Surely it is a sign of the times when Kim Kardashian pumps an investment opportunity for EthereumMax to her hundreds of millions of followers on Instagram. Guess who came knocking? The SEC, of course. EthereumMax was built on the Ethereum blockchain but was otherwise unrelated to Ethereum. Because promoters were noting that buyers of the tokens could expect “reasonable returns,” it was deemed a security, per SEC guidelines. SEC guidelines also include an anti‐touting law, which says you can't promote a security (or anything that looks or smells or acts like a security) without disclosing that you were paid to do so. Ultimately, this resulted in a $1.26 million settlement with the celebrity for not disclosing the $250,000 she had received to promote the crypto token. Kardashian's paid boosting isn't quite a scam, but her reputation and cachet allowed her to drive followers to a product that, shall we say, didn't meet up to our standards. Importantly, this demonstrates the creeping spread of mass misinformation about crypto assets, and how easy it is to get drawn into something that seems credible but simply may not be.
While the actual criminal use of crypto is minimal, we’d be remiss if we didn’t directly address the fact that there are plenty of scams out there designed to take advantage of you, the investor. These could be bogus protocols, illicit wallet addresses, suspect endorsements or even full websites that look just like legitimate blockchain projects. All of these are designed to confuse you and take your money, giving nothing in return but that sinking feeling in your stomach. My dad always said “Fool me once, shame on you, fool me twice, shame on me.” Our intention in this chapter is to raise your awareness so that you don’t get fooled at all.
Unfortunately crypto scams are real – just like Internet scams are real. The simple fact is that scams proliferate in new marketplaces where consumers don't fully understand the technology. They come in many forms. In a “rug pull” swindle, for example, a new coin, token, or platform appears overnight, garners lots of press, attracts investors, and then disappears. In a “pump and dump” scam, bad actors invest in a coin they know is worthless and pump up interest (sometimes using unwitting celebrities) to lure investors. They push the price up, and then sell all at once. The price collapses, leaving unsuspecting investors with worthless coins.
Scammers go after crypto wallets, email addresses, and phones – many have lost crypto assets this way. There's a lot to learn from the more infamous crypto frauds like OneCoin, an international Ponzi scheme that's estimated to have scammed people of $25 billion, and Quadriga, a Canadian exchange whose founder is suspected of absconding with almost $200 million in investors' funds and then faking his own death.
Yes, you need to be careful. Yet the mere presence of fraud does not invalidate the crypto market, any more than one crooked member of Congress invalidates the government. One or more bad actors in a company does not invalidate the company itself. Take, for example, JPMorgan, which was fined almost $1 billion in connection with schemes to defraud precious metals and U.S. Treasuries markets.1 Fraud happens everywhere. Blockchain technology itself has never been broken, at least for Bitcoin.
We want you to be smart and prepared to succeed as an investor in crypto (or stocks, bonds, real estate, or any other asset), but we also want you to be prudent. Fraud is as old as humanity and will continue, and when an emerging mega‐trend such as crypto rolls out to the world, thieves and fools rush in. Because it’s not all sunshine and rainbows, we are going to close out this section by raising your awareness of some of the scenarios you might encounter, so that you are well rounded, can see the danger signs, and avoid some of the common pitfalls of this new world.
In May 2022, the SEC added 20 additional positions to the unit responsible for protecting investors in crypto markets and from cyber‐related threats. The newly renamed Crypto Assets and Cyber Unit (formerly known as the Cyber Unit) in the Division of Enforcement grew to 50 dedicated positions.
