Cryptocurrency and DNS Abuse: The Evolving Threat of Cybercrimes

Initially published with CentralNic Partner News, December 2023.

The growing threat of cryptocurrency scams and online harm urgently calls for action to reduce victimization.

As the online landscape continues to evolve, opportunities for online harms and abuses grow as well. The volume and monetary value stolen from victims of cryptocurrency abuse has significantly increased over the past few years.

The Federal Trade Commission reported that from the start of 2021 through June 2022, more than 46,000 people have reported losing over $1 billion in crypto scams, a number higher than any other type of payment method in this period. Of this $1 billion, roughly $575 million of the reported losses was due to fraudulent investment opportunities.

According to the 2022 Internet Crime Report from the FBI Internet Crimes Complaint Center (IC3) investment fraud caused the largest losses of any scam reported to the public, at just over $3.3 billion in total monetary losses of victims. Despite there being significantly fewer victims of investment fraud scams than phishing scams, the overall monetary loss of investment fraud scam victims was substantially higher than that of phishing scams. The IC3 reports that there were just over 300 thousand phishing scam victims with losses totalling around $52 million, whereas the total monetary losses of roughly 30 thousand victims of investment fraud scams totalled over $3.3 billion. Cryptocurrency investment fraud including pig butchering, a form of scam where victims are figuratively ‘fattened up’ and ‘slaughtered’ by scammers, was the most prevalent form of investment fraud scam. In 2022, cryptocurrency investment fraud saw a 183% increase in reported losses since the previous year, totalling at $2.57 billion, a number roughly five times greater than the monetary losses of phishing victims within the same period.

In addition to concerns over monetary losses to the victims of cryptocurrency scams, there is a credible threat to human life. Transnational criminal organisations and terrorist groups have increased their use of cryptocurrency as a means of financing and laundering money; in 2023, a New York City woman was charged with using cryptocurrency to financially support terrorist groups in Syria (ABC News). According to a June 2023 report from INTERPOL, many cryptocurrency scams are being carried out by victims of human trafficking, due to operations wherein victims are lured by false job opportunities, kidnapped, and transported to “scam centres” where they are forced to carry out large-scale online scams such as investment fraud and romance scams. INTERPOL has issued a level orange global warning regarding this trend, which represents a serious and imminent threat to public safety. As recently as 22 May 2023 the FBI issued a public service announcement warning US citizens of this type of crime, stating, “The FBI warns US citizens and individuals who travel or live abroad of the risk of false job advertisements linked to labor trafficking at Southeast Asia-based scam compounds where victims are held against their will, intimidated, and forced to commit international cryptocurrency investment fraud schemes,” (FBI Alert I-052223-PSA). Allowing this type of fraud to continue at this rate poses a risk to human life.

As the online harm threat landscape continues to shift, it is imperative that members of the industry and those who operate in this space continue to update policies of online abuse in order to reduce victimization. Given the identified scales of the harm, based on the impact to victims, and the speed at which the impacts may occur, disruption via the DNS where the harms are occurring may represent the most effective and appropriate tool in combating these harms. Despite cryptocurrency scams not being a technical form of DNS Abuse, the need for reporting, evidencing, and prompt mitigation of these harms is clearly demonstrated by the significant increase in scams and large monetary losses. These domains are being registered for the purposes of abuse, and delivered via the DNS. While the communications between the victim and scammer may begin on a third-party application, the abuse/monetary loss occurs on the DNS. It is vital that this abuse is managed and mitigated, to reduce victimization and harm. CleanDNS continues to work to enable the identification and collection of proper evidence packages to help demonstrate and justify decisive intervention in mitigating these harms and reducing victimization for good.

By Jacob Nicoletti, CleanDNS Security Operations Manager


Cleaning Up the Internet for Good

CleanDNS's affordable online harm mitigation solution simplifies abuse management, ensures contractual compliance, removes bad actors, and roots out online harms for good.