/ Crypto 101

Top 7 Ways to Avoid Crypto Scams

Innovators in the crypto realm are some of the smartest humans on the planet. Unfortunately, crypto scammers are also top level, meaning almost anyone can fall prey to one of their sophisticated crypto scams. This guide will cover the top strategies for avoiding cryptocurrency scams, so let’s begin!

Summary: Top 7 Tips for Avoiding Crypto Scams

  1. Control your active contracts
  2. Exhibit extra caution with low cap coins
  3. Perform due diligence
  4. Never send crypto to receive crypto
  5. Look for a code audit
  6. Be suspicious of overly-complex MLM revenue structures
  7. Keep your private keys private

1. Check your token contract

In one particular phishing scam that is prevalent with NFTs and DeFi protocols, a fake email leads you to connect your web wallet to a scam smart contract in the form of a fake dApp or wallet. Once you give approval for that contract to access your web wallet, your tokens and/or NFTs may be at risk of a hack.

TIP: You can access all the smart contracts and tokens you have enabled on Etherscan’s Token Approval Checker. View the tokens that have been authorized to be spent on your behalf, and watch for contracts that have unusually high transaction amounts. When in doubt, use the Checker to instantly revoke access. *Note that this only applies to Ethereum-based tokens & NFTs.

2. Approach low cap coins with extra caution

The crypto Pump & Dump (P&D) scheme is alive and well, primarily in Telegram groups and on live streams. Sometimes it can be less obvious, with a crypto influencer shilling a coin they bought into already. Oftentimes, it is a low cap coin that you may not have heard of and thousands of people (or bots) are coordinating signals that pump the coin, only to dump it at the top of the hype cycle.

TIP: To check if a coin is in the midst of a P&D scam, check the historical volume of the coin. If there’s an obvious accumulation phase leading up to it, be suspicious. Always proceed with caution when considering buying a low cap token that has little volume (and little liquidity).

how-pump-dump-workA classic P&D: Accumulation phase, pump, and dump

3. Make sure there’s a code audit

Rug pulls refer to a scam that targets DeFi protocols and decentralized exchanges (DEXs). In order to participate and earn APY for your crypto in DeFi applications, users must add liquidity (a number of specific tokens) into a pool.

Those who control the smart contract may try to perform a rug pull, pulling out all of the liquidity at once to their own wallets. But more often, a rug pull happens when the smart contract is compromised by a hacker.

TIP: When providing liquidity in DeFi protocols, only interact with those that have had their smart contract audited. While this may not save you from all rug pulls, according to Chainalysys, it will shield you against most of them.

biggest-crypto-hack-bull-marketA classic P&D: Accumulation phase, pump, and dump

4. Perform due diligence

If you spend any time whatsoever on crypto social media, you’ve no doubt run into Giveaway scams. You will find them in the comments of project leaders when their project is launching, minting NFTs, having a token sale, or even running a genuine promotion to give away crypto.

Scammers will feed off the original hype of others, sometimes using hundreds of bots to infiltrate the social feeds of real projects with scam messages about a fake promo. Other scam projects will promise guaranteed returns, which is a major red flag.

TIP: Do due diligence when participating in any Giveaway. Check that the website url that you are interacting with matches the project's website, as listed on their verified social media accounts. Look at their official social feeds to find authentic links to giveaways. Even if it comes via email, verify it with the project’s official media. And remember, if it seems too good to be true, it is!

DYOR at Quadency and learn "How to Safely Send Cryptocurrency"

5. Never send crypto to receive crypto

Impersonator scams are rampant across social media platforms. Verified influencers and leaders are sometimes impersonated thousands of times over by scammers using bots. The scammers may use fake verified accounts that they buy to lure an influencer’s followers - they may even have more (fake) followers than the real person, which can be very confusing.

Recently, these spam bots have been replying to tweet replies on the real influencer’s feed, telling followers to “DM me here” and leading the follower to a phishing site. There, the follower is asked to send some amount of ETH, or other crypto, or NFTs in order to earn more or participate in some fake promo.

Another type of scam is through fake employment letters from fake recruiters, who eventually ask you to send crypto to set up hardware or for training materials. They may even ask you to provide all your banking details for payroll!

TIP: Never send any crypto in order to receive crypto back - it's very likely a scam.

6. Be suspicious of over-complexity

Some online crypto scams are easy to recognize. But other times a scam is disguised in complexity, made to sound technically sound and innovative, even though it’s hard to understand.

Ponzi or pyramid scams create hype around an asset and advertise a complex revenue model that uses reasonable-sounding returns to appear authentic, and complexity to distract from its obvious ponzi-ness. If you see a crypto promo that has a complex Multi-Level-Marketing approach with the first referrers making the most, it may be a ponzi.

TIP: Treat any investment that seems too complex to understand with extreme caution. If you don’t fully understand how the investment works, it’s best to avoid it altogether.

7. Keep your private seeds private

If you are ever asked to give someone the private keys (or pneumonic phrase) to a wallet, just say no!! There is zero reason for you to give away your seed phrase like this. If someone needs to send you cryptocurrency, they only need your public send address.

Recent NFT phishing scams may ask you to verify your seed phrase/private keys to your web wallet in order to receive your NFT.

TIP: Never give out your private keys/seed phrase. There is literally no real reason why you would have to do this, unless on the off chance you are trying to recover a wallet.

Bonus Tip: NFT Red Flags

If you get an offer in your OpenSea private or public folder that looks good and is tempting, check for these NFT red flags first:

  • When you click to accept the offer, if you get a permissions message with “contact developer” for details, it’s a red flag.
  • If you continue through and see there are no creator fees, red flag.
  • If you are asked to go to an external site to pre-register, red flag.


Remember that many of these scammers operate through Telegram and other messaging services. Social media account admins and employees of crypto companies will never DM you first. If you receive a direct message from someone saying they are an Admin, Founder or other employee, it's almost guaranteed to be a scam.

Trading cryptocurrency feels a whole lot safer once you’ve read through all these tips and done your due diligence with DYOR. Be on the lookout for the scams mentioned today, and practice safe crypto trading on Quadency’s smart terminal.

Be sure to join us on Telegram, Discord and Twitter!

Quadency is a cryptocurrency portfolio management platform that aggregates digital asset exchanges into one easy-to-use interface for traders and investors of all skill levels. Users access simplified automated bot strategies and a 360 portfolio view with a free account.

Disclaimer: The content of this article is for general market education and commentary and is not intended to serve as financial, investment, or any other type of advice.