“The U.S. has the greatest capital markets because investors have faith in them, and as more investors access the crypto markets, it is increasingly important to dedicate more resources to protecting them,” said SEC chair Gary Gensler. “The Division of Enforcement's Crypto Assets and Cyber Unit has successfully brought dozens of cases against those seeking to take advantage of investors in crypto markets. By nearly doubling the size of this key unit, the SEC will be better equipped to police wrongdoing in the crypto markets while continuing to identify disclosure and controls issues with respect to cybersecurity.”2
Gurbir S. Grewal, director of the SEC's Division of Enforcement, added that crypto markets “exploded in recent years, with retail investors withstanding the worst of abuses in this space. Meanwhile, cyber‐related threats continue to pose existential risks to our financial markets and participants. The bolstered Crypto Assets and Cyber Unit will be at the forefront of protecting investors and ensuring fair and orderly markets in the face of these critical challenges.”3
The additional positions include supervisors, investigative staff attorneys, trial counsels, and fraud analysts. At an SEC Speaks conference, Grewal said that the best way to describe the SEC's approach is “intentionality.” By this he means assertively seeking cooperation from traders, trading platforms, and issuers, issuing clear guidance, and providing extensive explanations of its enforcement actions. In part, the SEC is responding to widespread criticism that it is enforcing crypto assets as securities without having apparent authority or settled rules. As we observed earlier, Congress wants to pass laws dealing with this issue, and is likely to do so soon.
Many in the crypto community rankle against the SEC's aggressive posture – or crackdown, in the eyes of many – and we're watching the watchdogs to ensure that the rules, to the extent we know them, are fair and fairly enforced. To date, the SEC's significant cases focus on bad actors who explicitly harmed investors. And the SEC nails scammers across all security classes, of course, not just crypto. Among the actions pursued by the SEC in 2022 are the following:
The Commodity Futures Trading Commission (CFTC) also expanded enforcement hiring and actions in 2022. In one July 14 announcement, the CFTC entered a consent order against Jimmy Gale Watson of Dallas, Texas, for a manipulative and deceptive digital asset “pump‐and‐dump” scheme. “The CFTC will continue actively to use its enforcement authority in the digital asset space to combat fraud and manipulation,” said CFTC acting director of enforcement Gretchen Lowe at the time.
With both agencies jockeying for jurisdiction, there is merit to observations that they stepped up enforcement “arrests” before their fiscal year ended at the end of September (just as government agencies have done for centuries). Considering the size of the crypto sector, 130 or so enforcement actions in five years involve and impact only a fraction of the crypto securities and commodities available to investors; however, this does not mean that any project that you invest in could be subject to investigation, even large‐scale projects.
Let’s look at Ripple, a technology company that created XRP. Ripple created a system of payment settlement and remittance and XRP has been the darling of many. Seven years after its founding, however, the SEC filed actions against it for being an unregistered security (do you see a pattern here?). This sent the price plummeting and its overall long‐term success is in question. The founders disagreed and a legal battle ensued. Time will tell where this ends up; it may well be either a fine and a slap on the wrist or the project getting shut down. The point is that the SEC is not to be trifled with, so our advice is, don't trifle with them. Remember the Howey Test, and if you see a project that could be categorized as a security, buyer beware. There are plenty of great projects that don't fall into this category.
Here's the rule: If it sounds too good to be true, it probably is. Use common sense, ask for references and evidence of performance, and don't believe what you see on the Internet without further verification.
The SEC's Office of Investor Education and Advocacy and the CFTC's Office of Customer Education and Outreach have repeatedly warned investors to beware of websites “purporting to operate advisory and trading businesses related to digital assets. These websites often contain ‘red flags’ of fraud, including claims of high guaranteed returns and promises that the investments carry little or even no risk. . . . In some cases, the fraudsters claim to invest customers' funds in proprietary crypto trading systems or in ‘mining’ farms, promising high guaranteed returns (for example, 20–50%) with little or no risk.” Folks, if you want little or no risk, invest in municipal bonds and Treasuries. Claims of risk‐free returns of this nature are total bull.
With that being said, in addition to keeping the Howey test in mind, here are our 10 red flags to watch for, with thanks to the SEC, CFTC, and other federal agencies:
Swindlers may circulate misleading information anonymously or while pretending to be someone else. They may issue fabricated credentials, create fake profiles, or pretend to be associated with a legitimate source. It's easy to hide behind an anonymous social media account while laying the groundwork for fraud. Whether it's Kim Kardashian or your favorite NFL player, do not give testimonials or celebrity endorsements a micron of credibility when making an investment decision. Phonies sometimes pay actors to pose as normal‐people‐turned‐millionaires to tout an investment on social media.
