Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Bitcoin The Almighty Buck

Americans Lost $5.6 Billion Last Year In Crypto Fraud Scams (apnews.com) 84

Americans lost over $5.6 billion to cryptocurrency fraud schemes in 2023, with investment fraud accounting for the majority of losses, according to the FBI (PDF). The Associated Press reports: The FBI received nearly 70,000 complaints in 2023 by victims of financial fraud involving bitcoin, ether and other cryptocurrencies, according to the FBI. The most rampant scheme was investment fraud, which accounted for $3.96 billion of the losses. "The decentralized nature of cryptocurrency, the speed of irreversible transactions, and the ability to transfer value around the world make cryptocurrency an attractive vehicle for criminals, while creating challenges to recover stolen funds," wrote Michael Nordwall, assistant director of the FBI's criminal investigative division.
This discussion has been archived. No new comments can be posted.

Americans Lost $5.6 Billion Last Year In Crypto Fraud Scams

Comments Filter:
  • Caveat emptor for the few educated followers on Slashdot
    • "A fool and his money are soon parted" is more apt.
      • "Tom [Brady] also lost $30 million dollars in crypto. Tom, how did you fall for that? I mean, even Gronk was like, 'Me know that not real money,'" —Nikki Glaser
      • For crypto it seems to be more like "A fool and your money are soon partners"
    • Re: (Score:3, Funny)

      by mspohr ( 589790 )

      Isn't all crypto fraud?

      • by shanen ( 462549 )

        Only joke on the rich target story?

        But the frauds go much deeper than crypto. Certainly all the secondary markets in hedges and futures and such... At this point I'd like to see what proportion of advertising is fraudulent at some level. My guess would be in the high 80s--but I may be insufficiently pessimistic to deal with today's realities.

    • by e3m4n ( 947977 )

      Minecraft Swords! Get your Minecraft Swords here! Minecraft Swords for sale!

      Hell Im skeptical investing in gold/silver when its kept in some vault like Money Metals Exchange. Thats a real tangible item. Not 1s and 0s on a drive somewhere.

  • "financial fraud involving bitcoin, ether and other cryptocurrencies"

    We don't call fraud involving traditional money "money fraud scams", so why should we call this "Crypto Fraud Scams"?

    If the fraud just uses crypto to transfer the money it's not "Crypto Fraud".

    • Re: (Score:2, Informative)

      by quonset ( 4839537 )

      Stop making excuses. It's crypto fraud because that's the vector used to scam people. That's why we have insurance fraud or securities fraud. That's what was used to "transfer the money".

      Hans Kristian Grabener = StoneToss

      • So when there insurance fraud there is no money involved? Just insurance. How does that work? Some of it is cryptocurrency fraud some of it isn't. Do they call it gift card fraud when that is used? No. It is a valid observation.
    • by Sique ( 173459 )
      Because this is a fraud especially targeted at crypto cryptocurrencies, which were hailed as the technical solution to wealth transfer without governmental oversight (and possible taxes).

      If the scam is targeted on real estate, we call it "real estate fraud", if it involves used cars, we call it "used car scam". If it involves penny stocks, we call it "pump and dump". In all the above mentioned cases, the losses are measured in legal tender, but in none of them, we use the term "money fraud scam". Why shou

      • by Xenna ( 37238 )

        Some of it is. Much of it isn't.

      • by AvitarX ( 172628 )

        Is it fraud targeted at crypto?

        As I read GP the implication is that it includes things like ransomware that use crypto to pay. As I read your comment that would be excluded.

    • by AvitarX ( 172628 )

      Thank you for clarifying. I definitely assumed they meant scam coins and pump and dumps from the headline.

      In context of crypto as the medium for payment, it seems low. That's only $30ish per an adult.

  • by Un-Thesis ( 700342 ) * on Tuesday September 10, 2024 @05:46AM (#64776449) Homepage

    I lost some 42 BTC.

    I was so worried about my paper wallet getting destroyed that I backed up the seedphrase in LastPass's "Secure Notes" feature way back in 2017 when I moved.

    Fast-foward to December 2023. I checked my BTC public address, and lo and behold, there were no longer 42.1 BTC ($2.74 million recently), but 0.000001.

    What happened?! Somehow someone had drained the wallet in August 2023... I was for sure it was no one I knew. I had it on GREAT authority that no one had accessed the bank safety deposit box where I kept he seedphrase (in a waterproof, fireproof pouch) since, well, you guessed it, 2019 when I first and last visited it.

