Skip to main content
  1. Home
  2. Features

Cracks in the crypto utopia: How a surge of scams is exposing DeFi’s dark side

By

An onslaught of phishing scams has the cryptocurrency community rattled and questioning the very fundamentals it was built on.

Non-fungible token (NFT) creators and collectors are losing out on hundreds and thousands of dollars to quick-thumbed thieves who are exploiting decentralized finance’s rise in popularity and fragmented customer support infrastructure.

Although phishing scams within the digital finance (DeFi) realm are not new, what’s accelerating recent fraudulent activity is crypto’s new audience. This year, as NFTs have become more valuable (and trendy), many people have promptly hopped on the bandwagon, without any real de-fi education, in hopes of a lucrative payday. But it’s not just newbies getting taken advantage of; it’s crypto veterans, too, leading many to wonder whether one of crypto’s key values, — anonymity — deserves a second glance.

“Cryptocurrency is really just digital cash,” said Cesare Fracassi, professor of finance at the University of Texas at Austin. “When somebody takes your cash, and you don’t know who they are, there is really no recourse for that action.”

A barrier to entry

Here’s a quick breakdown for the unfamiliar: As mentioned, NFT stands for “non-fungible token” — “non-fungible” means it cannot be exchanged for something of similar value. NFTs are bought and sold using cryptocurrency (mostly Ethereum) on popular marketplaces like OpenSea, Rarible, and Foundation. Every cryptocurrency transaction is recorded on the blockchain, a digital ledger anyone can access for transparency purposes. Cryptocurrency is kept in digital wallets, like MetaMask, and holds your “private key” —  essentially a password that allows you to spend the money you have.

Cryptocurrency is deregulated and decentralized, meaning there is no intermediary (like a bank) in charge of a person’s assets, nor is there a regulating authority (like the federal Securities and Exchange Commission) making rules for how users and companies interact using the blockchain. And even though many NFT marketplaces offer ways for customers to receive support when they encounter a problem, most of the customer support NFT collectors and creators receive happens on digital messaging platform Discord’s servers.

NFT $90k Scam alert:

This is very hard for me to tell everyone but I know it’s also important for people to hear.
3 weeks ago I was scammed out of $90,000 in my Blockchain wallet during a supposed NFT deal. I will share a more detailed account of what happened soon

— Jacob (@jacobriglin) July 10, 2021

If the process of buying an NFT, and receiving customer support if something were to go awry, seems disjointed and multilayered, it’s because it kind of is. Some of the biggest barriers, and blind spots, for crypto newcomers are the technical, cultural, and educational aspects of the space.

“Engaging with cryptocurrency as a user is a massive mental shift for people who are accustomed to very streamlined experiences where they relinquish control to a central authority,” said Emin Gün Sirer, associate professor of computer science at Cornell University. “That does open a window for bad actors to target new adopters, but the vast majority of crypto users know the next phase of growth for our space is welcoming the masses.”

However, crypto purists (also known as “crypto evangelists”) prefer cryptocurrency to remain this way — anonymous, transparent, and solely within the user’s hands. But so do scammers.

‘The most paralyzing, traumatizing feeling ever’

For Sohrob Farudi, the scammers cornered him quickly. And then he lost nearly everything, all at once.

After making a trade on NFT Trader for a coveted Bored Ape Kennel Club dog, Farudi noticed that the sell button for the item on OpenSea (a popular NFT platform) was deactivated — meaning he couldn’t sell, list, or trade his most recent acquisition.

Curious about what he should do next, Farudi went to the Bored Ape Yacht Club Discord server’s support channel to ask for help. Within seconds, he received a handful of DMs, including one from what looked like the server’s moderator asking him to connect to a separate support server, outside of the main channel. Wanting this issue to be resolved in a timely manner, Farudi followed along, unknowingly, into a scammer’s trap.

Farudi started sharing his screen with the pseudo support staffer, whose Discord nickname and profile image matched that of the actual server’s moderators. On Discord, while a username must be unique, a displayed nickname (which shows up in chats and servers) does not — creating a playground for imitators.

I was scammed / socially manipulated / hacked on @Discord and @OpenSea and lost three @BoredApeYC, four @0n1Force, and three @worldofwomennft totally roughly 250 eth in value by getting tricked into exposing the Metamask QR Code in the Chrome Browser Extension. I’ve never felt pic.twitter.com/aiaENpwLVP

— Sohrob Farudi (@sohrobf) August 25, 2021

“These guys are freaking pros,” Farudi said. “They keep you engaged, they keep you distracted, they’re chatting you up, they make you feel really comfortable.”

