With the mad rush to cash in on the crypto craze there has been an equally massive rush to cash in on those who have more eagerness than knowledge.
I would like to provide a quick breakdown of the common scams in crypto (with several follow-ups later on ways to stay secure).
In general, scams can be broken down into several categories.
They are phishing/malware, ponzi scheme, cloud mining, fake ecommerce, and ICO (initial coin offering).
With phishing, you basically get tricked into thinking an email or website that you're looking at is genuine and either provide confidential info or provide an attacker access to your system through malware. Once the attacker has your info or the malware logs your keys/screen then the attacker can proceed to access your various accounts, possibly steal your funds, or use your identity to access your accounts and then steal your funds.
Ponzis have been around a long time. Basically, it comes down to future in-flows (money in) must exceed future out-flows (money out) for a sustained period of time. Generally, a ponzi advertises returns that seem too good to be true (such as 1% return/day, 10%/month, etc.) and because of these false promises, the extreme growth rate of money in exceeds the money going out. As long as future money in-flows grows faster than the money going out then the ponzi can be sustained.
This can result in fraud at a massive scale such as Madoff, but generally with crypto, the frauds have been in the multi-million dollar range as most fraudsters quickly run out of cash.
Some ponzis exist as exchanges, some as cloud mining operations, and others simply promise investment returns that have no underlying asset (despite marketing otherwise). Ponzi exchanges more or less function as banks but instead of holding your crypto, they're spending it, and as long as they bring in more new money they can keep up the game for a long time.
Most cloud mining operations are scams. They generally function much like an exchange ponzi by taking your money up front and then paying you back incrementally. While this ponzi tends to have a much lower risk of loss due to the small returns, if a cloud mining operations promises unusually high returns, you're almost certainly throwing your money away to a ponzi.
Due to the shortage of mining equipment overall, many slick ecommerce sites have popped up promising everything from next generation 5/7 mm node ASICs and UNIVERSAL ASICS that can mine any coin at a speed faster than any other machine on the market, or perhaps they are selling S9s for 50% off. These are too good to be true. Don't fall for it. Some even have phone numbers and contacts, and perhaps some will even ship some product, so as to sell real products to a percentage of their customers while taking significant numbers of pre-orders and then suddenly disappear once their reputation has been ruined.
The ICO scam tends to be a hybrid of several scams that can include a ponzi but also something along the lines of cloud mining, where promises of future returns draw investors in, but then nothing actually results from company activities. Often you will find slick websites, whitepapers, and convincing organization charts showing real people. These are the most dangerous as many people fail to read deeply into a business and think they have nothing to lose treating their investment like a lottery ticket.
Some ponzis have real and very sophisticated technology, and at that point it becomes extremely difficult to differentiate a scam from a legitimate investment. For example, BitConnect, which offers a token that is currently skyrocketing in value, essentially operates a blatant ponzi/investment scheme that many people buy into thinking that as long as they get out before the sky falls then they will be safe. The reality is that no one really knows how long this game will last or when a regulatory agency or law enforcement will shut the whole thing down.