The most lucrative ETH scams, top-to-bottom.

Scams in the cryptocurrency world run rampant. Reported scams on tracking site EtherscamDB total more than 38,179 ETH (~$23 million) which have been taken from users. And this is only what we can trace!

  • Fake MyEtherWallets/MyCryptos: $7.57 million
  • Fake ICOs: $4.5 million
  • The word “give”: $1.48 million
  • Punycode lookalike domains: $507,000
  • Fake exchanges: $502,000
  • The word “gift”: $459,000
  • Elon Musk scams: $32,000
  • TOTAL: $23 million

This data can be queried on dirtyeth.com, an engine I made to calculate how much scams have stolen.


Scams today are so effective that even when someone like Vitalik Buterin adds “Not giving away ETH” to his display name, scammers still copy his profile pic and display name (containing those very words) and claim to be giving away ETH!

Fake Vitalik Buterin responding to a real tweet by Vitalik Buterin

Why are these scammers so resilient? Hopefully, this post answers that for you. We’ll explore:

  1. How much are these scams making?
  2. What are the most successful themes in scams?
  3. What trends are we seeing?

Note: methodology for my calculations, as well as caveats (some scams “seed” their scam addresses with phony transactions), are described in full as comments to this post. Jump down there if you’re interested!

Fake MyEtherWallets/MyCryptos - $7.57 million

“These scams won’t stop until they stop being so effective, and they won’t stop being effective until the cryptocurrency industry collectively learns to not fall for them.” — Jordan Spence, MyCrypto

The data below reflect all scams listed on EtherscamDB that posed as a fake MyEtherWallet site with at least one known Ethereum address.

This has scammed at least: $7.57 million (12,630 ETH)

MyEtherWallet scams with known addresses

The Word “Give” — $1.48 million

A “giveaway” is enticing, and one of the most common scams in the Ethereum space. The scam prompts the user to send a small amount of ETH to a destination address with the promise of receiving a much larger amount in return.

As an “Aha!” moment, you’ll notice each Largest Victim entry is relatively low compared to that scam’s Total Scammed value. Why? Because these phony giveaways explicitly ask for small amounts of ETH in exchange for a larger return. They work on quantity, not quality.

This has scammed at least: $1.48 million (2,482 ETH)

Truncated output related to scams using the word “give” — the full list is twice as long!

The Word “Gift” — $459,000

Give vs. gift — which one is more meaningful?

It’s hard to say for sure, as our data rely on what users report most often, and what addresses we know about. Give seems to be more common, though, with 103 entries to gift’s 43.

This has scammed at least: $459,000 (765 ETH)

Scams using the word “gift”

Punycode Domains — $507,000

“When we look at all the collective data that people have reported via EtherScamDB, we can see how nuts it is… The next step is to determine how to stop these scams? What tools can we build that help prevent people from losing funds?” — Taylor Monahan, MyCrypto

Browsers support displaying character encodings beyond the English alphabet you’re used to seeing. “Punycode” allows attackers to purchase domain names containing these alternate encodings using only ASCII characters. For example:

Alternate-encoded domain name

The subtle discrepancies in the “e”s might go unnoticed, and the TLS “Secure” icon would only serve to further trick a user.

The ASCII character set does not deal with these symbols, so to represent these alternate encodings in ASCII, you would use an ASCII Compatible Encoding (ACE) prefix of “xn- -”. This tells the computing world to treat the text not as ASCII, but as an alternate encoding to render to the user.

These are all the Punycode domains reported on EtherscamDB.

This has scammed at least: $507,000 (845 ETH)

domains scamming 845.61 ETH

Exchanges — $502,000

Spoofing cryptocurrency exchanges is a popular way to convince users to send ETH or give up their private keys.

No exchange is immune, so below is a list of all exchange-related scams listed on EtherscamDB with at least one known address.

This has scammed at least: $502,000 (838 ETH)

Exchange-related scams

Fake ICOs — $4.5 million

At the time of this writing, Etherscan says there are 92,945 ERC20 token contracts deployed on mainnet. And that’s only ERC20 — that doesn’t include any of the more recent standards.

Many of these token contracts had a token sale associated with them. If they gained even a modest amount of traction, scammers certainly tried to spoof them.

This has scammed at least: $4.5 million (7,513 ETH)

EtherscamDB

We can break down the data into specific token sales, too. One example (not pictured in the truncated output above) is Telegram.

Telegram — $75,600

Telegram had an ICO planned which created plenty of excitement in the crypto space. Naturally, scammers took notice.

This has scammed at least: $75,600 (126 ETH)

Fake Telegram ICOs

Celebrities

Besides institutions, scammers impersonate high-profile individuals.

Elon Musk

For whatever reason, Elon Musk has become a popular target to impersonate for Ethereum scammers.

This has scammed at least: $32,000 (54 ETH)

Elon Musk related scams

Total — $23 million

Take all the scams reported on EtherscamDB with confirmed addresses associated with them, de-dupe any aliased scams, and sum all incoming transaction history to their addresses. That’s a total of about $23 million (38,179 ETH) going to these scams.

And these are just the scams we can trace! Thousands exist on EtherscamDB without any confirmed addresses tied to them. Thousands more exist that have never been reported!

dirtyeth.com will remain up so you can track these scams yourself, and find your own patterns.


If you enjoyed this post, follow my Twitter. I post content like this there.