Americans Lost $5.6 Billion Last Year In Crypto Fraud Scams

Americans lost over $5.6 billion to cryptocurrency fraud schemes in 2023, with investment fraud accounting for the majority of losses, according to the FBI (PDF). The Associated Press reports: The FBI received nearly 70,000 complaints in 2023 by victims of financial fraud involving bitcoin, ether and other cryptocurrencies, according to the FBI. The most rampant scheme was investment fraud, which accounted for $3.96 billion of the losses. "The decentralized nature of cryptocurrency, the speed of irreversible transactions, and the ability to transfer value around the world make cryptocurrency an attractive vehicle for criminals, while creating challenges to recover stolen funds," wrote Michael Nordwall, assistant director of the FBI's criminal investigative division.

Buyer beware

[ozduo]

Caveat emptor for the few educated followers on Slashdot

Re:

[gosso920]

"A fool and his money are soon parted" is more apt.

Re:

[UnknowingFool]

"Tom [Brady] also lost $30 million dollars in crypto. Tom, how did you fall for that? I mean, even Gronk was like, 'Me know that not real money,'" —Nikki Glaser

Re:

[Odin's Raven]

For crypto it seems to be more like "A fool and your money are soon partners"

Re:

[mspohr]

Isn't all crypto fraud?

Re:

[shanen]

Only joke on the rich target story?

But the frauds go much deeper than crypto. Certainly all the secondary markets in hedges and futures and such... At this point I'd like to see what proportion of advertising is fraudulent at some level. My guess would be in the high 80s--but I may be insufficiently pessimistic to deal with today's realities.

Re:

[e3m4n]

Minecraft Swords! Get your Minecraft Swords here! Minecraft Swords for sale!

Hell Im skeptical investing in gold/silver when its kept in some vault like Money Metals Exchange. Thats a real tangible item. Not 1s and 0s on a drive somewhere.

Lazy and suggestive subject title

[Xenna]

"financial fraud involving bitcoin, ether and other cryptocurrencies"

We don't call fraud involving traditional money "money fraud scams", so why should we call this "Crypto Fraud Scams"?

If the fraud just uses crypto to transfer the money it's not "Crypto Fraud".

Re:

[quonset]

Stop making excuses. It's crypto fraud because that's the vector used to scam people. That's why we have insurance fraud or securities fraud. That's what was used to "transfer the money".

Hans Kristian Grabener = StoneToss

Re: Lazy and suggestive subject title

[UncleScidhuv]

So when there insurance fraud there is no money involved? Just insurance. How does that work? Some of it is cryptocurrency fraud some of it isn't. Do they call it gift card fraud when that is used? No. It is a valid observation.

Re: Lazy and suggestive subject title

[Rei]

And they're also so annoying with the gaslighting pretending that crypto scams aren't insanely common, to the point that crypto people have invented new terms to describe all the different types of crypto scams. It's a culture that practically expects to be scammed, whose "money" is designed on the premise that everyone is trying to scam everyone else, and commonly blames victims when they're scammed, and the notion that there should be any mechanism to fight back against scams like there are with e.g. credit cards, etc is seen as abhorrent.

It's Scam World Central insisting that hey no, nothing to see here.

Re:

[DarkOx]

Ok but... just bitcoin has a daily trading volume of something around 33B, there are 252 trading days a year. that would amount 8316B in annual volume. So 6B in fraud (keep in mind that is all crypto not just bitcoin like these volume numbers are) is actually not a huge percentage in terms of transacted dollar amounts.

I still think crypto-currency is stupid as a concept; I a really don't want to be defending it. I don't know what the rate of fraud is in terms of dollar denominated insurance contracts trans

Re: Lazy and suggestive subject title

[hdyoung]

Yeah but how much of the BTC trade is wash trading? Account for that and the percentage of scam activity is even higher. At this point, investing crypto is probably close to the same level as investing with a Nigerian prince. With the possible exception of a small number of pros, only idiots and mentally-vulnerable people are engaging in it.

Re:

[Rei]

Most BTC trading isn't even wash trading, it's just automated bookkeeping at exchanges.

The amount of actual purchases made with BTC is tiny.

Re:

[Darinbob]

I'd say maybe 1% of bitcoin holders are doing this legitimately for various libertarian reasons, while the rest use bitcoin for money laundering or scams. Almost all international scams use bitcoins these days as it is really the hardest to trace and easiest to get victims to pay in (there are ATMs where victims can deposit cash and get the crypto coins to send to the scammers, even in rural areas). Other cryptocurrencies may be used but it is rarer because these aren't as well known to victims. And becau

Re:

[Sique]

Because this is a fraud especially targeted at crypto cryptocurrencies, which were hailed as the technical solution to wealth transfer without governmental oversight (and possible taxes).