    Then I heard about the LastPass hack, how they took out all of the "Secure Notes" from thousadns of accounts and sniffed for seedphrases. Apparently 150 people were explicitly disclosed to have been victimized, including me. I'm part of that $150 million dollar heist. About 2% of it :-/

    It turns out that Secure Notes were NOT encrypted agggainst my Master Password, as I had logically assumed, but against a common shared password... That the thieves also exffiltrated in the hack,.

    Now I use Bitwarden and encrypt via GPG all of my secure notes. It has to be more secure.

    I no longer invest in crypto. If I had done the "dumb" thing and kept my BTC on a foreign exchange, I would still have my millions of crypto. Self-custody is a joke!

    • by gweihir ( 88907 )

      Self-custody is a joke!

      It essentially means you have to be an IT security expert on the level somewhat comparable to what a bank has. Most people cannot do that. I can and I decided it is not worth the effort of spending several days per week on it. Not that I have any interest in crapto...

      • by echo123 ( 1266692 ) on Tuesday September 10, 2024 @06:31AM (#64776507)

        Self-custody is a joke!

        It essentially means you have to be an IT security expert on the level somewhat comparable to what a bank has.

        That can't possibly be true, because otherwise the former guy, (former US President DJ Trump), wouldn't have just announced his own Crypto platform [slashdot.org] regular 'Mericans can invest Their Own Money [youtu.be] into. Dj Trump is only thinking about the common investor, All The Time, for decades and decades already. /s

        Here's a complete written transcript that totally makes everything absolutely perfectly clear to anyone. [singjupost.com] /s

        If crypto is going to define the future, I want to be mined, minted, and made in the USA it’s going to be. It’s not going to be made anywhere else. And if Bitcoin is going to the moon, as we say, it’s going to the moon, I want America to be the nation that leads the way and that’s what’s going to happen.

        So you’re going to be very happy with me. You’re going to be so happy. You’re going to say he’s the greatest guy. That’s why I’m proud to be the first major party nominee in American history to accept donations in Bitcoin and crypto. And they’ve made a lot of them, I might tell you. And I appreciate it.
         
                  ~DJ Trump

        • by e3m4n ( 947977 )

          Does he even know that by ‘mined’ and ‘minted’ it just means wasting a lot of electricity to write some 1s and 0s? Its not an actual coin. Reminds me of that Dilbert cartoon clip where one of the characters was joking about someones network errors were caused by the token falling out of the cable that his token-ring was connected on.

      • I would change your post to say "nobody can do that" rather than "most people can't do that." A bank has multiple people each who have their own area of expertise. There's so much knowledge needed to secure a crypto wallet (you need both IT security and physical security) that one person simply can't do it.
        • by gweihir ( 88907 )

          As I have been that person (usually together with my former boss) a rather large bank (well several, actually) asked to look at what they do with regards to IT security in quite a few different aspects, I am confident I can do it. Not secure that bank, mind, but secure my own stuff on a comparable level. That is obviously massively easier than securing the complex IT of a large bank.

          Incidentally, I was only talking about IT security, even though I have looked at some aspects of physical security in 4 bankin

          • I am in no way doubting your abilities, but I'm still disagreeing with your conclusion. It's actually *harder* in some ways to secure a personal crypto-wallet than it is to secure a bank. Every single bank in the world has been subject to some sort of expensive breach (hence why they are quite willing to pay you and your old boss to evaluate their security!) But a bank is different because they can amortize the loss over a large profit-making business. If one administrator has her LastPass compromised a
            • by gweihir ( 88907 )

              I did explicitly exclude physical security. Now two times. Keep ignoring that and you can continue to disagree with me.

    • If you were so worried about your paper wallet, why didn't you make multiple copies? Maybe put one in a safety deposit box? Oh no, wait, those are run by the banks, they must be eeeeeeeeviilllllll!

      • by m00sh ( 2538182 )

        There's a million other ways than storing plaintext on a cloud provider. But, there is a lot of friction to do basic things.

        - Store in lastfass but encrypt it first and not plaintext
        - Store parts of the seed phrase in multiple cloud providers
        etc etc

        • by unrtst ( 777550 )

          - Store parts of the seed phrase in multiple cloud providers

          If anyone is considering doing this, I'd recommend doing it the *right* way - use a proper secret sharing scheme. For example:

          apt install ssss
          # create a split secret requiring any two parts to recreate the secret, and make 6 unique parts
          ssss-split -t 2 -n 6 -s 512
          # ... then store those 6 strings in 6 different places.
          # ... if/when you need it again, you go fetch at least 2 of those to recombine:
          ssss-combine -t 2
          # ... paste them in and it'll spit out the original secret

          "ssss" is a GPL'd version of Shamir's S

    • How is Bitcoin/crypto responsible for LastPass' hack?

