Table 6 Description of fraud types identified in the academic literature
Label | Description |
|---|---|
Ponzi scheme/ high yield investment programme | Ponzi schemes and high yield investment programmes are the cryptocurrency version of Charles Ponzi’s scam technique, where outlandish interest rates are promised in return for investments. Returns on these investments are paid to investors with funds invested by new users that join the scheme until it is no longer possible to find new victims (Bartoletti, et al., 2018; Baum, 2018; Pryzmont, 2016; Reddy et al., 2018; Vasek, 2017; Vasek et al., 2015) |
Initial Coin Offering (ICO) scams | ICOs involve fundraising, often crowdfunding, to launch a new cryptocurrency (Anderson et al., 2019). Fraudulent ICOs, on the other hand, lure investors into paying money into cryptocurrencies for simple theft, or as part of pump-and-dump and Ponzi schemes (Barnes, 2018; Baum, 2018) |
Phishing* | Phishing involves creating a fake version of an official website (or email, etc. and, in this case, cryptocurrency websites) and getting users to input their private information on this website (Chen et al., 2020a) |
Pump-and-dump schemes | Pump-and-dump schemes are a type of stock market fraud and have been committed since the 1700s. They have recently been applied to cryptocurrencies. In the context of cryptocurrencies, fraudsters accumulate volumes of a low-value currency and then aim to artificially inflate its price by spreading misinformation, typically as a coordinated effort over the internet. When the value of the cryptocurrency increases, they sell everything to make a profit (Barnes, 2018; Baum, 2018; Chen et al., 2019c) |
Market manipulation | Market manipulation refers to market participants (including exchanges) and bots attempting to change the price of a cryptocurrency (ur Rehman et al., 2020) |
Exchange scam | Scams related to cryptocurrency exchange platforms entail the purposeful closing of a platform leading to financial losses for the cryptocurrency owners (Samsudeen et al., 2019). To that end, fraudulent exchange services entice victims through unique payment features or high exchange rates (Vasek, 2017; Vasek et al., 2015). Once victims have bought a cryptocurrency, the scammers simply close the exchange, taking the victims’ money without any repayment |
Scam wallet | Scam wallets are fraudulent services that masquerade as cryptocurrency wallets to siphon some or all of the currency transferred to them (Vasek, 2017; Vasek et al., 2015) |
Smart contracts honeypots | Smart contracts honeypots are smart contracts that seemingly contain design flaws. Users (the victims of this fraud) attempt to exploit these flaws, only to find that this perceived vulnerability did not exist. Instead, the code of the contract, when executed, does things like freeze their funds and only make them accessible to the scammer. For example, the honeypot could be set up to (appear to) leak funds (the bait) which a user may want to exploit by fulfilling the contract (e.g., paying a defined amount of cryptocurrency). The trap is that the code of the contract does not actually leak any funds but freezes them (for a detailed review, see Torres et al., 2019) |
Mining scam | Victims invest in cryptocurrency mining operations in the hope of getting larger sums back, only to never receive a pay-out (Vasek, 2017; Vasek et al., 2015) |
Fraudulent cryptocoins | No definition was reported in the reviewed studies. However, Higgins (2017) defines this type of fraud as the unauthorised use of names from established companies to gain the trust of potential investors |
Smart Ponzi Scheme | Smart Ponzi schemes apply the classic Ponzi schemes technique to smart contract platforms (Bartoletti et al., 2017; Chen et al., 2018a, d). The scammer makes money by taking parts of the investments of the victims for themselves rather than genuinely investing it. High interest rates or returns are paid with the investments of others rather than through a genuine increase in value |
Mining malware / cryptojacking | Mining Malware, also called ‘cryptojacking’, refers to malware programmes that run on victims’ machines and exploit the CPU to mine cryptocurrencies on behalf of the criminal (Anderson et al., 2019) |
Securities fraud* | Securities fraud is not defined in the literature (though specific references are made to the U.S. statutory definition). It involves carrying out a scheme to defraud in connection with a registered security or ‘to obtain, by means of false or fraudulent pretenses [sic.], representations, or promises, any money or property in connection with the purchase or sale of…any security’ (Corporate & Criminal Fraud Accountability Act of, 2002, 2009). In this context, said money or property could include crypto assets and the security itself could be a crypto asset |
Identity theft* | No definition of identity theft was included in the literature reviewed. However, the U.S. federal statutory definition is as follows: someone who ‘knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid and abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law’ (Identity Theft & Assumption Deterrence Act of, 1998, 2006) |
