If you have heard of crypto, there is a good chance that you have heard of DeFi. Sadly, most people are clueless as to what either of those terms actually mean. A lack of awareness and knowledge about DeFi combined with the hype surrounding blockchain and crypto form a dangerous mix that leaves the average consumer susceptible to falling victim to DeFi scams. Read on to know what DeFi is and how you can avoid getting trapped in a DeFi Scam.
DeFi stands for ‘Decentralized Finance’ and as the name suggests, it is a technology that uses blockchain ledgers to enable financial services. Thereby, DeFi eliminates the control that banks and institutions have on money, financial products, and financial services. It allows faster and cheaper cryptocurrency transactions globally without a finance firm, credit check, or loan officer in the middle.
The centralized financial system is full of third parties who charge each other fees for facilitating the movement of money. DeFi gets rid of these intermediaries by allowing people, merchants, and businesses to conduct financial transactions on the blockchain. This is made possible by peer-to-peer (P2P) financial networks that use security protocols, connectivity, software, and hardware advancements. In a P2P DeFi transaction, two parties agree to exchange cryptocurrency for goods or services.
All a person requires to access the Decentralized Finance system is an internet connection and funds can be transferred in seconds. This same ease is what leaves people open to some common DeFi scams. Research showed that losses from DeFi Fraud and Theft reached $10.5 Billion in 2021.
DeFi enables everything that can be done in the legacy banking system, such as lending, borrowing, trading, saving and investing without the need for third parties. In a peer-to-peer environment, there is no central financial institution overseeing the transactions and carrying out checks such as Know Your Customers (KYC) verification requiring documents like photo ID, address validation, banking information, or social insurance numbers. Therefore, if you are scammed out of your crypto, there is no central authority that can reverse the transaction, investigate the scam or report to a regulatory body. There is no way to find out who stole your funds either as the transactions are virtually anonymous.
Rug Pulls are a menace in the crypto altcoin (alternative cryptocurrency) market. All scammers have to do is create an altcoin and distribute it to a few investors or developers. Social media hype is then created for the coin with the help of influencers who promote these coins for a fee without doing any background checks regarding the legitimacy of the coin. Followers of the influencers who invest in the coin end up losing all their money as the value of the altcoin rapidly dips soon after the promotions go live.
This is because the majority holders of the coin who held the coin before it is offered publicly collude to sell off the coins. Once the general public buys into the scheme and the value shoots up, the scammers ‘pull the rug’ from under them by selling off their crypto. As a result, anyone who bought into the project is left with worthless coins.
Smart contracts are programs stored on a blockchain that run when certain conditions are met. A smart contract scam is similar to a rug pull scam, except that the scam is embedded into the code of the smart contract itself. The benefit of smart contract over a regular program is that the source code is fully open source and uneditable, but you can still view the source code.
A legitimate token will not charge fees or will charge fixed values that can’t be adjusted later by the developer. An unscrupulous developer can write the code in such a way that a hidden fee is charged and the value of this fee can be changed later. Therefore, the scam occurs when users are charged exorbitant buy and sell fees.
Other types of smart contract scams such as hidden mint capabilities allow developers to create more coins and even control who is allowed to sell. For example, the code can be written so that no one would be able to sell in the beginning and then only one or two addresses (belonging to the scammers) are allowed to sell. All other holders are left with coins that they cannot sell.
Not all smart contract scams occur due to deliberate intent. The smart contract could simply be coded badly and contains loopholes that can be exploited by hackers. The below examples by Checkpoint Research demonstrate such smart contract vulnerabilities:
Levyathan is a legitimate contract that got hacked. It used a MasterChef contract as its owner and transfers to this contract the ownership as can be seen in the transactions. In this situation, one of the developers of the contract uploaded mistakenly the MasterChef contract private key to the GitHub repo of the project. The hacker got access to the key and minted millions of tokens.
In the example of THE ZENON NETWORK, there was a mistake of not limiting an important function from unauthorized access which led to a disaster, allowing the hackers to steal $814,570.
Phishing methods have become increasingly sophisticated over the years and scammers now also target crypto wallets in attempts to steal funds. DeFi phishing scams are usually conducted via email by scammers pretending to be representatives from a trading platform or protocol. A scammer will falsely claim that there is an issue, such as the account being compromised.
They will request sensitive information to gain account access. Such tactics can include asking for wallet addresses and passwords, or demanding the victim transfer the funds to a different wallet (the scammer’s) for ‘safety’.
Keep the below points in mind to ensure that you are safe while using DeFi services:
And lastly, if you do not really understand how Decentralized Finance systems work, do not invest in them.
Have you fallen for a hoax, bought a fake product? Report the site and warn others!
As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu
So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking. If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller. The condition of the item was misrepresented on the product page. This could be the