Nearly one-in-five Americans and more than one-third of Millennials invested in crypto assets last year, big box retailers have started accepting crypto payments and hundreds of Bitcoin ATMs have sprung up around the country. Despite the growing popularity of crypto assets, the industry is far less regulated than stocks, bonds, currencies or financial derivative markets.
These dynamics have made the industry a breeding ground for crime. From 51 percent attacks to celebrity impersonations, criminals use a wide range of technical and social engineering tactics to separate well-meaning people from their crypto assets. Many sophisticated attacks are becoming hard to distinguish from legitimate opportunities to profit in the industry.
Let’s take a look at the rise of crypto crimes and some steps that you can take to protect your assets.
Social Engineering Attacks
The total value of stolen crypto assets hit a record $4.5 billion in 2019, according to CipherTrace, which predicts that this year could be a close second place with $1.4 billion stolen between January and June. While these figures only represent about 1 percent of all transactions, stolen assets are nearly impossible for victims to recover.
Criminals have capitalized on widespread job losses from the COVID-19 pandemic to pitch get-rich-quick schemes and solicit payments and donations on behalf of the World Health Organization, the Red Cross and the Centers for Disease Control and Prevention. The nature of crypto transactions makes it easy to quickly scale these scams.
Example of Social Engineering Attack – Source: Twitter
CipherTrace found that 98% of stolen crypto assets arose from fraud and misappropriation rather than hacks and direct thefts this year. The most visible attack (pictured above) occurred when dozens of high-profile Twitter accounts were compromised, and attackers falsely promised to double any crypto sent to their address.
The most impactful attack occurred when nearly three-quarters of a million individuals fell prey to Wotoken’s alleged billion-dollar Ponzi scheme in China. Scammers claimed to operate a successful algorithmic trading bot and offered referral commissions to affiliates. Of course, the bot didn’t exist and the $1 billion scheme eventually imploded.
How to Protect Crypto Assets
There are several steps that you can take to protect crypto assets from hacks and direct thefts. For instance, criminals cannot steal crypto assets held in cold storage unless they are physically stolen and multi-factor authentication makes it exceptionally difficult to compromise an online account—even if they have the username and password.
There are a few best practices that you can use to safeguard your accounts:
- Cold Storage: Hold long-term crypto assets in secure cold storage to eliminate the risk of cyber theft. For example, you might use a hardware wallet with encryption.
- Insured Accounts: Make sure any online exchanges that you use are insured in the event that the exchange is hacked, or your account is compromised.
- Multi-Factor Authentication: Two-factor authentication with a hardware key will protect you from most online attacks that compromise your username or password.
Of course, these best practices don’t protect you from social engineering attacks that are responsible for most thefts. For instance, the best security systems in the world wouldn’t have stopped someone from sending cryptocurrency to an account linked to the infamous Twitter hack that occurred earlier this year.
Crypto Crime Activity in 2019 – Source: Chainalysis
That said, there are a couple of ways to avoid social engineering attacks:
- Phishing Attempts: You should be aware of phishing attempts designed to steal account credentials. Oftentimes, these attacks come in the form of emails for fake password resets or trading bots that require access to your wallets.
- Investment Scams: Treat any promises of too-good-to-be-true returns as suspicious—especially if you’re required to make a decision under a tight deadline. Ponzi schemes can pay out early investors for a while, but they always come crumbling down eventually.
Avoid Becoming a Criminal
Many crypto traders and investors don’t pay taxes on their gains (or claim their losses). While ignorance was common a few years ago, the IRS has made it abundantly clear that anyone buying and selling crypto assets must pay their fair share in taxes. The agency has sent out several rounds of warning letters and even added a question to everyone’s tax return.
The failure to pay capital gains tax is a felony in the United States that is punishable by fines, interest and even prison for severe cases. If you neglected to pay taxes in the past, it’s a good idea to amend past returns and bring your taxes up-to-date since the IRS can look back several years for omissions and an unlimited amount of time to investigate fraud.
The process of calculating Crypto Taxes and Accounting can be a challenge. With each sale, you must calculate the cost basis for the position and compute the capital gain or loss. Those that earned a net capital gain across all transactions for the year must pay tax on those gains, while those that realized a net capital loss can deduct those losses on their tax returns.
ZenLedger simplifies the process of complying with IRS guidelines by automatically aggregating transactions across wallets and exchanges and then calculating your year-end capital gain or loss. You can even identify opportunities to harvest tax losses during the year to offset capital gains and reduce your tax exposure.
The Bottom Line
Crypto Trading and Investing have become increasingly popular over the past several years. With a relatively unregulated market, criminals have not wasted any time taking advantage of new traders and investors that aren’t necessarily aware of social engineering techniques or Ponzi schemes that have dominated the investment world for decades in various forms.
In addition to avoiding criminals, you should ensure that you don’t become a criminal by completing our taxes on time. ZenLedger provides one of the easiest to use solutions.