Kriptomat is a security-driven and customer-centric crypto-exchange company. We are always improving our services to offer an amazing experience to the users. With that in mind, we have also proactively been fighting against any type of fraud that happens within the cryptocurrency world.
Considering the sheer number of cryptocurrencies and related projects, it's almost impossible to follow all of them and be fully informed about the latest events. And while a lot of cryptocurrencies are extremely secure, there are always ways for bad actors to exploit the beginners.
Taking this into consideration, and the fact that cryptocurrency transactions are operated under a pseudo-anonymity state that makes it extremely hard to retrieve assets, it creates a perfect environment for ill-intentioned people to take advantage of that.
Note: Kriptomat has an active page designated exclusively for Fraud Reports.
We have decided to regularly inform all our users about the types of fraud that are widespread, so we have compiled different and real scenarios of common fraud attempts.
SCENARIO 1: Fraudulent Online Giveaways via Social Media
Let’s start with the easiest one to spot, and possibly the most famous one: Fraudulent Crypto Giveaways.
You are browsing the internet, and suddenly an ad with Elon Musk or some other local popular person promising high gains pops up. If you place a deposit of a certain cryptocurrency amount to the website’s wallet address, then you are in for the contest where you may get back double or triple the amount you have “invested.”
Unfortunately, the most likely outcome is that you will never see your “invested” funds again.
They usually offer high profits if you only deposit a small amount into their wallets. However, they are never endorsed by anyone legitimate from the crypto community or anyone else except other fraudulent actors and impersonators.
Recently, there was a YouTube video about Vitalik Buterin—Ethereum’s creator—expressing himself about an ETH Giveaway. Amazing, right?
Not so much. Upon closer inspection, we can clearly see that the video was edited out from another source to endorse a completely different view. Truth is, Vitalik Buterin never appraised any type of ETH Giveaway and the video posted is simply fake in hopes to lure less informed crypto enthusiasts.
Please avoid any type of online giveaways without any real endorsement. If you believe it could be the real deal, then first research it through social media for more information before joining it.
SCENARIO 2: Fraudulent phone call attempts (impersonators of Microsoft or Lufthansa)
It’s Sunday, you are relaxing at home, and suddenly you are interrupted by a phone call. The caller may know your name and introduces themselves as a Lufthansa agent.
They tell you a beautiful story about how you were wrongly charged on your credit card by them and they wish to refund you. But surely you would have known that you bought a flight ticket, right? Also, if there were any charges with your credit card, you would probably receive a bank notification about it.
And while you don’t understand clearly what is being said to you, it's a 500 euro refund. Why lose the opportunity? Sadly, that is the reaction the scammer is counting on.
In a matter of minutes, you are convinced that the way to prove you are the Credit Card owner is to be redirected to a website that you have never heard of. You are required to either create an account on this very same website by yourself or this very nice person offers to help you through the process of registration by installing a remote application (AnyDesk, TeamViewer) that grants full access to your computer.
When all is done, you are told that they will send a confirmation code to your phone number and you must confirm it with them. And all of a sudden you realize you are missing 500 EUR on your card!
Now, how is that possible?
The answer is simple, unfortunately, you were a victim of a scam.
The person behind that phone call never worked for Lufthansa. Their only true intention was to make sure you register on a cryptocurrency exchange to have you confirm the code you received, and make a credit card purchase of cryptocurrencies that were withdrawn to another wallet address straight away. Remember what we said about cryptocurrencies transactions being irreversible?
The unfortunate part about this type of scam is that you are led to confirm this purchase by sharing your credit card’s 3D Secure code received via SMS. This means the merchant won’t be able to do anything about it because you confirmed it.
Before joining a completely new website you know nothing about because a stranger told you so, ask yourself these questions: Why haven’t you received any contact from your bank about a wrong purchase with your Credit Card? Why were you not aware of this wrong charge by any means?
You, as the sole owner of the card, are responsible for all your accounting. If you are contacted by any stranger stating they want to refund you anything, hang up and contact your bank first. Do not share any information about your documentation with anyone.
Banks, Merchants, and Lufthansa or NASA don’t need to reach out to you in order to make a refund. Usually, we are the ones reaching out to them.
SCENARIO 3: Impersonators on social media impersonating Kriptomat’s team members.
