2024 was an eventful​​ year for the crypto industry, marked by the SEC's groundbreaking approval of spot Bitcoin ETFs on January 10, 2024. This milestone, along with daily trading volumes soaring to nearly $10 billion by March and record highs for Bitcoin and other cryptocurrencies, sparked a surge of interest in crypto as an investment. 

Several significant crypto-related policy developments also occurred, including the European Union's Markets in Cryptoasset (MiCA) Regulation, additional laws requiring virtual asset service providers to comply with the Travel Rule, and Singapore introducing regulations that appear to be more stringent for companies engaging in cryptocurrency or digital payment token (DPT) services. 

However, amidst this excitement, the shadow of crypto fraud looms large. The T3 Financial Crime Unit (T3 FCU) recently reported that it has frozen more than USD $100 million in criminal crypto assets globally. FinCEN received over 8,600 SARs (Suspicious Activity Reports) in the past year related to pig butchering scams. And Americans reported losing $679 million to cryptocurrency-related scams in the first half of 2024, representing a quarter of all funds lost to scammers, second only to bank transfers.

Common types of crypto fraud

Just as in the fiat world, crypto fraud encompasses a wide range of schemes. Here are some of the most common forms:

In first-party fraud, the victim is actually authorizing the transfer of funds themselves. Many first-party frauds are propagated via social media. In fact, nearly 30% of all crypto scams in the first half of 2024 originated from social media platforms, resulting in over $1.5 billion in losses. These fall into several different categories:

• Investment fraud, which includes pyramid and Ponzi schemes, rug pulls, exit scams, pump and dumps, and other investment scams, where the victim invests funds, only to lose them later because of a fraudulent operator or influencer. Americans aged 30 to 39 reported the highest number of investment scams in the first half of 2024, with 5,781 cases, while individuals aged 50 to 59 experienced the highest total losses, amounting to $236.5 million.
• Buyer’s remorse, where an individual buys legitimate crypto, such as Bitcoin, with a credit card, and then sells the crypto at a loss and initiates a chargeback request, claiming that their account information was stolen.
• Pig butchering and romance scams, in which the scammer cultivates a relationship with the victim and convinces the victim to "invest with them" or send them crypto for "urgently needed" reasons. In December 2024, a major raid in Lagos, Nigeria, led to the arrest of 792 individuals involved in romance and cryptocurrency frauds targeting victims worldwide.
• Imposter scams, where the victim thinks they are doing business at a legitimate exchange website or app, but they are actually tricked by a fake clone of that website or app. This also can happen in the DeFi world, where deceptive smart contracts can spoof legitimate tokens. 
• Blackmail and extortion, where the victim sends funds in response to ransomware attacks, blackmail, or even an actual kidnapping. 
• Money muling, where a victim (often a student) is convinced to be a "money mule," either handing over direct control of an account or wallet they set up or accepting and sending crypto in exchange for a small fee. This is a technique commonly used by criminals for money laundering.
• Location spoofing, where a scammer fakes their country of residence to set up an account at a crypto exchange. This typically happens when a crypto exchange forbids investors from certain countries from opening accounts for regulatory or other reasons, such as sanctions evasion or avoidance of countries with restrictive rules.
• Multi-accounting fraud, where a user creates and manages multiple cryptocurrency exchange accounts under different identities. This enables them​​ to manipulate market activity, exploit platform and referral bonuses, launder money, and engage in other fraudulent activities.

Third-party fraud, such as account takeovers (ATOs), where someone else takes control of a victim's wallet or account, are also present in crypto. This can be done through: 

• Social engineering, where the victim is conned into revealing seed phrases or sharing control of their wallet, private keys, or crypto exchange login information.  
• Data breaches, where lists of leaked passwords and usernames are obtained and used to log into accounts, often facilitated by bots.
• Identity theft, where fraudsters use a victim's personal details to set up fraudulent accounts on legitimate crypto exchanges.

