It is important to know how Bitcoin scams can be perpetrated so that you can identify them before they happen to you. The bottom line will always be, if something seems too good to be true or makes you uncomfortable at any time, walk away. Remember: Once you spend your Bitcoins – they are gone and you will have little recourse to get them back.
All of the major negative news surrounding Bitcoin have been the result of hacking and misplaced trust in people and/or their security posture. We beam with joy and exuberance knowing that the actual Bitcoin protocol has never been successfully compromised in its entire life!
You need to be cautious when trusting a 3rd party with your Bitcoins – If they are lax in their security, you may lose your Bitcoins and have no recourse to get them back. The old rule applies: Know your dealer – Ask your service providers to publish their general security postures and incident response protocols.
You need to maintain a high level of security with your own systems, computers, and phones as described in the Computer Security section. If you manage to get infected with malware that is Bitcoin aware, you stand a good chance to lose all your Bitcoins with no recourse to recover them.
You need to express extreme due diligence to identify the people you are dealing with when it comes to Bitcoin. It is too easy to pretend to be someone else on the Internet. When in doubt, use alternate established methods of communication (such as telephones, webcams, etc) to verify intent and status. This also helps in establishing forensic trails that may help Law Enforcement identify someone who has defrauded you.
One other technique you can use to verify a person’s authenticity is through PGP. This is a method of using cryptography and digital signatures to guarantee a high level of certainty that you are dealing with a particular individual and verify the integrity of message sent between you. It is beyond the scope of this site to teach you about PGP, but it is HIGHLY recommended you seek more information and attempt to learn just the fundamentals of how it works and how it can protect you in these kinds of circumstances. You will be able to find some informative resources on PGP in the Resource page.
Altered Bitcoin Addresses
It is important to verify a Bitcoin address before sending any Bitcoins to it. When a Bitcoin address is viewed over an insecure protocol such as email or http, it can be altered to the attacker’s Bitcoin address – effectively stealing the Bitcoins in transit. To counter this, you should try to retrieve a Bitcoin address over a secure connection like https. Alternatively, you could use the previously discussed PGP technology to verify a message’s (Bitcoin address) integrity if it was prepared appropriately.
One of the first scams surrounding Bitcoin involved Chargebacks. This is when a credit card processor would reverse a charge based on a report of fraud or similar cause. As an example, Eve would purchase Bitcoins from Bob via Paypal. Bob would receive the money from Paypal and send the requested amount of Bitcoins to Eve. Eve would then call Paypal and claim fraud or non-delievery and Paypal would reverse Bob’s transaction and remove the money from his account. Bob was now out the Bitcoins and the money. Do not ever sell Bitcoins to anyone with anything other than cash in a face-to-face encounter.