Disclaimer: this article includes links to products for sale on our store.
- Auroracoin Scam
- Dogevault Scam and Robbery
- Marco Coino Scandal
- A Tale of How Our Friend Was Scammed
- How To Protect Yourself From Scams
- Conclusion
- FAQ
In this post we are going to cover:
Plus more... Read on to learn everything you need to know about the biggest scams in crypto history.
Auroracoin Scam
Auroracoin was marketed as a national Cryptocurrency for Iceland. This is a silly cause, but an understandable one because Iceland has had severe banking and economic problems, leading to high inflation rates. So a stable currency would help the economy. However, Auroracoin ended up being anything but stable.
How Auroracoin Works
Auroracoin is a Scrypt Cryptocurrency, meaning you can mine it with a GPU/CPU or Scrypt ASIC. There will eventually be 21 million Auroracoins total, but half of these were premined for the ‘airdrop’. Every citizen of Iceland who registered got 31.8 free Auroracoins on March 25, 2014.
To achieve this, there were actually 3 stages of the airdrop, each lasting 4 months. Icelanders could claim any leftover Auroracoin after these airdrops completed.
Predictably, there were people selling lists of information about Icelandic citizens so that non-icelanders could claim the Auroracoins.
under the rules of the Auroracoin protocol, there are only 25 Auroracoins per block. Miners therefore only got small amounts even after mining for days on end. The 10.5 million Auroracoin airdrop absolutely dwarfed the number of coins that were mined.
This is one factor that led to Auroracoin becoming very valuable after launch - the supply was extremely limited which forced the price higher.
Auroracoin has probably the slowest confirmation time I’ve heard of for a Cryptocurrency. It takes several hours for coins you send to become spendable. There are reports of Auroracoins not confirming for 12 hours or more. This made trading Auroracoin a nightmare, as it was impossible to respond in time to market changes unless you left your coins on the exchange (and leaving coins on an exchange for long periods of time is never a good idea).
Price History
When Auroracoin began trading on exchanges, it had a price of 0.03 Bitcoin/Auroracoin, which is an extremely high price for a Scrypt Cryptocurrency.
This was mostly due to the limited amount of coins due to slow mining generation rates.
The price of Auroracoin began to slowly rise about a day after trading began, and by March 3rd, a rally was underway.
It was a classic pump. Big investors (called whales) bought large amounts of Auroracoin, feeding a frenzy of speculation by small to medium investors.
The price reached an incredible 0.138 Bitcoin per Auroracoin on March 4, or about $70 at the time. This made Auroracoin many times more expensive than Litecoin, which usually has the highest price out of all the Scrypt Cryptocurrencies (besides Cryptocurrencies with extremely limited coin supply, like 42 coin and 365 coin).
Price started to rapidly decline right after peaking at 0.138 Bitcoin per Auroracoin.
Within 48 hours, prices dropped to 0.03 Bitcoin per Auroracoin - about what it cost before the pump.
This was a classic dump, where the whales sold, causing price to drop.
When the price dropped, other investors panicked and sold.
I’m sure many investors had an excruciating time if they didn’t have their Auroracoin on an exchange. They would watch the price drop while waiting for hours before they could sell due to the incredibly slow confirmation times.
Overall, the rise and fall of Auroracoin’s price over the course of 5 days was a classic pump and dump, and one of the most infamous Cryptocurrency pump and dumps to date.
But the dump wasn’t over yet.
The price of Auroracoin continued to decline after that point, and was near 0.02 Bitcoin per Auroracoin just before the air drop on March 25.
After the Airdrop occurred, price swiftly declined further, at 0.004 Bitcoin per Auroracoin only a few days later.
While Auroracoin’s purpose of making a new stable currency for Iceland is noble, it failed. Most Icelanders sold their Auroracoin as fast as possible to get Bitcoin.
Auroracoin has inexorably lost value since the airdrop, and is worth a mere 0.000002852 Bitcoin per Auroracoin today (September 12th, 2022). Trading volume on the exchanges is very low - essentially 0.
But…it did make a ton of money for the people who created it.
Dogevault Scam and Robbery
Dogevault was a popular online wallet, where people could store and send Dogecoin. It provided no advantage over a normal Dogecoin wallet, and generally online wallets are regarded as risky, since if the site gets hacked or the owner goes rogue, then you lose the coins that were stored in the online wallet.
Dogevault Goes Offline
Then Something went very wrong with Dogevault. The site is down, and the server has simply been shut off. This means everyone who uses Dogevault cannot access their coins. There have been no announcements from the owner of Dogevault about what is happening, which is completely inappropriate in this situation.
