digital by design. This means fraudsters only need access to a computer to leverage attacks such as hacking or phishing.

  • Transactions are irreversible. They can only be reversed by the person receiving the funds. So if a fraudster takes over an account, or funds are transferred to them, it’s virtually impossible to retrieve those funds.

  • Cryptocurrencies are decentralized. Cryptocurrencies can be held in custodial or non-custodial exchanges. If a custodial exchange is hacked, the crypto owner risks losing all of their assets, with no payment protection built in. If the owner holds crypto with a non-custodial wallet, it's hard to determine where the responsibility lies when fraud does happen.

  • Anonymity is built into the process. Crypto regulation is still evolving, and you generally don't need personal information to store or transfer crypto. It’s possible to track transactions on the blockchain, but fraudsters can create multiple wallets to make this harder, and even then it's difficult to identify who owns those wallets. 

As a cryptocurrency provider, fraud affects you as much as it affects your customers. Your users might lose their money and assets, but this can cause long-term reputational and monetary damage to your business. 

So what fraud scams and trends should your business be aware of?

Three common cryptocurrency scams and fraud trends

At Onfido, we’ve seen that as the price of cryptocurrencies goes up, so does the number of suspected fraudulent onboarding cases across our crypto customers.

As a crypto provider, you’re more likely to see a rise in fraudulent attacks when the price of crypto is higher. Similarly, you might experience spikes in fraudulent activity during promotional campaigns, such as referrals or sign-up bonuses. 

1. Fraudulent account creations

Fraudsters will routinely use fake or fraudulent identities to try and open accounts on crypto exchanges. If fraudsters are successful in opening a crypto account with a fake identity they will go on to sell these ‘legitimate’ accounts for profit. Very often, these types of accounts will go undetected until it’s too late.

Without effective KYC safeguards in place, it becomes very difficult to say who is a good or bad actor which is why effective onboarding processes that include identity verification and fraud prevention are a must. KYC protocols for cryptocurrency platforms are increasing (see crypto KYC requirements) which means it’s better for crypto providers to get ahead and establish such onboarding processes now rather than later and

In 2024, the price of Bitcoin hit another all-time high. This is likely why fraudulent onboarding attempts for crypto providers are up 50% year-over-year, from 6.4% in 2023 to 9.5% in 2024.

Graph showing price of Bitcoin and fraud rates

2. Cryptocurrency investment scams

Fraudsters often target victims directly with investment scams. This type of attack aims to get unsuspecting people to hand over money. They can be difficult to spot because the investment opportunity will often look legitimate.

  • Imposter websites and fake mobile apps: This is one way fraudsters try to trick unsuspecting customers into a crypto scam. Fraudsters set up websites to look like the original, or create fake apps available to download via the App or Google Play stores. 

  • Email phishing: Fraudsters email potential crypto investors, often announcing fake initial coin offerings as a way to steal substantial funds. 

  • Social media scams: Fake crypto social media accounts are widespread. Customers should avoid offers that come from Twitter or Facebook, especially if there seems to be an impossible return.

In 2023, cryptocurrency users lost nearly $2 billion to scams, rug pulls and hacks. The Financial Ombudsman Service has also seen a significant rise in scam complaints where people handed over their money after seeing an investment opportunity on social media platforms.

3. Cryptojacking

This is a type of fraud where scammers use someone else’s computer to mine cryptocurrency by getting victims to click on a malicious link. This then loads cryptomining code onto the computer. They can then steal cryptocurrency from digital wallets or use the hijacked computers to mine valuable coins.

How to protect against cryptocurrency fraud

Educate your customers

In addition to measures you can put in place as a business, you can also educate your customers about what they can do to protect themselves from fraud.

For example, customers should watch for:

  • Obvious spelling errors in emails, social posts or other forms of communications

  • When visiting crypto websites, checking for a lock icon indicating security near the URL bar and whether https appears in the site address

  • Social media crypto schemes that seem too good to be true

  • Psychological manipulation such as pressure or urgency to transfer funds

Use secure, seamless identity proofing

Onboarding is your first line of defense. Allowing bad actors or possible fraudsters onto your platform is likely to cause problems at a later stage. All it takes is one newsworthy case of fraud to bring down a business. To protect your business in the long term, it’s best to stop fraudsters from signing up in the first place.

But on the flip side, you don’t want to make the sign-up process overly arduous for your genuine customers. This is where digital identity verification comes in. A flexible approach allows you to dial up and down the identity requirements your customers must fulfill in order to buy, sell or trade cryptocurrencies.

For example, you might leverage a document check alone for users that deal with small amounts of crypto, and reserve biometric checks for high-value transactions or more ‘risky’ users.

Onfido works with global crypto providers like Zipmex, CoinDCX, Simplex and CoinCola to help prevent fraud. It's how we helped Zipmex save $10,000 from repeat fraudsters.

Identity Fraud Report

Learn more about fraud trends and measures you can put in place to protect your business and customers.

Read the Identity Fraud Report