First and foremost, we would like to emphasize that Kriptomat will NEVER contact you first. Neither through direct messages, private messages, or phone calls. Anyone who contacts you first under our name is most likely to be a fraudulent impersonator.
If you have been around the internet, you may have been part of or viewed various forums and chat groups. They are great ways to bring people together who share the same interests.
They are usually welcoming environments and you feel like it is a safe space to share your opinions and point of view about subjects that matter to you.
This seemingly safe space also creates a sense of community, trust, and comfort that could make you a real target for scammers. It is known that they will often try to impersonate support members from crypto exchanges, financial entities, community managers, mods, even Board members, or anyone with whom you could create a trust bond and share your account credentials.
The bait is easy: you are frustrated and end up sharing in a group or forum any issues you may be facing with a particular platform. Suddenly, you receive private messages from the “Support Team”—sometimes even from several “agents.”
While you may think they are very responsive and nice at first, after some back and forth with very broken English from your “Support Agent” and usage of unknown and unnecessary terminology whose purpose is only one: confusion; they will request either the credentials from your account or direct you to a fake website.
In the end, by trusting this person, you either share your login credentials or attempt to log in to a fake website providing access to your account to a stranger causing you financial damage if you are unable to identify the fraudster beforehand.
Let’s put it into perspective, every user-based platform out there has a database, this database can be consulted by anyone with clearance to do so. So, why would a real support agent need your credentials?
Real employers from user-based platforms would never need your account information—we already have them!
It could be tricky to spot these types of scammers, though. They can easily create a fake profile with the company’s logo and try to gain your trust through a warm message. Essentially, you should not share your profile, account login, or any personal information with anyone via social media or forums.
Especially if it involves your finances and hard-earned money.
If you ever go through something like this, you should always report these profiles with the administrators of the group or forum you are.
Only contact support inside the platform you're using itself and never, never share any information with anyone via private messages on Telegram, or any other community.
SCENARIO 4: Investment Scams and fake brokers - How to spot and avoid them
Investment fraud is one of the most popular forms of financial crime. Fraudsters create attractive-looking investment websites where they offer services related to professional trading services. People are usually offered to invest money in something that is alleged to guarantee a profit (also known as “get rich quick” schemes).
Schemes involving cryptocurrencies often work as follows:
You see an ad on social media or other portals possibly with a local celebrity in the ad. You sign up and you get a call. A scammer poses as an "investment advisor" or a "professional broker" and offers you to invest funds in some cryptocurrency to get a profit (as much as 2500% or more in a matter of days).
You will open a professional trading account with the alleged company.
The scammer offers to guide you through the process of registration and verification on a crypto exchange (for example, Kriptomat due to its ease of use) and they install on your computer a remote desktop software to guide, such as Anydesk or Teamviewer.
You are then asked to deposit money and purchase some cryptocurrency. In some cases, they will also enable you to withdraw some money first, to gain trust and get you interested.
The scammer asks you to send the cryptocurrency to some address with claims that they will make professional trades and return the funds once profits have been made.
In reality, the cryptocurrency simply ends up in the scammer’s own private wallet. And, as crypto transactions are irreversible, it is not possible for you to request a refund. Kriptomat cannot do anything for you in this case either.
These "investment advisors" usually disappear without any trace. Some of them mislead people by making them believe their first investment has successfully made a profit.
Very often they will inform you how your initial "investment" lost its worth due to the market crash, however, if you do deposit a bit more money, this "broker" might be able to get your "Investment" back.
Please do not fall for this second attempt to extort money from you as you will not see that money ever again, too.
To sum it up:
Kriptomat Support team only communicates via [email protected] email or Live chat in Web app or Mobile app.
We will NEVER request you to give us your login credentials.
We will never ask you for your Credit/debit card credentials.
Always be wary when accessing any new website, and never type in your sensitive data there before checking if the website is authentic.
Always make sure you are accessing the right URL of the website and before entering any sensitive data check did the URL change in the meantime. This is the most efficient way to avoid phishing.
If an "employee" of Kriptomat contacts you first ALWAYS be wary and feel free to check with our Support team via bove mentioned email, did we contact you?
If something feels "shady" to you, well... most likely it is.
Always do research on companies offering you their services before trusting them with your hard-earned money.
DISCLAIMER: This content is purely informative and does not hold any type of opinion or implication towards any specific person or company.
Do you still have any questions? Use the support chat to contact our support team or send us an email at [email protected]