After walking him through the phony support process, the scammer asked Farudi to resync his mobile MetaMask wallet to his desktop wallet. When a QR code popped up on screen for him to scan on his phone, Farudi realized he was still sharing his screen. At that moment, he knew he had just been scammed.

“It was the most paralyzing, traumatizing feeling ever,” Farudi said. “Right when I did it, I realized it was also on their screen, and then I started refreshing my wallet, and I saw an ape gone, and another ape gone, and then I was like, ‘Oh my god.’”

Farudi lost roughly 250 ETH to the scammers — nearly $800,000 in digital goods and “priceless” art from World of Women, 0n1 Force, and Bored Ape Yacht Club.

Farudi has been involved in the crypto realm since 2018, so right after he noticed what was happening, he got on the phone with friends and reached out to OpenSea’s head of product, who locked down the stolen items. (OpenSea’s head of product Nate Chastain was recently accused of flipping NFTs expected to increase in value using insider information, according to reporting by The Verge).

What happened to Farudi has been happening to crypto newbies and veterans alike at an alarming pace, so much so that OpenSea recently implemented “an account verification system” within its Discord channels and an “SOS” button for when an account’s been compromised, while MetaMask disabled its QR code syncing feature.

Note that 97.5% of this money is going to collectors and creators.

We’ve implemented an account verification system in our Discord, we’ve also shared these stories with MetaMask – they removed the QR code syncing feature today@discord is also working on this with us

— Alex Atallah (@xanderatallah) August 25, 2021

We've spoken with the MetaMask team and they will be temporarily disabling the mobile QR code sync feature to defend against the phishing attacks that have become more prevalent in recent weeks.

— nate.eth (@natechastain) August 25, 2021

Better products or better DeFi education?

People rely on banks to make them whole if they ever become victims of a scam. Makes sense, right? This idea of financial security is baked into our culture. Yet, in cryptocurrency, there is no bank. There is no centralized figure to take your overdrafted account out of the red.

“NFTs and cryptocurrencies require some level of technical education and understanding, and not everybody has that,” said Fracassi, the UT Austin professor. “There are two ways to solve this: Make sure we educate people, and the alternative is to make products that are resistant to these kinds of hacks.”

One way to do this, Fracassi said, is for more marketplaces, exchanges and wallets to introduce a “multi-signature feature.” For example, say you are interested in buying something on the Ethereum blockchain, not only your signature would be required to do so, but so would that of your partners or the other custodian of your wallet.

Donnie Dinch, founder and CEO of Bitski, an NFT marketplace, agrees. “All wallets need to do two things: They need to protect the wallet owner from bad actors, which I think a lot of them do fairly well, and then most importantly, they need to protect wallet owners from themselves,” he said. But “wallet education” is still sorely lacking for NFT collectors, new and old.

“Wallets just don’t do a really good job of protecting users from themselves, and it’s not like an oversight, it’s sort of a philosophical way that these wallets are created,” Dinch said. “The reality is self-custody comes with quite a bit of responsibility, and so if you’re not willing to put in time as a user to understand that responsibility, there can be a lot of risk.”

“People don’t understand the ramifications, because up until the crypto wallet, everything on the internet was generally reversible via a support request,” he continued.

No easy answers

The answer on how to address the onslaught of scams varies depending on who you ask. Is it a customer support issue? A lack of education? Or does the answer truly lie in regulation? Getting rid of scams outright is impossible (we know that thanks to the current financial system), but how can a burgeoning industry like cryptocurrency rein in fraud while also getting people excited about DeFi’s possibilities?

Dinch believes providing support on third-party platforms like Discord is a “calculated risk” for NFT marketplaces like OpenSea, as well as for crypto exchanges.

“When you’re a project early on, having a Discord community is super helpful to get feedback on things that you’re doing — you have this sort of ongoing dialogue with your customer base that you’ve been able to sort of aggregate,” he said. “But then there comes sort of an inflection point where your community is getting so large that the idea of managing all of the small questions and feedback on Discord can be overwhelming, and that’s the point where you just need to make sure that all support requests move through a very specific channel.”

Fracassi, however, believes in order for cryptocurrency to be more broadly accepted, there has to be a more “regulated environment.”

“At some point, we need to rein the cryptocurrency into the regular financial system,” Fracassi said. “I think the institutions that are more connected with big corporations will benefit from regulation, but it’s going to make it a lot harder for startups to create innovative products.”