If the scam is targeted on real estate, we call it "real estate fraud", if it involves used cars, we call it "used car scam". If it involves penny stocks, we call it "pump and dump". In all the above mentioned cases, the losses are measured in legal tender, but in none of them, we use the term "money fraud scam". Why shou

Re:

[Xenna]

Some of it is. Much of it isn't.

Re:

[AvitarX]

Is it fraud targeted at crypto?

As I read GP the implication is that it includes things like ransomware that use crypto to pay. As I read your comment that would be excluded.

Re:

[drinkypoo]

Meh, who am I kidding, our intel agencies are probably the ones running the scams to pad their black budgets. Why bother selling coke in the hood, when you can sell crypto from your suburb basement?

They never sold coke in the hood, after the CIA imported the cocaine in forest service aircraft [iac.aero] they put it into the hands of others for distribution.

Re:

[Darinbob]

This trackign is amazingly difficult. Theoretically possible though. First, just within the borders of one country the difficulty is in getting information from the exchanges (if an exchange is used), because of their attitude "we're not a bank, you're not allowed to regulate us!!". Second the transaction history just shows money was transferred to a certain "SmellyJoe558714". So now you've got to see if there are other transfers from that person to buy a cup of coffee -- hah, who am I kidding, nobody u

Re:

[hsthompson69]

Doesn't every peer on a crypto chain have access to the entire ledger?

I guess off-chain transactions, where A sends B crypto X, and then C sends D crypto Y (or hands out cash) aren't going to be in the transaction history... ...but if you're facilitating an off-chain transaction, it sounds like you're the place where the cops put the squeeze on.

Re:

[Darinbob]

Mostly they start at the exchange, because most victims of basic scams won't have their own ledgers. At some point the scammer pulls the coin out of the exchange (or just gets cash), at which point the exchange should have a ledger with a recording of the transaction - but it won't have all the necessary data to identify the individual. Bitcoin users don't register their name, address, ID numbers, etc.

The cops can give the squeeze in America, but if the scammer is in Pakistan, Russia, or wherever, then th

Re:

[AvitarX]

Thank you for clarifying. I definitely assumed they meant scam coins and pump and dumps from the headline.

In context of crypto as the medium for payment, it seems low. That's only $30ish per an adult.

LastPass Effed Me Over, Royally

[Un-Thesis]

I lost some 42 BTC.

I was so worried about my paper wallet getting destroyed that I backed up the seedphrase in LastPass's "Secure Notes" feature way back in 2017 when I moved.

Fast-foward to December 2023. I checked my BTC public address, and lo and behold, there were no longer 42.1 BTC ($2.74 million recently), but 0.000001.

What happened?! Somehow someone had drained the wallet in August 2023... I was for sure it was no one I knew. I had it on GREAT authority that no one had accessed the bank safety deposit box where I kept he seedphrase (in a waterproof, fireproof pouch) since, well, you guessed it, 2019 when I first and last visited it.

Then I heard about the LastPass hack, how they took out all of the "Secure Notes" from thousadns of accounts and sniffed for seedphrases. Apparently 150 people were explicitly disclosed to have been victimized, including me. I'm part of that $150 million dollar heist. About 2% of it :-/

It turns out that Secure Notes were NOT encrypted agggainst my Master Password, as I had logically assumed, but against a common shared password... That the thieves also exffiltrated in the hack,.

Now I use Bitwarden and encrypt via GPG all of my secure notes. It has to be more secure.

I no longer invest in crypto. If I had done the "dumb" thing and kept my BTC on a foreign exchange, I would still have my millions of crypto. Self-custody is a joke!

Re:

[gweihir]

Self-custody is a joke!

It essentially means you have to be an IT security expert on the level somewhat comparable to what a bank has. Most people cannot do that. I can and I decided it is not worth the effort of spending several days per week on it. Not that I have any interest in crapto...

Re:LastPass Effed Me Over, Royally

[echo123]

Self-custody is a joke!

It essentially means you have to be an IT security expert on the level somewhat comparable to what a bank has.

