logo

Adding insult to injury: crypto recovery scams

It’s a nightmare scenario for any cryptocurrency user. You fall victim to a crypto scam or cyberattack, resulting in stolen funds. You feel regret and shame – not to mention anger over the monetary loss. Unfortunately for many victims, this isn’t where the story ends. Imagine an even worse outcome: you are approached by someone or see an advert offering cryptocurrency recovery services. But instead of getting your funds back, all they do is make off with the upfront fee you paid them.

Unfortunately, this type of “recovery fraud” is increasingly common, and even the FBI has issued a Public Service Announcement (PSA) about it last year. Research indicates that nearly a third (30%) of identity theft victims have been revictimized at least once.

How do crypto recovery scams work?

Recovery scams are often a type of advance fee fraud – that is, the scammer will demand a fee up front for the service they claim to provide, and then disappear once it has been paid. They might also ask for access to your crypto accounts and/or personal and financial information, which can be sold on the dark web and used in follow-on scams.

Recovery scammers are all over social media. They may proactively seek out individuals who have just fallen victim to crypto theft/fraud and are venting online – and direct message them. Or they may be working from a list of crypto victims which they obtained on a hacking forum. They might even set up legitimate-looking asset recovery ‘businesses’ with official websites and advertise by listing in paid search engine results.

The sophistication of these scammers can vary. Some post fairly basic messages to social media. Others might phone fraud victims direct, impersonating police or court officials and pretending they have stolen money to return. In other cases, fraudsters might leave lengthy comments in cybersecurity forums that are at best a mix of testimonial and advertising, promoting their services.

crypto recovery scam sample 3 (1)

crypto recovery scam sample 2 (1)

crypto recovery scam sample 1 (1)

Sample messages peddling cryptocurrency recovery services in discussion forums (click to enlarge)

Some crypto recovery scammers are advertising their wares via low-cost online press release distribution services. They create a fictitious press release about recovering stolen assets – which contains links to the scam website. Then they upload it to a network of subscribing news outlets for distribution.

Avoiding crypto theft

Granted, the best way to avoid crypto recovery scams is not to have your digital currency stolen in the first place. In 2022, $2.5bn was lost to cryptocurrency fraud alone, according to the FBI. But threat actors have developed many other ways to target your digital funds.

As a result, it pays to be skeptical of any low-risk, high-return investment schemes; even ones that seem to be endorsed by celebrities or other trusted individuals. And it’s always better to pay for goods online by card, as there are more buyer protections that way. No legitimate business is likely to demand that you pay them in advance in crypto.

Also be dubious about any romantic interest you meet online offering investment advice – even if you feel a close connection with them. Increasingly, scammers are blending romance fraud with investment scams in what is known as “pig butchering.” Last year, the Department of Justice (DoJ) revealed it had seized virtual currency worth an estimated $112 million associated with these scams.

How to spot the warning signs

Whatever the type of scam, they all have one thing in common: there is no recovery service. Consider the following red flags:

  • They ask for an upfront fee before commencing their ‘work’, or another charge (i.e., tax) before you can proceed with processing refunds
  • They may communicate with a web-based email (e.g., Gmail/Yahoo) rather than a corporate account
  • They ask for your banking, crypto account and/or personal information in order to ‘return’ your funds
  • They claim to work closely with law enforcement or government officials
  • They get in touch out of the blue – either via social media DMs, text or email
  • They don’t offer any telephone number via which to get in touch
  • The person contacting you seems to know a lot of details about your particular case – including possibly how much was stolen and how

What should I do if my crypto is stolen?

It should be noted that there are legitimate firms that may offer services to help you get compensation for cryptocurrency investment and other types of fraud. Sometimes scammers also try to impersonate these organizations.

Consider the following steps if you have recently lost cryptocurrency due to fraud or theft:

  • Collect as much evidence as possible
  • Report the incident to the police and/or relevant regulatory body
  • Reach out to a legitimate law firm that offers recovery services – being sure to research their business fully first
  • Consider contacting the exchange where the scammer cashed out your crypto (if known)

The bottom line is that once your crypto has been stolen it is extremely difficult to get back. Although blockchain-based currencies can be monitored, some are set up to protect the anonymity of users, so the fraudster cannot be unmasked. They will also try to “cash out” your crypto as soon as possible in order to obfuscate the trail further. The decentralized nature of crypto means that, even if you were able to find out where they ended up, it would be extremely challenging to get your funds back. Sometimes the best you can do is to avoid becoming a victim twice over.

Online fraudsters are predators and they’re lurking everywhere. Don’t let them get their hands on any more of your money.


Free security scan for your website