A breakdown of the most destructive scams in Ethereum

Statistics provided by EtherscamDB.info

This article was originally written by Brandon Arvanaghi of Bloom, and it can be viewed here. With Brandon’s permission, we’re posting it on our Medium as well.


Scams in the cryptocurrency world run rampant. Reported scams on tracking site EtherscamDB total more than 38,179 ETH (~$23 million) which have been taken from users. And this is only what we can trace!

  • Fake MEW/MyCrypto sites: $7.57 million
  • Fake ICOs: $4.5 million
  • The word “give”: $1.48 million
  • Punycode lookalike domains: $507,000
  • Fake exchanges: $502,000
  • The word “gift”: $459,000
  • Elon Musk scams: $32,000
  • TOTAL: $23 million

This data can be queried on dirtyeth.com, an engine Brandon made to calculate how much scams have stolen.


Scams today are so effective that even when someone like Vitalik Buterin adds “Not giving away ETH” to his display name, scammers still copy his profile pic and display name (containing those very words) and claim to be giving away ETH.

Fake Vitalik Buterin responding to a real tweet by Vitalik Buterin

Why are these scammers so resilient? Hopefully, this post answers that for you. We’ll explore:

  1. How much are these scams making?
  2. What are the most successful themes in scams?
  3. What trends are we seeing?

Note: methodology for Brandon’s calculations, as well as caveats (some scams “seed” their scam addresses with phony transactions), are described in full as comments to this post. Jump down there if you’re interested!

Fake MyEtherWallet/MyCrypto Sites — $7.57 million

The data below reflect all scams listed on EtherscamDB that posed as a fake MyEtherWallet site with at least one known Ethereum address.

This has scammed at least: $7.57 million (12,630 ETH)

MyEtherWallet scams with known addresses

The Word “Give” — $1.48 million

A “giveaway” is enticing, and one of the most common scams in the Ethereum space. The scam prompts the user to send a small amount of ETH to a destination address with the promise of receiving a much larger amount in return.

As an “Aha!” moment, you’ll notice each Largest Victim entry is relatively low compared to that scam’s Total Scammed value. Why? Because these phony giveaways explicitly ask for small amounts of ETH in exchange for a larger return. They work on quantity, not quality.

This has scammed at least: $1.48 million (2,482 ETH)

Truncated output related to scams using the word “give” — the full list is twice as long!

The Word “Gift” — $459,000

Give vs. gift — which one is more meaningful?

It’s hard to say for sure, as our data rely on what users report most often, and what addresses we know about. Give seems to be more common, though, with 103 entries to gift’s 43.

This has scammed at least: $459,000 (765 ETH)

Scams using the word “gift”

Punycode Domains — $507,000

Browsers support displaying character encodings beyond the English alphabet you’re used to seeing. “Punycode” allows attackers to purchase domain names containing these alternate encodings using only ASCII characters. For example:

Alternate-encoded domain name

The subtle discrepancies in the “e”s might go unnoticed, and the TLS “Secure” icon would only serve to further trick a user.

The ASCII character set does not deal with these symbols, so to represent these alternate encodings in ASCII, you would use an ASCII Compatible Encoding (ACE) prefix of “xn- -”. This tells the computing world to treat the text not as ASCII, but as an alternate encoding to render to the user.

These are all the Punycode domains reported on EtherscamDB.

This has scammed at least: $507,000 (845 ETH)

Punycode domains scamming 845.61 ETH

Exchanges — $502,000

Spoofing cryptocurrency exchanges is a popular way to convince users to send ETH or give up their private keys.

No exchange is immune, so below is a list of all exchange-related scams listed on EtherscamDB with at least one known address.

This has scammed at least: $502,000 (838 ETH)

Exchange-related scams

Fake ICOs — $4.5 million

At the time of this writing, Etherscan says there are 92,945 ERC20 token contracts deployed on mainnet. And that’s only ERC20 — that doesn’t include any of the more recent standards.

Many of these token contracts had a token sale associated with them. If they gained even a modest amount of traction, scammers certainly tried to spoof them.

This has scammed at least: $4.5 million (7,513 ETH)

Truncated output of top token sale scams on EtherscamDB

We can break down the data into specific token sales, too. One example (not pictured in the truncated output above) is Telegram.

Telegram — $75,600

Telegram had an ICO planned which created plenty of excitement in the crypto space. Naturally, scammers took notice.

This has scammed at least: $75,600 (126 ETH)

Fake Telegram ICOs

Celebrities

Besides institutions, scammers impersonate high-profile individuals.

Elon Musk

For whatever reason, Elon Musk has become a popular target to impersonate for Ethereum scammers.

This has scammed at least: $32,000 (54 ETH)

Elon Musk related scams

Total — $23 million

Take all the scams reported on EtherscamDB with confirmed addresses associated with them, de-dupe any aliased scams, and sum all incoming transaction history to their addresses. That’s a total of about $23 million (38,179 ETH) going to these scams.

And these are just the scams we can trace! Thousands exist on EtherscamDB without any confirmed addresses tied to them. Thousands more exist that have never been reported!

dirtyeth.com will remain up so you can track these scams yourself, and find your own patterns.

How To Protect Yourself And Others

Scams will continue to evolve and change in order to trick you. While getting a hardware wallet and installing extensions will protect you against the phishing scams, it won’t stop you from voluntarily sending ETH to a fake ICO or giveaway scam. It is up to you to do your due diligence, invest responsibly, and be mindful about what and who you are sending to. Double check all information before sending and ask questions.

Remember the adage: “If it’s too good to be true, it probably is.”

Additionally, if something seems overly urgent, ask yourself why. These scammers will play on your fears, your fear of missing out, and your desire to get rich quick in order to fool you.

If you see a scam, please take a brief moment to report the URL, address, or both. This helps us continue to build our blacklist and potentially save future victims.


Thank you to Brandon for both writing the original article and allowing us to host it on the MyCrypto Medium account. If you enjoyed this post, follow Brandon’s Twitter!