● Advanced RMIT

How do you spot a crypto scam?

10 minutes 6 months ago

Scammers are not a new phenomenon. We unfortunately see scams across almost every industry from insurance fraud in Ancient Greece through to modern day Ponzi schemes, bank impersonations, data leaks and more.

As the crypto economy has grown, bad actors are seemingly targeting the emerging technology. Let’s be clear though, scammers are the problem, not crypto assets.

Let’s look at the numbers.

The Australian Consumer and Competition Commission (ACCC), reported that Australians lost $3.1 billion to all scams in 2022. Of which, only $160 million was lost to scams involving cryptocurrency. Whilst this is a mere 5.1%, any money lost to scammers can be reduced with more education.

So how can you spot a crypto scam? This article will provide key red flags to watch out for, tips to stay protected, and an action plan if you believe you’ve been deceived.

Red Flag #1 – Unsolicited Contact

A common tactic that scammers use is mass messaging. So, one of the first markers of a scam is that it comes from unsolicited content.


Example: An unsolicited email asking for personal login details to your cryptocurrency exchange account, claiming that your password has expired or that there is a security threat to your account. Or an unsolicited message from someone on WhatsApp (or other online message services like Facebook Messenger or Telegram) purporting to be someone you know. These tactics are designed to be deceptive, so it could look like a genuine message or profile.

Advance Fee

Example: An unsolicited email from someone claiming to be royalty, a celebrity, or just someone with a sad story. They claim to have a fortune and need your help in getting it out of the country. They ask for your credit card details or a bank transfer to help them pay with fees, in exchange for a share of the fortune. The details are generally vague.

Red Flag #2 – Unknown Party

Another marker of a scam is that contact comes from an unknown person that you have never met before. It is much less likely that you will be scammed by somebody that you know in real life.

Investment Opportunity Example: You click on an ad online about cryptocurrency investing. You leave your contact details and then receive a phone call about an investment opportunity. You Google the person who contacts you and there is no record of them on the internet. Or you find that there is a LinkedIn profile that was newly established and they have few contacts.

Tinder Swindler Example: You match with someone on a dating app or website. You strike up a conversation. They might ask for funds to help them with a personal crisis, such as an urgent surgery. Or they might tell you all about their investments and the money that they are making on a platform that you’ve never heard about before. They encourage you to set up a cryptocurrency account.

Red Flag #3 – Located Offshore

Many scams are sophisticated operations managed by international criminal organisations. Another marker of a scam is that the person is located outside of Australia – beyond the easy reach of Australian consumer protection and law enforcement agencies.

Hard to Pin Down Example: After receiving an unsolicited phone call from somebody that you do not know, you have signed up to a trading platform. The person claims to live in London. They have an office address in London, which appears to be genuine. There is no record of that business on Google Maps. There is no record of that business on the building’s tenancy directory. The company name on the website claims to be registered in the British Virgin Islands but you cannot find any more information online.

Time Zone Trouble Example: You are messaging someone on a WhatsApp after meeting on a dating app. They claim to live in another Australian city. They regularly message at early in the morning or late at night but they are usually not available during the day. They tell you that their job requires them to work on “London time”.

Red Flag #4 - Change of Domains

Websites can be shut down by domain name providers if they have been reported for abuse, or required under a court order. This will mean that the scam operation might register another domain name and shift the website to the new address – or rebrand entirely to avoid negative online reviews associated with the old name.

Website Error You have signed up to a trading platform. You access the platform through a website. After a few months of regular access, suddenly the website is not available. You email your contact who provides you with a different domain name. You can now log in.

Rebranding You have signed up to a trading platform. After a few months of regular access, the platform is now operating under a different name and logo and the website now looks different.

Red Flag #5 – Fees for Withdrawing

The goal of a scam operation is to extract the maximum amount of money. There are various tactics that are used to try and get one more payment. These tactics can be convincing if you have already sent significant funds.

Taxes Example: You have signed up to a cryptocurrency trading platform. Your trades have been profitable, and you want to withdraw some of your earnings. After you request a withdrawal, you receive a response that you must deposit additional funds to pay tax. Income tax is a personal liability between you and the tax office. Legitimate platforms do not charge or withhold taxes on earnings.

Withdrawal Fees Example: You have invested in what you thought was a foreign exchange platform. You request to withdraw your balance from the platform only to be told that you must pay new fees of thousands of dollars that you were not expecting. Legitimate platforms do not charge exorbitant fees, and must provide you information about their fees and charges.

Green Flags to Avoid Scammers

Do your due diligence

Obtain appropriate financial and legal advice for your investment. Know who you are dealing with – verify the identity of the person or entity you are sending crypto assets to. Most scammers don’t pass a Google search check. Does the email or website look odd? Does the entity actually exist? Is the celebrity or influencer endorsement posted from their own accounts? Does the offer sound too good to be true?

Be open with your advisors and service providers

One tactic that scammers will use to avoid detection is to tell you that you shouldn’t tell the banks or cryptocurrency exchange about them. In an investment context, they might say things like “they banks don’t like us because we make higher returns.” In a romance context, they might say things like “if you reveal my identity, I’ll be exposed by the authorities and I won’t be able to see you.” Honesty is the best policy in dealing with your advisors and service providers. Discuss openly with your family or friends about any potential investments or transfers.

Take responsibility

Prevention is the best cure. Use a reputable digital currency exchange. Implement good cyber security hygiene including securely managing passwords, enabling two-factor-authentication on accounts, and not allowing remote access programs. When cryptocurrency is under your direct control (through hardware or software wallets), make sure you have thought about how you will securely store your private keys.

Action Plan

If you believe you have been defrauded, the first priority is to ensure that you do not lose any further money.

Do not send any further funds.

If you use a digital currency exchange, contact it immediately.

If the transaction involves a bank or another payment processor (e.g., PayPal), contact those entities immediately.

Change any passwords.

Consider what other personal information may have been compromised (e.g., passport, other identification) and report to relevant authorities.

You can then think about reporting. Note that you are not required to make a report and reporting is unlikely to result in recovering funds, but it may help prevent others from being defrauded and help law enforcement investigations.

Make a report to the Australian government’s Scamwatch.

Make a report to Chainabuse.

You can also consider obtaining legal advice about bringing a civil claim in Court.

Obtain legal advice.

As crypto assets continue to increase in popularity and adoption, scammers will continue to resort to targeting consumers and using crypto assets to perpetrate fraud. In this article we’ve explored some of the red and green flags to keep your assets secure and an action plan if things go wrong. Stay safe out there.


Dr Aaron Lane, Dr Darcy Allen and Dr Max Parasol are with the RMIT Blockchain Innovation Hub, RMIT University

Disclaimer: This article is educational in nature and designed for general information purposes only. You should seek independent legal, financial, taxation or other advice to check how the information relates to your unique circumstances.

Share this article

Further Reading

● Advanced Technology
Different Types Of Tokens Explained
Utility, security, and governance tokens - Discover what they do, and what makes them different from one another.
8 minutes a year ago
● Beginner Crypto Basics
Crypto Glossary
A run through many important words & investing terms you will hear when discussing cryptocurrency. We hope this can help both experienced and new traders alike. This glossary will be updated over time.
8 minutes 3 years ago
● Beginner Technology
Important DeFi Terms That You Need to Know
Heard someone talk about DeFi but it sounds like a different language? This article will explain the ins and outs of important DeFi terms.
5 minutes 2 years ago

Join 2.5 million other users
and start earning!