      Online services have been getting hacked left and right since forever, you should never have trusted LastPass in the first place, considering it's not open source and AFAIK it's never been formally audited.

    • by Rei ( 128717 )

      Admin: "Your password must be at least 16 characters and contain an even mix of numbers, letters, punctuation, multibyte unicode characters, and a translation of your birth certificate into Linear A."

      User: "Why do you put such ridiculous rules on your passwords? That just means people can't remember their password and have to write it down and look it up each time. I don't even care about this account - why are you treating it like it's storing the nuclear codes?"

      Admin: "You should be using a password mana

    • Why the heck would anybody mod this as troll. Somebody was a victim of the Lastpass compromise and willing to talk about it in order to help educate others and writes a very specific and coherent post and that's what they get? Of course, the one day I don't have mod points.
    • Self-custody is a joke!

      I don't think your issue was self-custody. Your issue was a password service that bills itself as secure but was just a big, fat, target for someone with the time and resources to hack. Just curious, did you have MFA enabled for your LastPass account?

  • LOLOLOLOLLOLOLOLOOLL.
  • by gweihir ( 88907 ) on Tuesday September 10, 2024 @05:55AM (#64776467)

    It now simply belongs to somebody else.

    In other news, crapto continues to be an excellent scam.

  • God, I fucking hate news pieces like this, as if crypto is the bane of Americans and the sole source of their financial losses.

    Here, take this shit: FBI: More Than $12 Billion Lost to Online Fraud in 2023 [pymnts.com]

    Crypto is not even the worst offender in terms of money lost.

    • by chas.williams ( 6256556 ) on Tuesday September 10, 2024 @06:23AM (#64776499)
      However, criminals appear to be moving to crypto because it's easier, less "cost," to do business. I will say that I doubt the recovery rate of non-crypto fraud schemes is much higher. Fraud schemes don't work if the victim can get their money back.
      • less "cost," to do business

        Are you sure? Even in 2024, most people do not trust crypto. Criminals may actually have to spend a lot of money to reach those who might be willing to "invest" in crypto.

        And speaking of other forms of online scam? Are you sure they are any more expensive? E.g. fake shops selling crap on Amazon/Ebay? Almost anyone can do it.

        Have you heard of Paypal fraud? Any seller or buyer can deprive [paypal-community.com] you of your money.

    • Re: (Score:3, Insightful)

      by Rei ( 128717 )

      Crypto was specifically designed to be the sort of thing that cybercriminals could only dream of before, and there's immense resistance to any sort of change. From anywhere, to anywhere, without any sort of anti-fraud controls or sanctions, irreversible, and pseudonymous (anonymous after a mixer), without any meaningful laundering costs.

      When was the last time that you saw a ransomware operation demand payment in fiat currency? Never, that's when. There's a reason for that.

      FURTHERMORE, according to your ow

      • Even with credit cards, I see when the card company will halt a transaction because it looks suspiciously like fraud. Either the payer has been defrauded several times before, or the payee has been flagged, or it's an unusual transfer (which can be annoying if you're trying to use your card while overseas).

    • Crypto is not even the worst offender in terms of money lost.

      Literally all of the crypto fraud is "online fraud" so what you're saying is that nearly half of all online fraud is crypto fraud, then you want to defend it with this bullshit? Are you one of the local resident B!zX cryptocucks or what?

    • There are three types of crypto fraud.

      1) Social engineering - This is similar to any other type of fraud.

      2) Accepting payment and not delivering - The buyer has no protection unlike payments made with a credit card.

      3) Hacking of wallets and/or fraudulent exchanges - Unique to crypto currency.

      That's what's included in the $5.6B fraud number. Note that it doesn't include the fact that all crypto currency is a fraud and that crypt-currencies have no intrinsic value so any "investment" in crypt-currency

    • Crypto is the favorite for big time scammers because it is untraceable and unretrievable. Small scammers like gift cards but even they are moving to crypto. Ban crypto ATMs at the very least so seniors can't transfer their life savings in some convenience store.

    • A huge amount of that online fraud involves payments made in crypto currencies. The scammers don't want cash in bills, they don't want payment from a legitimate online banking service that might cooperate with law enforcement, they don't want credit card payments that might be be flagged as potentially illegal and held up pending an investigation. They want a money transfer that is relatively easy and difficult to trace and that can transfer across international borders and be free and clear within minute

  • by bradley13 ( 1118935 ) on Tuesday September 10, 2024 @06:36AM (#64776525) Homepage

    That's mostly meant as a joke, but it is also true. Joe Sixpack has no clue what crypto is or how it works, but he buys lottery tickets and doesn't know how those work either. There's also the saying that "a fool and his money are soon parted".