How device intelligence can help detect & prevent crypto fraud

Many of these crimes can be detected using Fingerprint device intelligence. Here are some ways that device intelligence can bolster a crypto exchange’s crypto fraud prevention strategies:

Location spoofing 

• The IP Geolocation Smart Signal provides information about the physical location of the originating IP address. We deploy several mechanisms to detect the IP address of the original client which allows us to correctly determine visitor location, even when using anonymizing tools. Our datacenter flag can also help weed out a wide variety of anonymization services (proxies). Those typically have the ability to “change” the user’s perceived location.
• Fingerprint's VPN Detection can detect whether the user is likely in a different location compared to their originating IP address or whether an IP address is associated with one of the public VPN providers. Because many crypto enthusiasts routinely use VPNs for privacy purposes, you’ll want to dig deeper into the data that Fingerprint provides to see whether the user is trying to manipulate their location specifically to circumvent your regional restrictions.
• Geolocation Spoofing Detection, which is available for mobile apps only, will tell you if the location of the mobile device has been spoofed or not. 

Multi-accounting fraud

• The Browser Tamper Detection Smart Signal can also alert you to the use of an anti-detect (multi-accounting) browser. These browsers may be used to create and manage multiple cryptocurrency exchange accounts under different identities, which could be used for money laundering or promo abuse.
• Android Emulator Detection can alert you to potential device farms being used for money laundering or promo abuse.

Buyer’s remorse

• Visitor identification can provide the evidence crypto exchanges need to fight fraudulent chargebacks by linking a customer's device to a specific transaction, offering clear proof that they made the purchase. 

Third-party fraud or account takeover (ATO)

• Visitor identification enables your risk and fraud teams to watch for large or unusual crypto transactions from an unknown browser or device, which could indicate a potential account takeover (ATO) situation. You can also blocklist users with a history of fraudulent activity on your services and require additional authentication for suspicious visitors during login while keeping your trusted cryptocurrency users unhindered and safe. 
• The Browser Incognito Detection and Privacy Settings Smart Signals can indicate whether a user is trying to hide their true identity. And the Browser Tamper Detection Smart Signal can also be used to detect if someone is trying to confuse less sophisticated fingerprinting algorithms through User Agent spoofing or by changing the output of selected signals collected from the browser. 

(Note, however, that since many crypto users are privacy-aware and often use incognito mode, privacy-preserving browsers, or other privacy-preserving techniques, these signals should be used only in conjunction with other fraud indicators.)

• The Jailbroken Device Detection Smart Signal will help you detect if your app is being used by an iPhone/iPad that has been jailbroken and enable you to proactively act on that information. Fraudsters employ phishing mechanisms to trick users into installing jailbreaking software on their devices so they can then take control of said devices. 

However, again, you need to take into account the profile of your typical user. Highly technically sophisticated crypto investors often jailbreak their devices for other reasons, but these more technically sophisticated investors rarely use centralized crypto exchanges and prefer to maintain direct control of their crypto through DeFi.

Bot-driven attacks

• Browser Bot Detection can tell you if there is a potential attack happening on your website or if someone is leveraging bots to brute force attack user accounts.
• Virtual Machine Detection can also indicate whether someone is using throwaway virtual machines to automate attacks and confuse existing device fingerprinting technologies.
• Velocity Signals monitors events per IP address, so you can detect high-frequency interactions, which is a common indicator of automated behavior.

Detecting & preventing crypto fraud: Key takeaways

The explosive growth of the cryptocurrency market in 2024 has been both a boon for investors and a magnet for bad actors exploiting the space. As fraudulent schemes evolve, centralized crypto exchanges must remain vigilant and proactive in their approach to fraud prevention. 

By integrating advanced technologies like Fingerprint's device intelligence into their security strategies, exchanges can not only safeguard user assets but also build trust and resilience within the crypto ecosystem. Now is the time for virtual asset service providers to prioritize robust fraud prevention measures — because in the world of digital finance, security is the foundation of sustained success.Learn more about how Fingerprint can help you stop cryptocurrency fraud.