Scammers have taken advantage of the cryptocurrency market, where fortunes are made or lost within seconds. Fake crypto wallets are one common type of scam in this area. They present themselves as applications and webpages that lure users into exposing their private keys, thereby giving these hackers an entry point to their Bitcoins.
Now let’s take a closer look at this article.
What is a crypto wallet?
It’s like a safe where you keep your cryptocurrencies, such as Bitcoin, Ethereum, BNB, or Cardano.
There are two types of wallets, one are soft wallets and some are hardware wallets. You might have heard about the Trezor One and the Ledger Nano S as best hardware wallets.
A hardware wallet is like a physical device, say a USB stick, that keeps the keys (codes used to access and use your crypto). It works as an ultra-secure vault for your digital money.
When using a hardware wallet, it is like putting money in a real safe at home. This is because keys are not on any network, which makes it difficult for hackers to reach them. Therefore, even if someone gets hold of your hardware wallet by chance or theft, they will not be able to use it without a special password or code.
However, one thing should be known when dealing with these devices. Though most of them are very secure, some can link with applications too. Still, there are wallets that are just in the form of phone or computer apps.
The reason why this could be complicated is due to different types and brands, such as Trezor, which may not have official apps on platforms such as Apple’s App Store.
The second ones are software wallets, where you use someone else services to store you crypto. That’s how we all store our crypto coins.
These wallets work like decentralized platforms where you have control over your seed or key phrase and passwords to access your accounts.
Once you lost these passwords, you lost everything.
The best examples that you must already know are Coinbase Wallet, MetaMask, Crypto.com DeFi Wallet and Trust Wallet.
Understanding Fake Crypto Wallets
As we discussed there are some legitimate software wallets where we all keep our crypto coins. But here is the problem.
Not all wallets are real and safe.
Yes, there are many fake crypto wallets that are used to scam cryptocurrency holders.
Fake Bitcoin wallets look exactly like real crypto storage solutions, with similar appearances and operations as popular wallets.
They may even have a live wallet address and balance that work. Nonetheless, these platforms are mere mockeries that are solely aimed at deception and stealing.
“One of the worst malware scams is a phony crypto wallet,” says Martin Leinweber, a digital asset product strategist at MarketVector Indexes. “Thieves employ it to compromise a computer and eventually access the victim’s private key or password.”
So here is the advice to avoid scams, use only top exchanges and wallets with a long user history and good reviews.
“Any wallet website trying to look like a well-known brand should be ignored as a scam,” he adds.
Scammers frequently set up fake Bitcoin or cryptocurrency wallets.
On one hand, the wallet will often try to look like a genuine crypto wallet, complete with a similar logo.
On the other hand, at times, they can create a new name for an app that looks very similar to one of the popular wallets that people use for crypto.
They can even establish their name with real services at early stages and then scam crypto holders.
In most cases, the fraudsters also feature this counterfeit Bitcoin wallet in combination with an imitation website and/or social media group on platforms like WhatsApp or Telegram.
Sometimes the website may be made to look more like a crypto exchange/trading platform, or sometimes even a cloud mining platform.
Similarly, the social media application will be filled up with other swindlers or bots posting how they get rich fast through investing in cryptocurrency.
Combining all these elements with emails and phone calls from scammers enables them to defraud as much money as possible from their victims.
Types of Fake Bitcoin Wallets:
Various types of fake Bitcoin wallets can put your funds at risk as a crypto beginner:
- Software Wallets: These are designed to trick users into downloading malicious software onto their devices. They appear on app stores or websites looking like reputable wallets, but they actually aim to steal your private keys and funds.
- Hardware Wallets: A counterfeit hardware wallet sometimes appears as the real thing, but in reality, it comprises compromised security features or no security features at all. This type of device puts your cryptocurrencies in danger when you buy them.
- Phishing Sites: Sometimes scammers create web wallets that seem similar to popular web-based wallets. They do this with the hope of making unsuspecting people reveal their sensitive details, like seed phrases and private keys.
