Mar 10, 2020
Common Online Scams and How to Avoid Them
The safety and security of customers has been paramount to Gemini since our inception and as the popularity of cryptocurrencies grows, the amount of attempted fraudulent activity in the space grows in parallel. In this blog post, we highlight some common online scams and provide suggestions for how to avoid becoming a victim. Note: these scams do not uniquely target cryptocurrency users so whenever you go online, keep these best practices in mind.
Tech Support Scams
Tech support scams prey upon people’s fear that their computer is broken or has been compromised.
The Fake Phone Call
In this scam, a criminal will call or email a target and state that their computer has a serious problem such as a virus. The criminal will then ask for remote access to the victim’s computer in order to run a fake diagnostic test and from there can easily steal information.
The Fake Pop-Up
In a pop-up attack a criminal will deploy a pop-up window on a victim’s screen stating there is a problem with the computer that needs to be urgently fixed and request payment to resolve the non-existent issue.
The Fake Website
Criminals may also create fake support websites for well-known companies listing a fake support number. When the victim calls, the criminal will pose as a support employee and request remote access, allowing them to easily loot the victim’s account.
Get Rich Quick Scams
Get rich quick scams present potential victims with fake investment opportunities that promise large returns in a very short period of time with minimal effort (these schemes often are classified as pyramid or ponzi schemes).
The Foreign Prince
Criminals contact a victim, usually via email or a phone call, and request a small investment or loan for an exotic and seemingly reliable opportunity in exchange for a high rate of return in the near future.
The (Swamp)land Deal
Criminals may also post fake advertisements online that promise a small initial investment will yield outsized returns and wait for victims to contact them.
Bank of Nowhere
In a more elaborate get-rich-quick scam, criminals create fake investment platforms that similarly promise victims significant returns in exchange for a nominal investment. These platforms look legitimate and often include fake testimonials from people with inflated bank accounts. Once the victim makes an initial investment on the platform, they will be able to see their portfolio but unable to withdraw their money. When the time comes to pay a return on the investment, the criminal will make excuses as to why the funds can’t be paid and often ask the victim to pay an additional fee to release them.
Criminals pose as an interested romantic partner in order to take advantage of those looking to find companionship.
Catfishing for Dollars
A criminal will create a fake dating profile using stolen pictures, then establish a close relationship with a victim over a long period of time taking great pains to avoid in-person interactions. Once the criminal senses the victim is comfortable, they will request money, often giving a reason with great urgency to induce payment (ex. medical expenses, frozen bank account, etc.).
SIM Swap Scam
Criminals will acquire a victim’s name and phone number through fraudulent means and use that information to hack into systems connected to the victim’s phone.
Hackers continue to build sophisticated methods to target online accounts. One of the more common attacks is called SIM swapping, when an unauthorized individual tricks a mobile carrier into switching an existing phone number to a different device. The unauthorized individual can then intercept texts and calls, including two-factor authentication (2FA) confirmations sent via SMS.
Spotting Online Scams
Do Your Homework
Before making an investment, take the time to conduct thorough and careful research focusing on reputation, qualifications and credentials. If the opportunity sounds too good to be true, it likely is. Best practice is to check all information with a trusted third party such as a legal or financial professional.
Know Who You’re Dealing With
Legitimate tech companies will not contact you by phone, email, text message, or “pop-up” warning to tell you there is a problem with your computer. If you believe something may be wrong with your computer, reach out to a legitimate technical professional or physically take your computer into a store to receive in-person support.
If you’re concerned with the legitimacy of a person, company, or investment opportunity ‒ ask questions. Be skeptical anytime anyone asks you to hand over money immediately. The more rushed an investment opportunity may be, the more likely it may be a scam.
Only Share Your Private Information With Trusted Parties
Sometimes we have to give our pin numbers, passwords and personal information to access systems and services that we use in our daily lives. Make sure to verify that you are indeed communicating with a legitimate representative of a company you know and trust before revealing private information.
Don’t Download Anything From Questionable Websites
Is the URL unusually long and complicated or have spelling errors? Does the website seem especially poorly designed, old or amateurish? If so, you may be on a fraudulent website. Pay close attention to where and how you browse the web and never download anything from a questionable website.
For Current and Future Gemini Customers: The best way to avoid losing funds from your Gemini account during a SIM swap scam is to download Authy for two-factor authentication disabling the multi-device option. This ensures your device is the only device that can access your Authy account. Please also see best practices for securing your Gemini account.
We hope that this guide to online scams will help you stay safe and secure as you navigate the tools, technologies and systems that power our everyday lives.
Onward and Upward,
Noah B. Perlman
Chief Operating Officer
The preceding examples are not a comprehensive list of all possible risks. Suggestions for avoiding online scams do not guarantee your security. You should always exercise caution online and when transacting in digital assets. Transactions in digital assets may be irreversible, and, accordingly, losses due to fraudulent or accidental transactions may not be recoverable. The nature of digital assets may lead to an increased risk of fraud or cyber attack.