Wire fraud* | No definition of wire fraud was reported in the literature, though it is understood to refer to the U.S. statutory definition of the same. According to the U.S. Code, wire fraud involves ‘any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses [sic.], representations, or promises, transmits or causes to be transmitted by means of wire…in interstate or foreign commerce, any writings, signs, signals, pictures, or sounds for the purpose of executing such scheme or artifice’(18 U.S.C. § 1343) |
Wash trading* | Wash trading was not defined in the literature. However, the UK Financial Conduct Authority defines it in the Market Abuse Regulation as ‘a sale or purchase of a qualifying investment where there is no change in beneficial interest or market risk, or where the transfer or beneficial interest or market risk is only between parties acting in concert or collusion, other than for legitimate reasons’ (Financial Conduct Authority, 2021). In this case, the sale or purchase could be completed using cryptocurrencies or the qualifying investment itself could be a crypto asset |
Selfish mining* | Though selfish mining is not prohibited, per se, one article refers to it specifically as fraud (Phan et al., 2019). Selfish mining involves miners purposefully hiding blocks they have found so they can secretly mine on top of them, causing other miners to waste their computing power in trying to mine a block that has already been found. This allows the selfish miner to fork the blockchain, essentially enabling miners to carry out a 51% attack, but with a far smaller proportion of the overall hashing power (as little as 25%) (Phan et al., 2019) |
Romance scams* | Romance scams involve a nefarious actor gaining an individual’s trust by engaging in a romantic relationship with them. Once they have received said trust, the perpetrator requests money (in this case, cryptocurrency) from the victim (usually for something like an urgent surgery, because they temporarily cannot access their bank, etc.) (Navarro, 2019) |
Pyramid schemes* | In a pyramid scheme, participants earn money by recruiting other members to the scheme (in this context, a cryptocurrency investment scheme), rather than by delivering investments, products, or services (Jiaying, 2020) |
Malware scams* | Malware prohibits victims’ access to their phones or computers until they pay a ransom in cryptocurrency (Xia et al., 2020a). Traditionally, this type of scam is more specifically referred to as ‘ransomware’, a type of malware |
Insider trading* | The definition of insider trading was not reported in the literature reviewed. However, the U.S. Securities and Exchange Commission defines it as ‘buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence, on the basis of material, nonpublic [sic.] information about the security’ (U.S. Securities and Exchange Commission, n.d.). To be considered crypto fraud, such a security would need to be a crypto asset |
Imposter websites / apps* | This type of fraud was not defined in the literature. From the context of the article in which it appears, this form of fraud was understood to refer to creating fake versions of an official website or app (such as an exchange app, etc.) (Scheau et al., 2020)a |
Giveaway scams* | In a giveaway scam, a fraudster promises to give victims a reward for sending him/her a particular amount of cryptocurrency (which is never ultimately delivered) (Xia et al., 2020a) |
Fake agencies | Scammers pretend to be an existing exchange or government organization to steal cryptocurrency from customers (Samsudeen et al., 2019) |
Donation scams* | In a donation scam, a fraudster will pretend to be from a public organisation purporting to raise money (using cryptocurrency) for a worthy cause that does not actually exist (Xia et al., 2020a) |
Blackmail scams* | Blackmail scams were defined and discussed in the studies in the context of COVID-19. They refer to individuals claiming they will spread coronavirus unless the victim sends them cryptocurrency (Xia et al., 2020a) |
Arbitrage scams* | Arbitrage refers to investors profiting off price imbalances in the market. Scammers often combine arbitrage with counterfeit cryptocoins, i.e., they provide a scam address for the victim to send cryptocurrency to (to take advantage of an arbitrage opportunity). Rather than returning their profits, they send only counterfeit tokens to the victim (Gao et al., 2020) |
Airdrop scams* | Scammers promise to give various victims a free cryptocurrency token. Rather than providing the real cryptocurrency, they often send victims counterfeit tokens (Gao et al., 2020). In other cases, they airdrop token to trick a user into approving access to their online wallet; the scammer subsequently drains funds from their wallet |
Advance-fee scam* | An advance-fee scam involves convincing a victim to send cryptocurrency to a particular address. The scammer promises to return the full amount and more (though this money never arrives) (Phillips & Wilder, 2020) |