One Dogevault user reported that 950,000 Dogecoin were transferred out of his wallet just before the site was taken offline, as can be seen in the transaction record below.
Other Dogevault users reported the same issue. This suggests that Dogevault had either been hacked or, more likely and much worse, the owner ran off with all the coins.
To this day, it is unknown how much Dogecoin has been stolen. Dogevault was an extremely popular online wallet though, so losses could be massive.
Updates
Update (5/12/2014): the 950,000 stolen Dogecoin ultimately ended up in a new mega wallet, with other coins that were possibly stolen from Dogevault. This wallet contains 111 million Dogecoin: https://dogechain.info/address/DHKM6NDUUv9kaHAGi1QU7MRBNKfQiAdP3F
There is also another address with 2.6 million Dogecoin linked to Dogevault. It is uncertain at this time if this actually represents stolen Dogecoin, if it does this is one of the biggest Dogecoin robberies in history.
Update (9/12/2022): The same wallet mentioned above now contains over 121 million dogecoin. The latest transaction occured on 6/22/2022, adding over 32 dogecoin.
Marco Coino Scandal
Back in the early days of Bitcoin, there were only a few smart people who identified the potential in the currency. However, as the currency has grown in popularity and more people held bitcoins, demand for transacitons grew.
Bitcoin Cash was a fork of Bitcoin that attempted to alleviate some of the growing pressure for blockspace by increasing the blocksize.
Many pointed out that there will always be nearly infinite demand for blockspace, so scaling woudl require other methods.
So when it became clear that merely increasing blocksize was not going to solve the problem, it was strange that so many members of the BCH community thought it would be a good idea to go on a crusade to sign up more merchants to accept the flawed cryptocurrency.
Bitcoin Cash merchant directories such as Marco Coino popped up, to let users know where they could spend their Bitcoin Cash and would act as a centralized hub to do it.
Collecting user-generated information, Marco Coino showed where you could trade in BCH, and for a while, looked like a promising endeavor.
Proponents of BCH hailed this as the inevitable rise and success of BCH around the world.
But then it all went wrong.
The Marco Coino Plateau
By October 2018, there were 500 businesses listed. By May 2019, there were over 1000.
However, behind the scenes, all was not going well.
Users reported waiting over three months to see their businesses approved - if they were at all. And while BCH was said to be taking off in Japan and North Queensland, other parts of the world were falling far behind.
In Europe, Slovenia had the highest number of BCH accepting properties with over 500 - but in the rest of mainland Europe, there weren’t even 100 vendors.
Failing the Need for Speed
Updates to the app took many days, and when completed, they are often misconfigured or dropped vital information.
The enthusiasm shown by businesses waneed when, after months, they still didn’t see themselves featured in the directory.
When BCH was introduced as a speedier alternative to Bitcoin, Marco Coino couldn’t live up to the early promises.
Info: If reliability and accessibility are an active struggle, and a business cannot put its faith in Marco Coino, then with BCH no longer seems like a sound investment of time or resources.
Marco Coino Security Issues
Even more troubling than the delays were the security and safety issues associated with Marco Coino.
One user had reported receiving an early-morning phone call from somebody cursing and issuing bizarre threats as they tried to confirm their listing.
The unvetted nature of adding merchants (that is, anybody can do it without proof) means that businesses could quite easily be listed that don’t and never have been open to accepting BCH.
Marco Coino Highlights The Problems With BCH
Even with tremendous will and enthusiasm, and with all of the benefits that Marco Coino had as an early Bitcoin Cash merchant directory, there still seemed to be a disconnect between BCH enthusiasts and the rest of the world. And Marco Coino highlights that problem.
Every delay, every security risk, and every illegitimate business on the platform does massive damage to the credibility of BCH as a whole.
Fundamentally, and perhaps a little like BCH itself, Marco Coino tried to run before they could walk. Without the necessary systems and processes in place, there was no practical way for the Bitcoin Cash merchant directory to scale.
Launching an international operation without the framework to support has caused massive and lasting damage to the reputation of Bitcoin Cash.
Outside of BCH evangelists, people are unlikely to spend the time and effort to support the currency. If a centralized entity like Marco Coino can’t even stay on top of the demand, then what hope does BCH have?
A Tale of How Our Friend Was Scammed
So now we have covered some of the largest scams in crypto history.
Scams can be avoided though, and sometimes the best way to learn about how to avoid them is to hear stories from other people.
The following story was written by Our Friend MikeInSpace and should give you an idea of how even very smart, experienced people can fall victim to these scams.
Take it away, Mike!
