Over the last decade, cryptocurrency has become a part of our everyday lives. Even if we do not use it, someone we know does, and we can read about it everywhere. As a response to its growing popularity, cryptocurrency exchanges have popped up where people can trade different cryptocurrencies or cryptocurrencies for fiat. But these sites are prone to problems, much like those that also deal with fiat currency. These can include different kinds of fraud, hacking, and other kinds of illegal activity to the detriment of operators and users alike.
Crypto vs fiat
Cryptocurrency is a digital currency registered on the blockchain through cryptography rather than by a central authority such as a bank. These cryptocurrencies, such as bitcoin, ether, and ripple, are designed to function as units of exchange or payment, and they can be bought, sold, traded, and exchanged by the holder. Once each transaction is enacted, it is registered in a block on the blockchain, and it cannot be edited, deleted, or tampered with in any way, thus making it more accountable and traceable than many other forms of payment.
Fiat currency is the traditional currency we know and love, such as the pound, dollar, and euro. They exist both digitally (but backed up physically) and in physical form and are controlled and issued by each country’s central bank. However, some countries are now looking at developing digital currencies that are tied to their fiat currencies, for example, the digital dollar. Learn more about the value of cryptocurrency versus fiat here.
Crypto exchanges vs. fiat exchanges
There are several different kinds of exchanges. The first is a fiat currency exchange where users trade fiat for fiat, for example, pounds for dollars. The second is a cryptocurrency exchange like Binance where different cryptocurrencies, such as bitcoin for ether, can be traded.
The final is a fiat-crypto exchange which facilitates fiat, crypto, and fiat-crypto-fiat exchanges or trades, depending on the client’s needs. In all circumstances, the exchange should be regulated and in line with the laws of where it is trading and of where its target market is based. Aside from this, some risks should be taken into account, particularly those that impact cryptocurrency exchanges.
Risks for crypto exchanges
AML fraud, illicit funds are illegally channeled through a legitimate company such as a cryptocurrency exchange. Money generated from activities like drug trafficking, corruption, or tax evasion needs to be cleaned to be introduced into the legitimate banking sector, with no questions asked. Exchanges are common targets for money laundering, particularly those using cryptocurrency. Illegal funds can be transferred to crypto-fiat or fiat-crypto and then withdrawn from the site, making them look legitimate and ‘clean.’
It is often a legal requirement for companies to have measures in place to protect themselves against being used for money laundering, but criminals can still sometimes get the upper hand. Thankfully, there are lots of different solutions that companies can employ to deal with aml fraud. These can vary from digital tools integrated into operations to extensive cybersecurity training of staff and team members to help them identify suspicious behavior, even before it happens.
Phishing is where a criminal poses as a representative of your business and attempts to trick your consumer into handing over sensitive information, making a payment, or giving them account access. For example, a criminal could draft an email that looks like it is coming from your exchange, asking them to confirm their password via email. The consumer would send the password and give the criminal access to their account.
Other phishing scams can include links being sent that direct the consumer to an official site where they may make payments, transfer, or update information, but which are imposter sites. Once the data has been handed over, users can be relieved of funds and information which can be misused in multiple ways.
Account takeover is where the legitimate account owner has their account taken off them by an unauthorized third party who then uses it without their permission. The account can be accessed in various ways, for example, phishing, brute force hacking, and through the buying of details on the dark web. Once they have gained access to the account, the criminal will then change crucial data such as the password or email address, thus locking the original owner out.
The account is often used to buy, sell, trade, or withdraw currency to the detriment of the original account owner. A recent example of an account takeover is when someone hijacked the Twitter account of the boss of Amazon and the wealthiest man in the world, Jeff Bezos. They tweeted that people should send bitcoin to a specific address, and he would match the amount and donate it all to charity, which was, of course, a scam.
Many individuals and groups are capable of hacking cryptocurrency and fiat exchanges through the operator’s back end. For example, they could target the database or customer management system, entering it through brute force and then accessing sensitive information. They could download customer details, account numbers, passwords, and payment details, or they could delete vast swathes of data, causing significant damage to the company. It can also happen to governments; for example, in Albania, between July and September 2022, hackers gained access to government systems. They published lists of wanted suspects, the movements of senior officials in and out of the country, and personal data relating to citizens.
Pump and dump
Pump and dump is a kind of fraud used in the securities sector and can be applied to cryptocurrency exchanges. It is where the price of an asset or currency is artificially inflated through false positive news or hype, triggering people to buy it at a higher price. This generates a higher level of income for those who are selling it. Then once the asset has been sold off, the price falls, and investors lose their money. This kind of fraud is all too common with small-cap cryptocurrencies, as it is easier to control their markets. One example is that of Cryptobontix which the SEC accused of such practices in September 2022.
With every innovation, regardless of sector, there can be issues. If issues can’t be solved, one of the best ways you can defend against dangers is to have awareness. The world of crypto is different.