    How do you protect people from their own bad decisions?

    • That's mostly meant as a joke, but it is also true.

      That would only be true if intelligences were evenly distributed across the curve, which they are not. But thanks for proving the point so far as it goes, anyway.

      • Depends what "average" is used. The 3 most common types of average are the mean, the median or the mode. It is true if median is intended.

        • Depends what "average" is used. The 3 most common types of average are the mean, the median or the mode. It is true if median is intended.

          This is Slashdot. Be specific. We speak English here. In English, by default average means the mean.

          • If you want to be specific then you need to state the type of average as the term average by itself is ambiguous.
            It is also worth noting that
            For modern IQ tests, the raw score is transformed to a normal distribution with mean 100 and standard deviation 15.
            When a new version of an IQ test is normed, the standard scoring is set so performance at the population median results in a score of IQ 100.
            So if you are using IQ as the measure of intelligence then, by the definition of IQ,

            • I accept your original point however as IQ tests are do not measure intelligence directly and as such we don't know what proportion of people are below mean intelligence.

              Even more important to my argument, "normal" is a range, it's not a single score.

      • Your a pedant, fine. Still doesn't address the real question: how does one protect people from being scammed? Whether it's crypto, lottery, MLM, or whatever?
      • That's mostly meant as a joke, but it is also true.

        That would only be true if intelligences were evenly distributed across the curve, which they are not. But thanks for proving the point so far as it goes, anyway.

        Actually it's true for any symmetric distribution. IQ happens to be normally distributed (by construction: the underlying raw scores are mapped to a normal distribution, though I suspect the underlying scores are themselves probably normal as well), which is very much symmetric. So, you know, maybe don't cast shade on other peoples' intelligence while making a false claim of your own?

  • You can't go wrong whit those, or so I have been told so I put all my life savings into buying one of those.

  • Trump's joining the grift,
  • Let's move to a central bank digital currency. People can totally be trusted to remember their private keys, store them securely and reliably, and not start money transfers to foreign entities who call them. Oh and AI is a thing now. Good luck, everyone!
  • There is a common scam whereby criminals either hack emails, or perhaps just send emails purporting to be from the title company giving fake wire instructions. This has also happened in the UK and perhaps other countries.

    I bought a house recently and the title company has changed its procedures. Instead of them giving me wiring instructions, they told me to expect an email from a third party. No reference or anything, just the name of the company. Somehow this is supposed to be more secure.

    The third party

    • Or a third party that is agreed upon by the gov and all financial institutions as the trusted third party, like an escrow company. That way you know who you should expect to deal with, not "Oh, Foobar Llc, I guess that sounds ok..."

      • I am skeptical of escrow companies, with good reason.

        I worked for a small company that was sold to a larger company, for cash. Some of that cash was held in escrow in case some liabilities showed up after the sale.

        The escrow company sent some of the money by mistake to one of the other former shareholders of the company that was sold. This money was sent before the end of the escrow period.

        The escrow company sued (in US courts) the entity that they sent the money to. They won the case, but the entity was ov

  • Should be treated as a national security issue and those countries that harbor the majority of these criminals should be cut off from the internet and economically sanctioned. There needs to be a much greater public education push about scams. We need changes to financial laws making it harder to make sudden, large transactions that are unusual for people, especially for seniors. Overseas transfers need to be especially examined. While we're at it ban gift cards and cryptocurrency since they seem to be

  • What if, some people just 'lose' the money to themselves through their secret self custody wallet. Claim a loss for tax reasons, and bobs you're uncle, free money.
    • Tell me you are English without telling me you're English.
      Has the phrase, "Bob's your uncle," been used anywhere else?

  • Given that fraud is one of the principal use cases for cryptocurrency, this isn't surprising. What's mildly surprising is that is was only $5.6B. I suspect that this number may a serious underestimate, because anyone who's been scammed and doesn't know it yet would be highly unlikely to file a report..

    An unanswered (and unasked, at least in this context) question is: how much did (some) people gain via cryptocurrency fraud scams? I believe we can set the floor for that number at $5.6B, but that too se
  • the random string of numbers you bought comes with a flowery platitude and sugar.
  • People have always liked gambling, crypto is something new. This area has not been studied well yet. I'd rather play in casino at https://gamblizard.com/ [gamblizard.com] than invest money in unknown. Reading this, you understand that casinos have become safer. The main thing is to understand how it works.

Avoid strange women and temporary variables.

Working...