That can't possibly be true, because otherwise the former guy, (former US President DJ Trump), wouldn't have just announced his own Crypto platform [slashdot.org] regular 'Mericans can invest Their Own Money [youtu.be] into. Dj Trump is only thinking about the common investor, All The Time, for decades and decades already. /s

Here's a complete written transcript that totally makes everything absolutely perfectly clear to anyone. [singjupost.com] /s

If crypto is going to define the future, I want to be mined, minted, and made in the USA it’s going to be. It’s not going to be made anywhere else. And if Bitcoin is going to the moon, as we say, it’s going to the moon, I want America to be the nation that leads the way and that’s what’s going to happen.

So you’re going to be very happy with me. You’re going to be so happy. You’re going to say he’s the greatest guy. That’s why I’m proud to be the first major party nominee in American history to accept donations in Bitcoin and crypto. And they’ve made a lot of them, I might tell you. And I appreciate it.
 
          ~DJ Trump

Re:

[e3m4n]

Does he even know that by ‘mined’ and ‘minted’ it just means wasting a lot of electricity to write some 1s and 0s? Its not an actual coin. Reminds me of that Dilbert cartoon clip where one of the characters was joking about someones network errors were caused by the token falling out of the cable that his token-ring was connected on.

Re:

[Ed Tice]

I would change your post to say "nobody can do that" rather than "most people can't do that." A bank has multiple people each who have their own area of expertise. There's so much knowledge needed to secure a crypto wallet (you need both IT security and physical security) that one person simply can't do it.

Re:

[gweihir]

As I have been that person (usually together with my former boss) a rather large bank (well several, actually) asked to look at what they do with regards to IT security in quite a few different aspects, I am confident I can do it. Not secure that bank, mind, but secure my own stuff on a comparable level. That is obviously massively easier than securing the complex IT of a large bank.

Incidentally, I was only talking about IT security, even though I have looked at some aspects of physical security in 4 bankin

Re:

[Ed Tice]

I am in no way doubting your abilities, but I'm still disagreeing with your conclusion. It's actually *harder* in some ways to secure a personal crypto-wallet than it is to secure a bank. Every single bank in the world has been subject to some sort of expensive breach (hence why they are quite willing to pay you and your old boss to evaluate their security!) But a bank is different because they can amortize the loss over a large profit-making business. If one administrator has her LastPass compromised a

Re:

[gweihir]

I did explicitly exclude physical security. Now two times. Keep ignoring that and you can continue to disagree with me.

Re:

[drinkypoo]

If you were so worried about your paper wallet, why didn't you make multiple copies? Maybe put one in a safety deposit box? Oh no, wait, those are run by the banks, they must be eeeeeeeeviilllllll!

Re:

[m00sh]

There's a million other ways than storing plaintext on a cloud provider. But, there is a lot of friction to do basic things.

- Store in lastfass but encrypt it first and not plaintext
- Store parts of the seed phrase in multiple cloud providers
etc etc

Re:

[unrtst]

- Store parts of the seed phrase in multiple cloud providers

If anyone is considering doing this, I'd recommend doing it the *right* way - use a proper secret sharing scheme. For example:

apt install ssss
# create a split secret requiring any two parts to recreate the secret, and make 6 unique parts
ssss-split -t 2 -n 6 -s 512
# ... then store those 6 strings in 6 different places.
# ... if/when you need it again, you go fetch at least 2 of those to recombine:
ssss-combine -t 2
# ... paste them in and it'll spit out the original secret

"ssss" is a GPL'd version of Shamir's S

Re:

[qbast]

You lost BTC because BTC uses a moronic design where you can lose money just because you forgot/lost some passphrase. Sure, LastPass sucks, but it's your own damn fault

Re:

[Artem S. Tashkinov]

How is Bitcoin/crypto responsible for LastPass' hack?

Online services have been getting hacked left and right since forever, you should never have trusted LastPass in the first place, considering it's not open source and AFAIK it's never been formally audited.

Re:

[Rei]

Admin: "Your password must be at least 16 characters and contain an even mix of numbers, letters, punctuation, multibyte unicode characters, and a translation of your birth certificate into Linear A."

User: "Why do you put such ridiculous rules on your passwords? That just means people can't remember their password and have to write it down and look it up each time. I don't even care about this account - why are you treating it like it's storing the nuclear codes?"

Admin: "You should be using a password mana

Re:

[Ed Tice]

Why the heck would anybody mod this as troll. Somebody was a victim of the Lastpass compromise and willing to talk about it in order to help educate others and writes a very specific and coherent post and that's what they get? Of course, the one day I don't have mod points.

Re:

[weeboo0104]

Self-custody is a joke!

