After the collapse of Mt. Gox in 2014, Bitfinex became the largest cryptocurrency trading platform in the world, trading over 10% of the total volume of all cryptocurrencies in the world at the time.
Bitfinex was a subject to several hacks. It had 1,500 bitcoins stolen in May of 2015. In 2016, hackers stole over $70 million from the customer accounts of the exchange. In April of 2017, Wells Fargo, which was the bank that Bitfinex worked with in the United States, cut off Bitfinex’s access to wire transfers in US dollars and the customers of Bitfinex started transferring their coins elsewhere.
Red flags about cryptocurrency exchanges
Once you check out the history of an exchange, take a look at its advertising. One of the biggest red flags is an exchange that is offering to sell bitcoin, ether or any other cryptocurrency on the Ethereum network at a fixed price that is lower than the current market price. While it is true that cryptocurrency transactions are peer-to-peer and it is possible that someone wants to sell the coins quickly at a price lower than the market price, it is not possible for an exchange or an individual to be selling under market price all the time.
The essence of the business of a cryptocurrency exchange is getting fees from matching buyers and sellers, just like it is for any other kind of exchange, be it a commodity or stock exchange. No seller will be constantly selling assets under market price because otherwise there would be no point in having market price.
You should also be very careful when selling your coins and getting a promise from an exchange to send you a payment via PayPal. While many of the reputable exchanges do offer their customers an option to withdraw funds using PayPal, scammers may ask you to send them your coins first and promise to pay you via PayPal directly later. Once you send your coins, the PayPal payment never comes in and there’s nothing you can do about it because cryptocurrency transactions are irreversible.
Avoiding fake Ethereum wallets
Spotting a fake Ethereum wallet may be hard because such a wallet may be functioning properly most of the time. The essence of this scam is including malicious code into your download so that hackers can steal your personal data and your keys.
The best way to avoid downloading a fake wallet is to use a list of Ethereum-approved wallets that you can find at Ethereum.org. Avoid non-approved websites and websites that just don’t feel right. Another red flag when it comes to wallets is websites that are not using secure connections and websites and wallets that have names very similar to the names of popular wallets but differing in a letter or two.
Regardless of where you get your software, you should always scan it with an anti-virus and check Ethereum forums to see if there are any complaints about the software that you are want to download.
In 2014, Microsoft estimated that worldwide losses from phishing were over USD $5 million. Phishing is when scammers try to get sensitive information by pretending to be a trusted authority. The word phishing came into existence because the process is similar to actual fishing due to use of bait yet the spelling of the word is different.
Spelling is often a crucial part of phishing. For example, you may get an email not from someone on google.com domain, but from someone on googlemail.abcdss.com, which means that scammers created a subdomain on a completely different domain. Once scammers do something like this, they typically copy the exact design of the website of the authority that they are pretending to be.
Therefore, you have two ways to identify phishers. The first one is paying attention to spelling. Always verify email addresses that you are responding to. The second one is observing the behavior of websites and links. Pay attention to the hyperlinks to see what URL a link is hiding. If the link is taking you to a suspicious website, close the window and leave.
If you suspect that an email or a website are fake, call the organization to inquire about it or email them from a completely different email address by entering their email into the “To:” field manually. Even if the contact and the links are legitimate, it is always better to double-check via a secure channel if you become suspicious and to be safe than sorry.
If you are getting too many emails with advertisements and spam, you need to become more selective about how and where you leave your contact information. One of the solutions to this issue is to have a separate email address for all the non-trusted parties and a different address for legitimate businesses. Also, start paying attention to the results in search engines. Typically, the first few results from the top are advertisements that have a little logo next to them that says “ad.” While search engines are doing their best to only show legitimate advertising, scammers keep finding new ways of using search engine advertising platforms and luring innocent users to their websites.