Are fraudsters cooling the crypto boom?

By Dimitrie Dorgan
Dimitrie Dorgan, Senior Fraud Risk Manager, Onfido, explores the ways in which fraudsters are exploiting cryptocurrency and the need for better security

Frequently, we see new data demonstrating the popularity and longevity of cryptocurrencies. For many years, alternative finance has been viewed as a niche investment opportunity, reserved for those with capital to risk. But now, almost one-fifth of the UK owns digital assets. The rise in popularity can often be explained by demand for inclusive solutions or apathy towards ‘broken’ traditional financial services. For others, cryptocurrency is an innovative store of value and an opportunity to make returns on investment. 

Among the various reasons for crypto’s popularity, there has been a common theme: anonymity and security. One of the core principles of blockchain-based digital currency is the level of protection from hackers that so often target the financial institutions that carry our money. But have fraudsters now unlocked this industry too? If so, they could threaten the crypto bubble.

A haven for fraudsters 

In many ways, what the industry stands for is what makes it appealing to fraudsters. For instance, bad actors are attracted by the same volatility that lures investors, and the fact that the industry is designed to stand apart from traditional financial services. Moreover, they can seek quick riches by taking advantage of missing consumer protections and the abundance of unregulated crypto exchanges and platforms.

As a result, the scale of fraud in the sector is growing fast, often in tandem with spikes in the price of different cryptocurrencies. Last year, Onfido saw that attempted identity fraud in crypto doubled at the same time as a 5x year-on-year surge in Bitcoin’s price. This trend has continued; today, on average 40% more fraud attempts in the crypto space compared to other sectors. 

What’s more, a 2020 study showed that nearly 56% of crypto exchanges do not follow KYC (Know Your Customer) regulations, meaning there is no standardised or consistent approach to authenticating users. This makes the market ripe for fraud and leaves legitimate users vulnerable to deception and scams. 

Recognising the fraudster profile

If the industry continues on its current trajectory, businesses must be equipped to protect their users effectively. This means fundamentally understanding the threat landscape and the behaviour and tactics of fraudsters. That’s how platforms and exchanges will build trust with customers and provide the freedom for investors to confidently connect and trade with others. 

Onfido’s 2022 Identity Fraud Report shows that crypto fraudsters are typically amateurs who seek the path of least resistance with unsophisticated tactics. In fact, 75% of crypto fraud attacks were assessed as ‘easy’, which is more than double the 31% proportion of ‘easy’ attacks on other industries. Interestingly, this also marks a 58% increase in the proportion of unsophisticated fraud, suggesting that fraudsters take a scattergun approach in crypto. 

These findings indicate that crypto platforms and exchanges are battling fraudsters that are often less organised and do not resemble the sophisticated crime rings often associated with high-profile fraud. Instead, these malicious actors prefer quantity over quality, and their activity is often opportunistic, driven by marketing strategies such as sign-up bonuses or capped Initial Coin Offerings (ICOs) that have a higher gain when a single fraudster is able to open multiple accounts. For this reason, despite the significant volume of fraud attempts in this space, crypto platforms and exchanges will find that fraudsters will likely spend just a couple of days attempting to infiltrate them before moving on. 

Implementing robust protection, beyond regulation 

As fraudsters increasingly try their luck, it’s crucial that exchanges and platforms can identify the warning signs and have processes in place to prevent attacks. Naturally, this starts with clear and comprehensive regulation to stop fraudsters from exploiting gaps in consumer protections. And despite the inconsistency in KYC adoption to date, it’s encouraging to see some markets like the European Union take action with the Markets in Crypto Asset bill to provide a comprehensive framework for the industry to follow to support user safety.

If the crypto industry wishes to emulate the trust and confidence that traditional banks and institutions have built with their customers, it cannot simply wait for regulation to catch up - it needs to take its own action too. This means bringing the security processes of the physical world to the online environment, using an individual’s biometrics or a selfie to provide protection against online fraud like counterfeit documents, and even more sophisticated attacks like 2D or 3D masks, and deep fakes. 

With the crypto industry entering into the mainstream consciousness and the number of holders in the UK - and beyond - only set to increase, the opportunity for crypto businesses, like exchanges and trading platforms, is vast. However, these organisations risk losing the trust and confidence of their customer base if they are not able to provide sufficient protection against fraudsters who are increasingly turning their attention to the market. By being proactive with KYC checks, embracing innovation like AI and biometrics during the onboarding process and paying attention to regulation, they can deter bad actors and provide users with the peace of mind that their profile, and crypto wealth, is secure with them. 

 

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security