I don't think your issue was self-custody. Your issue was a password service that bills itself as secure but was just a big, fat, target for someone with the time and resources to hack. Just curious, did you have MFA enabled for your LastPass account?

victims of financial fraud involving bitcoin

[bsdetector101]

LOLOLOLOLLOLOLOLOOLL.

The money is not "lost"

[gweihir]

It now simply belongs to somebody else.

In other news, crapto continues to be an excellent scam.

Re:

[Rei]

And not just "anyone else". Probably either a Russian gangster or North Korea.

Re:

[timeOday]

Although, actually 'losing' it such that nobody can ever use it again is also quite common. About 20% of bitcoin is estimated to be lost forever.

https://cointelegraph.com/expl... [cointelegraph.com]

Re:

[gweihir]

Indeed. Another flaw in the idea.

News with agenda

[Artem S. Tashkinov]

God, I fucking hate news pieces like this, as if crypto is the bane of Americans and the sole source of their financial losses.

Here, take this shit: FBI: More Than $12 Billion Lost to Online Fraud in 2023 [pymnts.com]

Crypto is not even the worst offender in terms of money lost.

Re:News with agenda

[chas.williams]

However, criminals appear to be moving to crypto because it's easier, less "cost," to do business. I will say that I doubt the recovery rate of non-crypto fraud schemes is much higher. Fraud schemes don't work if the victim can get their money back.

Re:

[Artem S. Tashkinov]

less "cost," to do business

Are you sure? Even in 2024, most people do not trust crypto. Criminals may actually have to spend a lot of money to reach those who might be willing to "invest" in crypto.

And speaking of other forms of online scam? Are you sure they are any more expensive? E.g. fake shops selling crap on Amazon/Ebay? Almost anyone can do it.

Have you heard of Paypal fraud? Any seller or buyer can deprive [paypal-community.com] you of your money.

Re:

[Rei]

Crypto was specifically designed to be the sort of thing that cybercriminals could only dream of before, and there's immense resistance to any sort of change. From anywhere, to anywhere, without any sort of anti-fraud controls or sanctions, irreversible, and pseudonymous (anonymous after a mixer), without any meaningful laundering costs.

When was the last time that you saw a ransomware operation demand payment in fiat currency? Never, that's when. There's a reason for that.

FURTHERMORE, according to your ow

Re:

[Darinbob]

Even with credit cards, I see when the card company will halt a transaction because it looks suspiciously like fraud. Either the payer has been defrauded several times before, or the payee has been flagged, or it's an unusual transfer (which can be annoying if you're trying to use your card while overseas).

Re:

[drinkypoo]

Crypto is not even the worst offender in terms of money lost.

Literally all of the crypto fraud is "online fraud" so what you're saying is that nearly half of all online fraud is crypto fraud, then you want to defend it with this bullshit? Are you one of the local resident B!zX cryptocucks or what?

Re:

[Ed Tice]

There are three types of crypto fraud.

1) Social engineering - This is similar to any other type of fraud.

2) Accepting payment and not delivering - The buyer has no protection unlike payments made with a credit card.

3) Hacking of wallets and/or fraudulent exchanges - Unique to crypto currency.

That's what's included in the $5.6B fraud number. Note that it doesn't include the fact that all crypto currency is a fraud and that crypt-currencies have no intrinsic value so any "investment" in crypt-currency

Re:

[Hoi Polloi]

Crypto is the favorite for big time scammers because it is untraceable and unretrievable. Small scammers like gift cards but even they are moving to crypto. Ban crypto ATMs at the very least so seniors can't transfer their life savings in some convenience store.

Re:

[Darinbob]

A huge amount of that online fraud involves payments made in crypto currencies. The scammers don't want cash in bills, they don't want payment from a legitimate online banking service that might cooperate with law enforcement, they don't want credit card payments that might be be flagged as potentially illegal and held up pending an investigation. They want a money transfer that is relatively easy and difficult to trace and that can transfer across international borders and be free and clear within minute

"Half of all people have below-average IQ"

[bradley13]

That's mostly meant as a joke, but it is also true. Joe Sixpack has no clue what crypto is or how it works, but he buys lottery tickets and doesn't know how those work either. There's also the saying that "a fool and his money are soon parted".

How do you protect people from their own bad decisions?

Re:

[drinkypoo]

That's mostly meant as a joke, but it is also true.

That would only be true if intelligences were evenly distributed across the curve, which they are not. But thanks for proving the point so far as it goes, anyway.

Re:

[anonymous scaredycat]

Depends what "average" is used. The 3 most common types of average are the mean, the median or the mode. It is true if median is intended.

