Cryptocurrency Scams and How to Avoid Them

Cryptocurrency fraud has emerged as one of the fastest-growing categories of financial crime reported to US federal agencies, with the FBI's Internet Crime Complaint Center (IC3) recording $5.6 billion in reported cryptocurrency fraud losses in 2023 — a 45% increase from the prior year (IC3 2023 Internet Crime Report). This page covers the structural definition of cryptocurrency scams, the technical and social mechanisms that enable them, the dominant fraud scenarios documented by federal agencies, and the decision criteria used to distinguish scam characteristics from legitimate service arrangements. The cyber safety listings maintained on this domain intersect with service categories where fraud exposure is documented and classified.

Definition and scope

A cryptocurrency scam is a fraudulent scheme that exploits the technical architecture, pseudonymous transaction ledger, or investment framing of digital assets to extract funds from victims with minimal or no possibility of recovery. The irreversibility of blockchain transactions — a structural property of networks like Bitcoin and Ethereum — is the primary feature that separates cryptocurrency fraud from conventional financial fraud, where chargebacks, wire recalls, or regulatory intervention can sometimes halt or reverse losses.

The Federal Trade Commission (FTC) classifies cryptocurrency fraud as a subcategory of investment scams and impersonation fraud under its consumer protection enforcement mandate. The Commodity Futures Trading Commission (CFTC) asserts regulatory jurisdiction over cryptocurrency derivatives and spot markets where manipulation or fraud is alleged. The Securities and Exchange Commission (SEC) addresses fraudulent token offerings under securities law where digital assets meet the Howey test criteria for investment contracts.

Scope boundaries matter for enforcement routing. Scams involving promises of investment returns typically fall under CFTC or SEC jurisdiction. Identity theft used to access crypto accounts falls under the FTC's identity theft framework and may involve the FBI's IC3 reporting mechanism. Scams that cross international borders — a common pattern given the borderless nature of blockchain networks — are frequently referred to the Department of Justice's National Cryptocurrency Enforcement Team (NCET).

Losses are concentrated among specific demographics: the IC3's 2023 report identified individuals over 60 as the age group with the highest reported cryptocurrency fraud losses, at over $1.6 billion (IC3 2023 Internet Crime Report).

How it works

Cryptocurrency scams operate through a consistent four-phase structure regardless of specific scenario type:

  1. Target identification and contact — Fraudsters identify targets through social media platforms, dating applications, unsolicited direct messages, or compromised accounts of known contacts. Contact is initiated under a false identity: an investment advisor, romantic interest, celebrity, or government official.

  2. Trust development — Over days or weeks, the fraudster builds credibility through consistent communication, fabricated credentials, spoofed websites mimicking legitimate exchanges (a technique the FBI calls "spoofed exchange fraud"), or display of falsified profit screenshots.

  3. Deposit solicitation — The target is directed to send cryptocurrency to a wallet controlled by the fraudster, often through a fake trading platform that shows fabricated account balances to encourage continued deposits. The platform may permit small initial withdrawals to build confidence — a documented pattern in "pig butchering" schemes.

  4. Exit — Once the fraudster determines maximum extraction has occurred, the platform disappears, all communication ceases, and the deposited funds are moved through mixer services or cross-chain bridges to obscure the transaction trail. Recovery is structurally near-impossible without law enforcement action on the receiving wallet.

The technical asymmetry is significant: a fraudster needs only a controlled wallet address and a convincing interface, while the victim has no technical mechanism to reverse a confirmed on-chain transaction. The CFTC's Office of Customer Education and Outreach (CFTC OCEO) explicitly identifies this irreversibility as the core risk distinguishing crypto fraud from other financial fraud categories.

Common scenarios

Federal agency documentation identifies five primary cryptocurrency fraud scenario types:

Pig butchering (SHA ZHU PAN) schemes — The most volumetrically significant category in IC3 2023 data, involving long-term relationship building before investment solicitation. Fraudsters invest weeks in communication before introducing the investment component. Losses per victim are frequently in the six-figure range.