Honestly, I never thought it would happen to me: scammed on Telegram. I’d like to pretend it was some super-sophisticated, social engineering attack that would have fooled anyone, but the truth is it wasn’t. I got lazy. I didn’t do my due diligence and I trusted without verifying.”
Background
Here’s the run-down: I had placed a bid in a charity auction on the BitcoinTalk forums for a Kialara Hydrat to adorn my Bitcoin shrine and forgot about it. I was contacted by someone I thought was the auctioneer on Telegram informing me that I was probably going to win the auction.
I didn’t even remember placing the bid, so he sent me the link where I was the highest bidder at the time (I was) and it started jogging my memory.
At this point, I was more preoccupied by the auction, and a bit embarrassed having forgotten placing the bid, than I was with verifying the auctioneer was legit.
Alarm bells should have been going off, right? But they didn’t. The guy was slick and said all the right things, even diverged into off-topic small chat. He didn’t seem like a scammer.
In fact, he proposed escrow for security, and asked me to pick someone I trust. So I did. Then I was pulled into a new chat group on Telegram with the “auctioneer” and the “escrow” I picked.
At this point, I should have scrutinized the escrow account, but it looked legit. The avatar was right and so was the name.
In the span of 2 minutes, the “auctioneer” had spun up a fake “escrow” account on Telegram and I didn’t question it. Again, I have no excuse here. I still can’t believe I fell for this trap. But I did.
So I sent the Bitcoin to the address, as requested, and then everything disappeared. The fake auctioneer account; the fake escrow account and the group chat itself.
They probably did this to cover their tracks, but to be honest, had they not done this, I probably would have just went-along with my day thinking nothing was amiss. So this is when alarm bells started going off.
You’re probably shaking your head right now, right? I don’t blame you.
I contacted the escrow through Twitter and he basically confirmed what I already knew: he didn’t just act as an escrow and I had been, clearly, scammed.
Starting to Sweat
Panic started to set in. Thousands of dollars in Bitcoin lost forever. But I had one ace up my sleeve: I’m notoriously cheap with txn fees.
I set it super low at 12 sats/byte so the txn shouldn’t have made it into a block for hours.
“Just RBF, Mike! No worries!” you say. Well here’s where you get to roll your eyes and give me the L because I didn’t use RBF.
It wasn’t a conscious decision, it’s just that the wallet I was using at the time didn’t support it. Guess what that means? I needed to find someone to build me a double-spend, by hand, and fast.
The clock was ticking. Fortunately, I was able to find someone I trusted who had never done it before, but had the technical chops to give it a shot. Fingers crossed.
Building the Replacement TX
He walked me through the first few steps as it required access to the seed, building the replacement transaction in Electrum and signing it. Attached was an absurd 900 sats/byte miner fee. Something to incentivize miners to include this transaction rather than the earlier one.
To be honest, it was probably overkill, but it was a tense situation. We probably only had one shot with the clock ticking, so better have a big enough bribe ready to go. I sent him the signed transaction and he had to do a bunch of stuff with the UTXO strings, but I won’t get into the technical weeds, it’s not important.
Double spend ready! Let’s broadcast it! REJECTED. Mempool no like. It looks like a double-spend attempt. Let’s try an accelerator! REJECTED.
Accelerator no like. It looks like a double-spend attempt. Bare in mind, neither of these rejections were due to breaking with Bitcoin consensus itself. These are just policies. Maybe good policies in order to curtail rampant double-spend attempts, but mere policies.
The new transaction was just as valid as the previous transaction. The REAL transaction is whichever one gets into a block first. Blockchain is truth, after all. So we reached out through back-channels and public channels to mining pools.
Here’s where I really have to stop and thank everyone who helped. So many people went out of their way to help me get this transaction to miners, it was really heart-warming and I thank you all.
At one point, I had about 60% hashrate working on including my transaction, but it was early morning in China. There was literally a guy racing to work, in China, to include the txn around 8 am their time.
It kinda felt like living through an Action movie, racing against the clock before the bomb goes off. Poolin, ViaBTC, F2Pool. I had them all in my DMs. Everyone was doing their best to get the job done.
But there can be only one. 4 blocks before the scammers got my money (according to mempool.space) I got a tweet notification. F2Pool had just mined the transaction into a block.
Relief finally set in. I got most of my money back (minus the miner fee and a reward to the person who crafted the replacement spend on short notice) but most importantly, the scammers got nothing.
Don’t Trust. Verify.
How To Protect Yourself From Scams
Let’s briefly discuss some of the ways you can avoid scams in the future.
Keep Up to Date On Current Scams
One of the best ways to prevent yourself from falling victim to any scam, crypto or otherwise, is to stay up to date on the latest tactics used by scammers.