The SEC: “… fraudsters may set up an account name, profile, or handle designed to mimic a particular individual or firm. They may go so far as to create a webpage that uses the actual firm's logo, links to the firm's actual website, or references the name of an actual person who works for the firm. Fraudsters also may direct investors to an imposter website by posting comments in the social media account of brokers, investment advisers, or other sources of market information. When you receive investment information through social media, verify the identity of the underlying source. Look for slight variations or typos in the sender's account name, profile, email address, screen name, or handle, or other signs that the sender may be an imposter.”5
Con artists have also found victims by hacking their social media profile and sending fraudulent investment opportunities to their contacts. Be wary if someone – even someone you trust – sends a social media message recommending an investment and be sure to check with them offline to make sure that person actually sent the message.
“These keyboard Casanovas reportedly dazzle people with their supposed wealth and sophistication. Before long, they casually offer tips on getting started with crypto investing and help with making investments. People who take them up on the offer report that what they really got was a tutorial on sending crypto to a scammer. The median individual reported crypto loss to romance scammers is an astounding $10,000,” reported the FTC.6
Many romance ripoffs persuade victims to send money allegedly to invest or trade cryptocurrency. After the fraudster establishes an online relationship with the victim, they claim to know about lucrative cryptocurrency investments or trading opportunities. “The fraudster directs the victim to a fraudulent website or app,” the FBI explains. “After the victim invests and sees a purported profit, the website or app allows the victim to withdraw a small amount of money, further gaining the victim's trust. The fraudster then instructs the victim to invest larger amounts of money and conveys a sense of urgency. When the victim tries to withdraw funds again, the victim is instructed to pay additional funds, claiming that taxes or fees need to be paid or a minimum account balance must be met.”
While the following case doesn't involve crypto, it is an instructive example from the files of the FBI. The bust went down in 2021.
When members of the Pennsylvania Amish and Mennonite communities were offered the opportunity to invest with someone they knew and trusted, many jumped at the chance. Philip Elvin Riehl, an accountant in Berks County, Pennsylvania, claimed he would invest their money in local businesses, offering a solid return.
But Riehl was not licensed to invest people's money: “He did minimal research on the companies he was loaning money to. For example, he loaned much of the money he received to a failing creamery that went out of business, leaving investors with nothing. He also forgave loans if borrowers left their faith, making it impossible to collect the money,” the FBI reported. Special Agent Michael Mocadlo investigated this case out of the FBI's Philadelphia field office. About 400 Amish and Mennonite families in Pennsylvania lost a combined $59 million.
Because of their religious beliefs, many in these communities often do not pay into Social Security, so some members seek out their own opportunities to fund their retirement. Because many of the victims invested for the long term, they often didn't ask for their money for years. So, they saw statements that showed their money was doing fine, when it had actually been invested in failing businesses and was gone.7
President Obama and his team adopted this mantra in looking at foreign policy decisions. It is a helpful reminder for all investors when it comes to evaluating investments. Regulators and other watchdogs correctly remind us that crypto investments are not insured like bank deposits, or (supposedly) safeguarded from fraudulent losses through the SIPC (Securities Investor Protection Corporation), which protects against the loss of cash and securities – such as stocks and bonds – held by a customer at a financially troubled SIPC‐member brokerage firm. There is critical context to keep in mind. Crypto investments aren't shielded by the FDIC, which limits its insurance to savings and checking accounts at banks, true, but neither are real estate, stocks, bonds, derivatives, futures, commodities, or the entire universe of investments not held at banks. The SIPC has very limited reserves and powers to refund fraud‐driven losses, and then only at SIPC‐member brokers. It is a self‐regulated organization, meaning that the recovery guardrails it puts in place must be funded by the industry and supported by the industry. Brokers and Congress have long failed to adequately fund the SIPC and defanged its enforcement roles.
Most fraudulent schemes need cash at ever‐increasing volumes to keep the con going, so, as with any pitch or scheme, manufactured urgency is a very bad sign. Everybody wants your money in life, but crypto crooks want it desperately.
Crypto assets are like any higher‐risk investment. Invest what you can afford to lose. Research your investment targets and get performance data. Remember that if it looks too good to be true, it probably is, so stay alert. And, in addition to being aware of fraudulent offers, follow a commonsense approach to managing your assets. Mind your wallet and where you attach it and never ever share your private keys. Incorporate risk‐management tools into your crypto portfolio so you can sleep at night and enjoy managing your money.
18.224.44.186