Blockchain analysis firm Chainalysis estimates that scammers and cybercriminals stole $7.7 billion in cryptocurrencies in 2021, an increase of 81% over losses in that year.
According to the report, $1.1 billion of the $7.7 billion in losses was ascribed to a single scam that reportedly targeted Russia and Ukraine.
“As the largest form of cryptocurrency-based crime and one uniquely targeted toward new users, scamming poses one of the biggest threats to cryptocurrency’s continued adoption,” said Chainalysis.
Deposits made to scam addresses dropped from just under 10.7 million to just over 4.1 million, which could indicate fewer individual scam victims – but they are losing more.
“Rug Pulls” Cryptocurrency Scams
Rug pulls, where inventors of a new cryptocurrency disappear and grab supporters’ funds, were a key driver of escalating cryptocurrency losses in 2021. Rug pulls generated 37% of all bitcoin scam revenue in 2021, $2.8 billion, up from 1% in 2020.
“Rug pulls are prevalent in DeFi because with the right technical know-how, it’s cheap and easy to create new tokens on the Ethereum blockchain or others and get them listed on decentralized exchanges (DEXes) without a code audit,” it warned.
“While total scam revenue increased significantly in 2021, it stayed flat if we remove rug pulls and limit our analysis to investment scams–even with the emergence of Finiko,” Chainanalysis noted.
Changes in the characteristics of investment scam networks According to Chainaylsis, the number of active financial scams increased from 2,052 in 2020 to 3,300 in 2021, but their average longevity reduced from nearly 500 days in 2016 to 291 days in 2020.
“Previously, these scams may have been able to continue operating for longer. As scammers become aware of these actions, they may feel more pressure to close up shop before drawing the attention of regulators and law enforcement,” it said.
Even if the value of prominent cryptocurrencies like Ethereum and Bitcoin has increased in recent years, scams have also increased in tandem.
An important lesson to be learned from Chainanalysis’ report preview is to steer clear of new tokens that haven’t had their source code audited. If a third-party firm verifies that a smart contract’s governance rules are “iron-clad” and “contain no mechanisms which would enable for the developers to make off with investors’ funds,” it is a process known as an audit.
The authenticity of a project can be assured if investors are aware of tokens that do not have any publicly available information about the project. There is a wide range of white papers, websites, and tokens generated by individuals without using their true names.