Cryptocurrency Fraud

Cryptocurrency is a decentralized digital asset and designed to use cryptography to secure financial transactions. The difference between a decentralized (e.g., Bitcoin) and a centralized medium of exchange (e.g., US Dollar, Euro) is that the former has no one controlling it. The US Dollar, for example, has a supply that is controlled by the U.S. central bank who can increase or decrease the supply.

A decentralized currency relies on its users and the coin’s scarcity to influence its market price through supply and demand. With cryptocurrencies, demand for a coin supports the coin’s price (the law of demand).  Higher demand for a coin leads to higher prices. Price not only depends on the level of demand but also the supply of the coin. The supply of Bitcoin, for example, is essentially fixed.

Prices of cryptos are very volatile, making the economics of cryptos as a store of value doubtful.  For example, the price of Bitcoin jumped 54% from July 20 to August 10, 2021. Its price has fallen rapidly, too. 

The market for crypto is very large and growing. In only a year from August 2020 to August 2021, the number of cryptocurrencies jumped from 6,000 coins to 11,000. As of August 2021, Tesla, Square, and MicroStrategy are among the companies that added Bitcoin to their balance sheets.  Additionally, Morgan Stanley, BNY Mellon, Fidelity, and Mastercard are among the financial institutions offering Bitcoin services.

For those who own cryptocurrency, there is a chance, if not paying attention, that you will find yourself a victim of crypto fraud. The largest form of fraud occurs when a cryptocurrency exchange is hacked and the cryptocurrency being stored at the exchange is stolen. A well-known example is Mt. Gox, which was the world’s largest Bitcoin exchange. Mt. Gox stated that they had lost nearly 850,000 Bitcoins, worth around $470 million at the time when their crypto-mining platform was hacked.[1] Mt. Gox declared bankruptcy in February 2014. Online theft at cryptocurrency exchanges is a serious threat. People having an exchange hold their assets likely face a risk of loss.

A way to protect oneself is to store cryptocurrencies offline in an electronic hard wallet. Hardware wallets are believed to be immune to computer viruses. Various kinds of hardware wallets exist. Examples include KeepKey (large size), Nano Ledger S (medium size), and Trezor (small size).  Such hard wallets, however, require the device to be kept safe and not lost. If the hard wallet is lost, the coins are lost---probably forever.

Another source of cryptocurrency fraud is through ICOs.  ICO is Initial Coin Offering.  ICOs have tokens created and sold by a start-up company to fund its new business rather than financing in conventional ways such as bank borrowing and selling shares of stock.  Investors in the start-up receive crypto-tokens rather than shares of stock hoping they will increase in value.  This kind of activity is a big opportunity for fraudsters to launch a fake ICO company where unsuspecting investors receive worthless tokens and the company founders run off with the money. A famous example is PonziCoin, a 2014 scheme. People invested in this cryptocurrency despite its suspicious name and the ICO fraudsters ran off with the money.  In 2017, Rishab Hegde created a cryptocurrency and also named it PonziCoin. What was unique about this PonziCoin was its founder openly said on his website that it was a Ponzi scheme.  Nevertheless, many investors bought the cryptocurrency despite being warned it was a scam.  In January 2018, Hegde closed the operation without returning any money to the investors and has not faced any criminal charges. Other recent examples of scam ICOs are Bitconnect, OneCoin, Plexcoin, Centra Tech, and Pincoin, and iFan.[2]  

There are many examples of fake ICOs and fake platforms. It is important for buyers of cryptocurrencies to educate themselves, use well-known platforms, and watch for red flags such as promises of high returns and pyramid-like schemes.  Prospective investors in ICOs should research the project they are about to fund. Such research could include:[3]

  • Reading the firm’s white papers and assess whether the idea makes sense.  
  • Researching the management team.
  • Making sure the sale of coins or tokens is registered with the U.S. Securities and Exchange Commission (SEC).
  • Making sure the professionals and the firm offering the coins are licensed.

There is a common belief that Bitcoin, with the largest market value of the cryptocurrencies, is used mostly for illicit finance. While the absolute dollar amount of illicit finance is large, the proportion of bad actors to all users of Bitcoin is likely very low. Intrinsically, Bitcoin is not evil. Like cash, it is used for both good (mostly) and bad. The traditional banking system and cash are likely used more by bad actors than Bitcoin.

Laws and regulators are slowly catching up with the rapid changes in crypto. Several federal and international agencies are regulating cryptocurrencies.  US and international agencies overseeing cryptocurrency use include FinCEN (USA), CFTC (USA), OCC (USA), and FATF. 

On forensics of cryptocurrency transactions, there are two general ways to conduct investigations of potential fraudulent crypto activities:  technology- and non-technology-based techniques. Technology-based forensics are complicated and almost certainly require an expert.  Non-technology methods of investigations include:

  • Oral evidence (interrogations, interviews, and depositions)
  • Records evidence (documents such as tax return documents, financial account statements, and credit card statements)
  • Physical searches for crypto wallets (seizure, court order, discovery process)
    • Finding a software wallet such as an app on a phone or computer
    • Finding a hardware wallet—a physical device
    • Finding notes with passwords or ‘keys’ and reports of transactions
    • Finding QR codes on paper or a device
  • Physical searches of devices for internet history including gambling sites and coin exchange name searches. 

For information and assistance, SEC created, a website to educate people about investments and fraud. In addition to SEC, more information can be found in the Financial Industry Regulatory Authority (FINRA) and the North American Securities Administrators Association (NASAA).


[1] Pollock, D. (2018, March 08). The Mess That Was Mt. Gox: Four Years On. Cointelegraph. Retrieved November 20, 2018, from
[2] Jenkinson, G. (2018, April 18). Unpacking the 5 Biggest Cryptocurrency Scams. Cointelegraph.  Retrieved November 7, 2018, from
[3] SEC’s (2017, July 25).  Investor Bulletin: Initial Coin Offerings. Retrieved November 20, 2018, from