Rug pulls — Fraudsters launch a new token or decentralized finance (DeFi) protocol, attract liquidity from investors, then drain the liquidity pool and abandon the project. The SEC has brought enforcement actions against rug pull operators as unregistered securities offerings. These differ from pig butchering in that the fraud is embedded in the token's code rather than a social relationship.

Recovery scams — A secondary fraud targeting prior cryptocurrency fraud victims. Fraudsters posing as law enforcement, recovery specialists, or legal services firms solicit upfront fees to "recover" lost funds. The FTC classifies this as impersonation fraud compounded on investment fraud. The cyber safety directory purpose and scope page describes how this site's service classification structure treats such provider categories.

Pump-and-dump schemes — Coordinated promotion of a low-liquidity token to inflate price, followed by coordinated sell-off by insiders. The CFTC and SEC both maintain enforcement authority over this pattern in their respective jurisdictions.

Fake exchange or wallet fraud — Fraudulent platforms are built to resemble licensed exchanges (Coinbase, Kraken, Binance). Users deposit funds, which never reach a real exchange. These platforms are distinguished from legitimate exchanges by absence of FinCEN Money Services Business (MSB) registration, which is mandatory under 31 U.S.C. § 5330 for US-operating exchanges.

Decision boundaries

Distinguishing a cryptocurrency scam from a legitimate service involves structured criteria rather than subjective assessment. The following boundaries are drawn from FTC, CFTC, and SEC public guidance:

Legitimate vs. fraudulent investment opportunity:
- Legitimate platforms are registered as MSBs with the Financial Crimes Enforcement Network (FinCEN) and operate under state money transmitter licenses in applicable jurisdictions. Verification is publicly searchable through FinCEN's MSB Registrant Search tool.
- Fraudulent platforms typically lack any FinCEN registration and cannot produce state licensing documentation.
- Guaranteed return promises — regardless of percentage — are a disqualifying red flag. The CFTC states explicitly that no legitimate investment vehicle guarantees profit.

Pig butchering vs. legitimate investment introduction:
- Legitimate investment advisors are registered with the SEC or FINRA and verifiable through FINRA BrokerCheck or the SEC's Investment Adviser Public Disclosure database.
- Unsolicited investment advice from a contact made through a dating or social media platform, combined with direction to a specific off-platform trading application, meets the documented profile of pig butchering with high reliability.

Recovery service vs. fraud:
- No government agency charges upfront fees to assist fraud victims. FBI, FTC, CISA, and IC3 all provide fraud reporting services at no cost.
- Any entity charging fees in advance for cryptocurrency recovery, especially if requesting payment in cryptocurrency, matches the documented recovery scam profile.

Token launch vs. rug pull:
- Legitimate token projects typically publish audited smart contract code through recognized third-party audit firms and maintain publicly verifiable team identities.
- Anonymous teams, unaudited contracts, and locked liquidity periods with opaque unlock schedules are structural characteristics the SEC's FinHub office associates with elevated fraud risk.

The how to use this cyber safety resource page describes the verification methodology applied to service and resource listings on this domain, which is relevant for researchers cross-referencing agency-reported fraud patterns with service provider categories.

Reporting pathways for cryptocurrency fraud in the United States include the IC3 at ic3.gov, the FTC at reportfraud.ftc.gov, and the CFTC at cftc.gov/complaint.

References

📜 1 regulatory citation referenced  ·  🔍 Monitored by ANA Regulatory Watch  ·  View update log

Read Next

Cyber Safety Listings Each entry is structured to support service seekers, compliance professionals, and researchers who need to identify qualified... Cyber Safety Directory: Purpose and Scope Entries span federal agencies, independent service providers, standards bodies, and sector-specific compliance resources. How to Use This Cyber Safety Resource The Cyber Safety Listings index presents categorized service provider information, while the Directory Purpose and Scope page...