The crypto bubble may be bursting, but it seems there’s no stopping the cyber criminals as return from investment scams have jumped by more than 50% from May 2021 to May 2022.
How are cyber criminals cracking crypto?
Cyber criminals exploiting interest in cryptocurrencies to scam investors and prey on British pension pots have seen their returns grow by more than half in the last 12 months, cybersecurity company NordVPN can reveal.
Total losses from UK investment fraud involving fake digital currencies, websites, apps or funds were £226,328,759 in the year to May 2022, compared with £142,962,073 for the previous 12 months — a 58.3% increase.
This year, scammers have already made off with £118 million, and currently pocket £36,250 per fraud — about three quarters of a typical pension nest egg. These fake schemes have become more profitable even while the legitimate cryptocurrency market has slumped in the past six months, with the biggest two names, Bitcoin and Ethereum, losing 59% and 75% of their value respectively.
As cryptocurrencies are not regulated by the UK’s Financial Conduct Authority (FCA), criminals are finding it easier to lure Brits to bogus investment and pension schemes with the promise of market-beating returns.
While amounts stolen are rising steeply, 2022 data shows only a small increase in the number of incidents reported, suggesting criminals could be profiling victims to extract more from their scams.
Who are cyber criminals targeting?
Younger people are the most likely to be targeted by cyber fraud, with those aged 20-39 reporting two in five of incidents and a fifth 18-24-year-olds having personally invested in cryptocurrencies. Often the schemes will be advertised on social media, using fake celebrity endorsements from respected finance experts like Martin Lewis, or stars of the TV investment show Dragons’ Den.
Hackers may also use phishing emails or text messages, either to persuade victims to invest in a non-existent cryptocurrency fund via a bogus website, or to encourage them to click on a link or download an app containing malware. This can then infect their devices and steal data or drain money from online accounts.
Malibot, a new and highly aggressive form of malware, which targets devices running the Android operating system, is being spread using a website and text messages offering fake links to real cryptocurrency apps, TheCryptoApp and Mining X.
Once these links are downloaded, Malibot, created in Russia, can quickly give criminals access to a victim’s phone, enabling them to harvest personal and financial data and send messages to other phones spreading the malware further.
Marijus Briedis, CTO and digital privacy expert at NordVPN, comments: “With inflation skyrocketing and traditional savings rates failing to keep up, bogus crypto investment schemes offering the prospect for high returns are the perfect bait for scammers.
“These frauds are thriving, despite the huge crash in Bitcoin and other currencies, and worryingly the clear rise in the amounts stolen per fraud shows the scammers are getting better at fleecing their victims. With huge amounts of personal and financial information for sale on the Dark Web, it could be that individuals are now being specifically targeted by hackers
“With banking and investing online a part of everyday life it is vital to take steps to keep fraudsters at bay. This includes making use of smart tech like VPNs and virus-checking software, and increasing your digital safety by creating strong passwords and checking the source of any link, site or app before you click.”
How to avoid investment scams
- Beware dodgy downloads. Don’t click on suspicious download links, even if they appear to be for a real app. Always use official digital marketplaces like Google Play or Apple’s App Store
- Don’t be rushed. Whatever the promised returns, no genuine investment scheme will put you under pressure to hand your money over immediately
- Do your homework. Talk through any significant investments with friends or an adviser and do an online search on any potential scheme
- Celebrity suspicion. Many fraudulent schemes feature well-known figures in their online and social media advertising but be wary of any celebrity endorsements. More than 1,000 fake schemes claiming to have the backing of finance expert Martin Lewis were reported to Action Fraud
- Use a VPN service. As well as encrypting your traffic so hackers won’t be able to see what you do online, NordVPN will also check files you download for malware and its built-in threat=protection software will delete it before it harms your device
Table: Cryptocurrency investment and pension frauds 2021-2022
Month |
Report volume |
Financial loss |
Loss per incident |
January 2021 |
693 |
£11,745,233 |
£16,948 |
February 2021 |
764 |
£14,271,703 |
£18,680 |
March 2021 |
881 |
£20,132,367 |
£22,852 |
April 2021 |
834 |
£15,363,628 |
£18,422 |
May 2021 |
847 |
£20,763,536 |
£24,514 |
June 2021 |
875 |
£20,275,547 |
£23,172 |
July 2021 |
721 |
£12,545,679 |
£17,400 |
August 2021 |
738 |
£13,336,233 |
£18,071 |
September 2021 |
668 |
£14,207,558 |
£21,269 |
October 2021 |
808 |
£15,623,715 |
£19,336 |
November 2021 |
815 |
£16,662,324 |
£20,445 |
December 2021 |
783 |
£15,661,991 |
£20,003 |
January 2022 |
1,040 |
£19,158,977 |
£18,422 |
February 2022 |
900 |
£15,225,636 |
£16,917 |
March 2022 |
936 |
£37,698,663 |
£40,276 |
April 2022 |
892 |
£12,908,057 |
£14,471 |
May 2022 |
911 |
£33,024,379 |
£36,251 |
Source: NordVPN
Image by tookapic on Pixabay