Reflecting back on his experience, Farudi sees where he went wrong in his interaction with the scammers. But he also sees where things can be made right.

“Because NFTs are attracting more and more people into the ecosystem, there needs to be a level from the crypto community of acceptance, that everything doesn’t have to be so anonymous, it doesn’t have to be so decentralized,” Farudi said. “The new people coming in are at such a disadvantage and the education gap is still so wide.

“The people coming in don’t care about decentralization, they care about safety and trust.”

Topics
Meira Gebel
Meira Gebel
Meira Gebel is a freelance reporter based in Portland. She writes about tech, social media, and internet culture for Digital…
Apps to help you start good habits and level up your life in 2022
xiaomi mi 10 pro review apps

Technology played a huge role in our lives in 2021. From healthcare to education, everything happened online through those tiny little icons on our screens. Now as 2022 inches closer, it’s time to rethink our relationship with those glowing, sometimes productive, sometimes distracting boxes. 
As you make your New Year's resolutions, think about how you can use technology to enhance rather than empty your life. For some, this might look like deleting unused, draining apps and for others, it might mean joining productive ones that will improve the quality of your life. 
Need some ideas? Here are the most common apps people are joining in 2022. 
Reading and audiobook apps: Kindle, Kobi, Audible, etc. 
As we’re operating in this information economy, the demand for accessible learning has shot up in recent years. Not everyone has access to in-person classes and libraries (especially during the pandemic), so e-books have played a huge role in filling those gaps. That’s why e-reading apps like Kindle, Kobi, and ePub Reader are in-demand. After all, if you’re going to spend a lot of time on your phone, might as well spend it doing something productive!
“I want to double my reading goal this year,” says Jessica Kats, e-commerce and retail expert at Soxy who spent the lockdown reading 20 books. 

Free reading apps have also helped reduce economic barriers to knowledge. “I have been a bibliophile since a young age, though a few financial constraints held me back from buying paperbacks for a long time,” says Andre Flynn, founder of gadnets.com. Now free reading apps are helping users like Andre access new information and fuel their passion for writing without spending a lot of money on physical books. 
Along with e-books, users are also dipping their toes in the world of audiobooks. People who don’t get a lot of time to sit down and read are consuming information through audiobooks, many of which are now freely available on apps like Audible (free trial), Audiobooks.com, LibriVox, and more. 
Language learning apps: Duolingo, Busuu, Memrise, etc. 
Learning a new language has dozens of benefits, so this new year, users are setting aside time to invest in language learning by installing apps like Duolingo, Busuu, Memrise, and others. 
“Instead of spending half an hour every night scrolling mindlessly through social media, I'm choosing to spend that half-hour learning a new(ish) language and strengthening my brain,” says Brian Donovan, CEO of TimeShatter.

Read more
This is the year 2022, according to old sci-fi movies
2022 predictions sci fi movies retro future nasa

One of the many repercussions of the global pandemic is that it has made planning for the future extremely tough. That tropical vacation you’re saving for this summer? Who knows whether you’ll be able to fly to that country at that time. That mid-January drink with buddies? Better hope nothing changes before then.

However, in the Before Times, science fiction was busy imagining what the world would look like, circa 2022. How accurate were their best efforts? While we've still got 12 full months for all the prophecies to come true, as the New Year commences we can start to assess the accuracy of five movies set in the once-far future world of 2022:
Soylent Green
Soylent Green (1973) Official Trailer - Charlton Heston, Edward G Robinson Movie HD

Read more
Smart home trends to look for in 2022
Astro Robot lifestyle image.

It's a brand-new year, and that means new and exciting innovations in the world of smart home technology. Although no one can say for sure what this year might hold for the ever-expanding industry, we can make a few educated guesses based on the direction it is currently headed, as well as with what we know from CES 2022 so far.
Autonomy and robots
Whether we're ready for it or not, it's clear that the biggest names in the smart home world are devoting a not-insignificant amount of time and research to household robots. While the idea of a semi-intelligent robot that can handle the cleaning around the house isn't unwelcome, it can also be a bit unsettling.

With that in mind, Amazon's Astro will likely see more widespread adoption, as will the Ring Always Home Cam. In 2020, Sunflower Labs launched The Bee, an autonomous home security drone for your yard. Samsung's JetBot AI+ might be a robot vacuum, but its built-in home security features make it closer to a home robot than many other devices on the market.

Read more