One good way to do this is to keep your eye on government regulatory agency websites for updated lists of common scams.
The SEC has a good page on common crypto scams that is regularly updated.
Use a VPN
One way that scammers take your crypto is by listening in on your online sessions and stealing your credentials when you log into your exchange accounts. This is especially common if you are using public open wifi when you login.
This issue is becoming increasingly common, making public wifi much more dangerous.
The truth is, you should probably jsut avoid public wifi anyway, and opt to use your smart phone as a tether for your other devices. However, if you are desperate and need internet, then using a VPN to encrypt your connection is one way to prevent this attack.
Use a Password Manager
Another way attackers gain access to your accounts and wallets is by guessing your password.
That may sounds difficult, but its actually not as hard as you think.
If you tend to use the same password for all or many of your accounts, and one of those account credentials gets leaked from a hack, then scammers will try that same password on many other services.
You can check haveibeenpwned.com to see which accounts have been compromised already and then cross check the password you use for that site and see if you use it for any others.
The next thing to do is change the passwords on all of your accounts to be unique for each one.
That may sound difficult since it would be hard to remember so many passwords. Thankfully, password managers make it easy. The manager will generate a long random password for each account you have and save it.
LastPass is one of the more famous ones, but there are others like Dashlane as well.
Then, all you need to do is remember the master password you used for the manager.
There are a ton of great services out there for this very purpose, so look into them and give it a try.
Use a Second Factor Authentication
One way to protect your accounts, especially when someone has obtained your login credentials, is to secure them with a second login factor.
These come in many forms, such as hardware devices that need to be plugged into the computer when logging in (known as a yubikey) or app-based second factors, like google authenticator or lastpass authenticator.
This second type of authentication generates unique 6 digit temporary passwords you must supply at login. They expire every 30 seconds, and are generated completely locally on your phone.
In either of these cases, it means that if someone attempts to login to your account and they have your username and password, they will also either need to have your phone in hand or your yubikey.
Warning: When setting up two factor, avoid using SMS messages as the second factor. These are easy to steal through a process called [SIM swapping](https://www.fcc.gov/consumers/guides/cell-phone-fraud){: target="_blank" rel="noreferrer" }.
Watch Out For Phishing Websites
One final thing to do is be on the lookout for phishing websites.
Scammers will create websites that look like the normal exchange website you use, such as Coinbase, and prompt you to input your login credentials.
Once you attempt to login, they will save those credentials and use them to login to your real account.
To get a sense of just how convincing these exchange websites can be, take a look below at this fake Coinbase email.
The email tells you your account has been locked and prompts you to login to your account at the link in the email…which takes you to the fake phishing website.
Conclusion
We’ve covered a lot of scams today and told you a story from a real person about how some scams can occur. We’ve also talked about things you can do to prevent yourself from becoming a victim.
We hope this information will be beneficial to you going forward so you can avoid these kinds of scams.
Know of another scam we should add to this page? Let us know by sending an email to us at support@privacypros.io. We’d love to hear about it, and it may even end up on this page!
FAQ
What is Marco Coino?
Marco Coino is a Bitcoin Cash merchant directory and it shows where you can trade in BCH.
What does BCH means?
BCH stands for Bitcoin Cash, which is an altcoin version of the most popular cryptocurrency, Bitcoin.
Is Marco Coino used in Europe?
Yes, it is. Slovenia has the highest number of BCH accepting properties with over 500 - but in the rest of mainland Europe, there aren’t even 100 vendors.
What is the difference between BTC (Bitcoin) and BCH (Bitcoin Cash)?
The main difference between them is the block size (BCH has a size of 8 MB, while BTC is limited to 1 MB).
What is Auroracoin ?
Auroracoin is a peer-to-peer cryptocurrency launched in February 2014. It was created as an alternative currency to the Icelandic Króna.
What are Aurora coins worth?
Today (6th June 2021), Auroracoin is worth about 0.000006 Bitcoin.
Can you mine Auroracon?
Yes. Auroracoin can be mined with a miner using ASIC hardware.
What is the supply of Auroracoin?
Auroracoin’s supply is limited to 21 million coins.
What is Dogevault?
Dogevault is an online wallet, where people can store and send Dogecoin.
Why is Dogevault not working?
In May 11, 2014 Dogevault was compromised by attackers. The exact impact on user funds is unknown, some users reported withdrawals as large as 950,000 Dogecoin.
What is Dogecoin?
Dogecoin is a cryptocurrency created after the viral Shiba Inu dog from the ‘Doge’ meme. It was created in 2013, as a joke, by two software engineers.