Re:

[drinkypoo]

Depends what "average" is used. The 3 most common types of average are the mean, the median or the mode. It is true if median is intended.

This is Slashdot. Be specific. We speak English here. In English, by default average means the mean.

Re:

[anonymous scaredycat]

If you want to be specific then you need to state the type of average as the term average by itself is ambiguous.
It is also worth noting that
For modern IQ tests, the raw score is transformed to a normal distribution with mean 100 and standard deviation 15.
When a new version of an IQ test is normed, the standard scoring is set so performance at the population median results in a score of IQ 100.
So if you are using IQ as the measure of intelligence then, by the definition of IQ,

Re:

[drinkypoo]

I accept your original point however as IQ tests are do not measure intelligence directly and as such we don't know what proportion of people are below mean intelligence.

Even more important to my argument, "normal" is a range, it's not a single score.

Re: "Half of all people have below-average IQ"

[bradley13]

Your a pedant, fine. Still doesn't address the real question: how does one protect people from being scammed? Whether it's crypto, lottery, MLM, or whatever?

Re:

[Chris Mattern]

"Your a pedant"

*You're* a pedant, please!

Re:

[Baloroth]

That's mostly meant as a joke, but it is also true.

That would only be true if intelligences were evenly distributed across the curve, which they are not. But thanks for proving the point so far as it goes, anyway.

Actually it's true for any symmetric distribution. IQ happens to be normally distributed (by construction: the underlying raw scores are mapped to a normal distribution, though I suspect the underlying scores are themselves probably normal as well), which is very much symmetric. So, you know, maybe don't cast shade on other peoples' intelligence while making a false claim of your own?

I only invest in ugly monkey pictures

[thesjaakspoiler]

You can't go wrong whit those, or so I have been told so I put all my life savings into buying one of those.

double that figure next year

[Growlley]

Trump's joining the grift,

Wait, I have an idea!

[CEC-P]

Let's move to a central bank digital currency. People can totally be trusted to remember their private keys, store them securely and reliably, and not start money transfers to foreign entities who call them. Oh and AI is a thing now. Good luck, everyone!

Buying a house, wiring money

[whoever57]

There is a common scam whereby criminals either hack emails, or perhaps just send emails purporting to be from the title company giving fake wire instructions. This has also happened in the UK and perhaps other countries.

I bought a house recently and the title company has changed its procedures. Instead of them giving me wiring instructions, they told me to expect an email from a third party. No reference or anything, just the name of the company. Somehow this is supposed to be more secure.

The third party

Re:

[Hoi Polloi]

Or a third party that is agreed upon by the gov and all financial institutions as the trusted third party, like an escrow company. That way you know who you should expect to deal with, not "Oh, Foobar Llc, I guess that sounds ok..."

Re:

[whoever57]

I am skeptical of escrow companies, with good reason.

I worked for a small company that was sold to a larger company, for cash. Some of that cash was held in escrow in case some liabilities showed up after the sale.

The escrow company sent some of the money by mistake to one of the other former shareholders of the company that was sold. This money was sent before the end of the escrow period.

The escrow company sued (in US courts) the entity that they sent the money to. They won the case, but the entity was ov

National Security issue

[Hoi Polloi]

Should be treated as a national security issue and those countries that harbor the majority of these criminals should be cut off from the internet and economically sanctioned. There needs to be a much greater public education push about scams. We need changes to financial laws making it harder to make sudden, large transactions that are unusual for people, especially for seniors. Overseas transfers need to be especially examined. While we're at it ban gift cards and cryptocurrency since they seem to be

Money Laundering

[alancjohnson]

What if, some people just 'lose' the money to themselves through their secret self custody wallet. Claim a loss for tax reasons, and bobs you're uncle, free money.

Re:

[slothman32]

Tell me you are English without telling me you're English.
Has the phrase, "Bob's your uncle," been used anywhere else?

In related news: the ocean is wet

[Arrogant-Bastard]

Given that fraud is one of the principal use cases for cryptocurrency, this isn't surprising. What's mildly surprising is that is was only $5.6B. I suspect that this number may a serious underestimate, because anyone who's been scammed and doesn't know it yet would be highly unlikely to file a report..

An unanswered (and unasked, at least in this context) question is: how much did (some) people gain via cryptocurrency fraud scams? I believe we can set the floor for that number at $5.6B, but that too se

At least when you buy a fortune cookie

[Eunomion]

the random string of numbers you bought comes with a flowery platitude and sugar.