- Fake Mobile Apps: A few con artists design fake mobile apps that impersonate genuine cryptocurrency wallet apps and are available in the Google Play Store or Apple App Store. The names of these wallets look similar to those of popular wallets, making them vulnerable to being downloaded by users unknowingly, risking their finances.
- Browser Extensions: Wallet services can also be in the form of browser extensions that are Trojan horses for convenient and easy use, while they are actually spying on you and gathering your data.
Real-world examples:
A few phony cryptocurrency wallet apps target users of iOS and Android. This is because these malware programs copy well-known digital money applications that a majority of blockchain investors use worldwide.
ESET, an internet security company from Slovakia, was the first firm to spot these malicious crypto wallet applications on both Android and iOS phones.
ESET discovered the fake crypto wallets in May 2021. Upon learning about this malware, ESET concluded that one hacking team had orchestrated this large-scale fraud.
Similarly, according to Tech Radar’s latest report, these recently discovered malicious mobile apps are pretending to be Coinbase, Metamask, Trust Wallet, imToken, OneKey, TokenPocket, and BitPie.
This is not the first time crypto wallet apps have been replicated by hackers and other internet criminals. Earlier on, Trend Micro reported that up to 400 fake crypto wallet apps stole about $4.3 million worth of digital currency.
These vicious applications spoof SMS or email messages, mimicking legitimate cryptocurrency wallet firms. However, the ones found by ESET are way off what others have done, making them more concerning.
According to ESET, the latest malicious crypto wallet apps have managed to mimic official advertisements often used by Coinbase and other genuine blockchain wallet businesses.
Moreover, they use fake posts to promote scam sites.
Facebook and Telegram are platforms for this kind of practice, as reported by the security company. The newest rip-off discovered by ESET demonstrates that there are increasing numbers of bad actors in the blockchain industry.
For example, on May 29, 2021, someone contacted imToken and told them that after searching “imToken” on Baidu (a popular Chinese search engine) and clicking on a fake website, they lost their digital fortune (in US dollars worth) from their wallet. This is when they got them to download a bogus wallet app, which led to an immediate loss of their money.
This forced imToken to investigate further, and it turned out that scammers also paid Baidu so that their site appears on top whenever people are searching for popular wallets like MetaMask, Mathwallet, TokenPocket, or imToken, among others. In essence, every time one tried looking up these actual wallet names online, all he/she would find were bogus pages aimed at theft.
How to tell when a Bitcoin wallet is fake or not?
Sometimes it may be hard for you to realize that a bitcoin wallet is fake when you are new to the world of cryptocurrencies.
A counterfeit app can resemble a genuine one and trick naïve investors.
They will set up the wallet on behalf of the ‘investor’ and control the balances, even though these are all fakes.
The only thing that hackers want is your “mnemonic phrase.”
All these fake applications and sites basically operate using the same method as discovered during an extensive analysis of various samples by Trend Micro’s Threat Research team: they steal victims’ mnemonic phrases, thereby allowing scammers to gain access to their digital currency wallets as well as transfer all cryptocurrency from victims’ accounts.
Your funds will be taken over by them either way and quickly transferred to other wallets owned by fraudsters.
How to avoid these fake crypto wallets?
There are a few red flags to be vigilant for so as to avoid this and the next such crypto wallet scam.
To protect digital currencies, one should keep them in a hardware wallet such as the Ledger Nano or a hot wallet with the seed phrase hidden from view.
In fact, even reputable crypto trading platforms can serve as alternatives if they are known to be genuine
One more thing, make sure that you only download wallets from official sources. Many of these imitate true wallets, so people need to be wary of them.
Then, check out the design and user interface of the wallet. A well-designed wallet is easy to use for any person using it. If it is inelegant or confusing, beware.
Lastly, before downloading a wallet, read what other people say about it online. There are several reputable websites that review cryptocurrency wallets and exchanges. Through reading these reviews, you may find out about any suspicious issues that you might have missed otherwise.
All this will help you understand whether the crypto wallet is legitimate or not. And this way you can avoid these fake crypto wallets.