Identifying and overcoming crypto scams
Mike Meisels, Senior Enterprise Account Executive at Chainalysis, breaks down the most common scams in the current cryptocurrency market, and solutions to help to mitigate risk.
While adoption of cryptocurrency continues to grow, the risk of crime will, too, as bad actors find new technologies to take advantage of. When we look at scam revenue trends, based on Chainalysis data, scams were once again one of the biggest drivers of cryptocurrency-based crime, with associated wallets bringing in at least US$4.6 billion in revenue in 2023. While that represents a year-over-year decline compared to 2022, this is a lower-bound estimate based on value sent to addresses currently identified as scams.
As scammers become more sophisticated and varied in their tactics, it also becomes more and more difficult to identify addresses associated with crypto scams.The bad actors behind romance scams, also known as “pig butchering” scams, often share addresses with victims through one-to-one communication channels like text. Unless victims report their losses to the authorities, it can be difficult for blockchain analysts to identify those addresses as scam-related. These complications likely cause more undercounting of scam activity.
The most common types of crypto scams
In our Chainalysis Crypto Crime Report 2024, we took a deep dive into two key scam trends dominating the market today – romance scams and approval phishing scams.
Romance scams have increased by an estimated 85x since 2020. However, 2023 was a significant year for romance scammers as we saw their revenue more than double year-over-year. This is especially concerning when we factor in that romance scams have the worst impact on victims of all scam types, based on average payment size. Being mindful that many victims likely make multiple payments to an individual scam address, the actual losses per victim can be much higher than these averages.
The other type of scam making a reappearance in recent years is approval phishing. Approval phishing differs from other crypto scams in a small, but important way. Typically, scammers trick victims into sending them cryptocurrency, usually through a phony investment opportunity or by impersonating somebody else. In an approval phishing scam, the scammer tricks the user into signing a malicious blockchain transaction that gives the scammer’s address approval to spend specific tokens inside the victim’s wallet, allowing the scammer to then drain the victim’s address of those tokens at will. Some victims have lost tens of millions to these scams. The suspected approval phishing scammers we’re tracking saw their revenue peak in May 2022. Overall, 2022 saw victims lose an estimated US$516.8 million to approval phishing, versus US$374.6 million in 2023 through November. The ten largest approval phishing addresses combined account for 15.9% of all value stolen during the time period studied, while the 73 biggest account for half of all value stolen.
It’s also worth noting that some scams could theoretically fit into multiple categories. Many romance scams, for instance, have an online footprint that’s virtually indistinguishable from the typical investment scam, with websites and social media posts promising improbably high returns. We primarily categorise these scams as romance scams based on information from victims, customers or partners, and other sources indicating that the scammers are utilising the tactics typical of a romance scam, meaning that they’re contacting individuals and attempting to build relationships in order to con them. As such, we should keep in mind that some scams we categorise as generic investment scams are likely also engaging in romance scam tactics.
How the Chainalysis data platform aids in scam detection and mitigation
Chainalysis is a blockchain data platform that has been providing solutions, services, data, and research for over ten years. We support government agencies, financial institutions, and crypto-native and cybersecurity companies worldwide.. Our ground truth data, accrued over years of inputs, fuels our solutions, helping customers participate safely in the crypto and Web3 arenas while promoting secure consumer access to cryptocurrency.
The Chainalysis data platform maps real-world entities to on-chain activity, and understands relationships amongst those entities through a three-step process.
- First, we collect ground-truth attribution, which empirically validates that an entity controls a given on-chain address.
- We then apply deterministic clustering heuristics on top of that initial attribution, to cluster potentially millions of addresses controlled by that attributed entity.
- Third, we take those entities, which we’ve bucketed under our different categories, and calculate the risk exposure of an entity. This creates a comprehensive map connecting clusters and understanding the category risk exposure of an identified entity in question.
Through our technology solutions, comprehensive analysis, research reports, and subject-matter expertise, we help organisations across the public and private sectors answer their most critical questions about on-chain blockchain intelligence. With those answers in hand, organisations can provide safe and compliant crypto services, manage risk exposure, and track illicit activity – including scams.
A great success story from this is our work with the Santa Clara County in the US, and their REACT Task Force, which has managed to quickly trace and recover funds in a number of pig butchering scams using blockchain analysis tools. Additionally, last year, Tether and OKX announced that they collaborated with the United States Department of Justice in an investigation that led to Tether freezing approximately US$225 million in USDT tokens linked to an international human trafficking syndicate in Southeast Asia responsible for romance scams, helped in part by Chainalysis solutions.
Prevention, detection & disruption: an ecosystem-wide strategy
Tackling scams requires an ecosystem-wide strategy that brings together the public sector, private sector and civil society. A first line of defence comes from preventive efforts such as public education. Our annual crypto crime report aims to provide the industry – and the wider general public – about the latest trends in illicit activity. We also provide training services to enable law enforcement and the private sector to use blockchain analysis to identify and track illicit activity on-chain.
But an enduring solution will require boosting law enforcement capacity to address cyber-enabled crime domestically and across borders, and disrupting the illicit financial infrastructure that underpins this activity. When it comes to prevention, what’s important is a clear framework agreed by all parties on what the respective responsibilities are with regard to scam prevention – financial institutions, telcos, digital platforms, and the consumers themselves. We know work on this is already under way, and it’s vital that it brings together all the relevant stakeholders. When it comes to response, speed is of the essence. When someone reports a scam to the police, how quickly does that address get tagged? Are there sufficient structured information sharing mechanisms between banks, exchanges and law enforcement? On disruption, we know that it’s hard to catch scammers because they’re frequently changing wallet infrastructure. But we can also look at the networks behind them through blockchain analytics.
Final thoughts
As value increasingly migrates to the blockchain, the demand for Chainalysis data will persist across various applications, including investigations, risk assessment, and growth strategies. This data will also play a crucial role in financial and other sectors. Moreover, stablecoins are paving the way for mass adoption, and we anticipate the emergence of additional adoption vehicles in the near future. We are committed to continuously evolving with the rapidly changing ecosystem, drive greater operational efficiencies, and enhance our customers’ experience.
Crypto crime, including scams, will always remain a risk that the industry needs to address and manage. Vigilance, along with robust AML and KYC policies, is essential in disrupting the networks that facilitate these crimes. By fostering an environment of transparency and accountability, we can weaken the foundations upon which these scams are built. Confronting these threats is about more than safeguarding financial assets; it’s about restoring integrity and trust in digital finance. By leveraging blockchain’s inherent transparency, we can trace and combat these nefarious activities, striving to rebuild trust in the digital age.
You can catch Chainalysis’s keynote on 13 June, Day 3 of Blockchain Week. In the meantime, you can follow and connect with Mike via the following channels:
LinkedIn
Telegram: mikemnft_eth
ENS: Crazy Meme Coin Purchaser (figure out which is mine!)
A very big thanks to Chainalysis for coming on board as a major sponsor for Blockchain Week 2024.