The Who, What, When, Where, and Why of Cryptocurrency Fraud — and How We Can Stop It

More than 300 million people use crypto worldwide and 16% of Americans say they have invested in, traded or used cryptocurrency, according to Pew Research. Meanwhile, cryptocurrency hacks are on the rise, with more than $1 billion stolen so far this year, including recent fraudulent activities identified in South Korea with remittances abusing the so-called “Kimchi Premium” for money laundering activities.

The cryptocurrency industry has been called the “Wild West” of finance and many have called for more regulation of these currencies. In fact, the Securities and Exchange Commission (SEC) just announced new crypto regulation initiatives that will boost investor protections and help minimize risk.

What is crypto, and why is it vulnerable to large-scale hacks? And, aside from regulation protections, how can we use technology to double down on crypto fraud? Keep reading.

The Crypto and Blockchain Basics

We can define cryptocurrency (crypto) as a digital currency composed of an encrypted data string. Crypto is organized by a peer-to-peer network called a blockchain, which is a digital shared ledger. All transactions (“blocks”), including buys, sells, and transfers, are added to the shared ledger — and all parties have access to this single source of truth. Cryptocurrencies (which include Bitcoin, Dogecoin and Ethereum) are decentralized, meaning they are not issued or maintained by banks or governments.

Distributed ledger technology such as blockchain is at the core of cryptocurrencies (LuckyStep/Shutterstock)

Ledgers provide transparency and validation. For example, before a new block is added to the ledger, a majority of nodes (which can be thought of as small, connected servers) must verify that the new data is legitimate. This could include confirming that the coins have not been spent more than once.

There are two types of blockchains: public (such as Bitcoin) and private, or permissioned. Public blockchains are open and any user can anonymously join. Also, public blockchains use internet-connected computers to validate transactions. Meanwhile, private blockchains invite trading partners to participate and each partner serves a specific role. Similarly, private blockchain networks are controlled by a company or group; they also confirm identity and membership before allowing access.

Secure But Not Invincible

Since blockchain is decentralized, it’s less likely to be hacked. A bad actor would need to gain control of more than half of all computers within the same ledger. Also, all transactions are secured via cryptography, which means all nodes must solve complex mathematical equations to process a transaction.

But hacks do happen — and they depend upon whether the blockchain is public or private. How do they happen? Phishing attacks in which a criminal obtains a user’s credentials through email is one way. Another involves a “Sybil attack,” in which hackers create false network identities to flood and crash the system. Also, during a “51% attack,” a person or group gains control of more than 50% of a blockchain’s hashing power (the cryptographic process used to validate the integrity of input). Attackers are then able to block new transactions from being confirmed, halt payments, and rewrite parts of the blockchain to reverse transactions, leading to double spending.

A Sybil attack can be used to obtain information about the IP address of a user connecting to the network. This compromises the security, privacy and anonymity of web users. The only thing an attacker has to do is take control of nodes in the network, gather information from those nodes, and create fake nodes initiating their identities.

Fraud Detection and Risk Management via Graph Analytics

In addition to crypto, blockchain can be used to process banking transactions in hard currencies like dollars and euros. People can also use blockchain for asset transfers (think digital assets such as NFTs), digital “smart contracts,” and even supply chain monitoring. Considering all of this rapidly changing data that spans multiple blocks, how can we uncover potential fraud “red flags”? One option is graph database technology, which provides real-time deep link analytics across multiple nodes and hops within massive datasets for event correlation, activity verification and validation and more.


A financial institution, for example, could use a cryptocurrency network graph to identify the percentage of funds received from various types of actors. How many funds were received from the Darknet, exchanges, or smart contracts? The graph can also highlight flows of funds as well as transactions that originate from a specific location. An organization could also load an entire bitcoin blockchain into a graph database and then — with help from third-party data — determine if a specific address is closely associated with known risky addresses or risky users.

Graph analytics can help identify potential fraud within a ledger’s blocks of data by answering questions like:

  • Is this single coin owned by multiple addresses?
  • Are there multiple transactions connected to each block?
  • Is there a cyclical money flow that indicates potential money laundering?

Here’s an example of this type of analytics.  In this case, we have Bitcoin actively being purchased from multiple addresses. This activity is not of concern until you notice that the purchases and amounts are suspect based on the use of a fraudulent address and multiple purchases of Bitcoin. If we have the payment method for a coin used for a transaction, and that payment method is categorized as a specific type, we can propagate the graph with the percentage of the amount invested for each address that made investments.

After the calculation, there should be a distribution of different categories for each address that pinpoints the origin of the coins as well as how much was purchased from each address. We are also able to measure maximum possible money flow between two fraudulent addresses allowing us to close in on the origin of coins and the origin of the fraudulent activity.

A Powerful duo: Blockchain and Graph Technologies

The combination of blockchain and graph is a powerful one. Just as we can use graph analytics to examine complicated relationships among organizations, people, and transactions to highlight questionable patterns, expose fraud rings, and deny fraudulent credit card applications, we can do the same within the blockchain format.

The proof is in the patterns, and only by drilling down into suspicious patterns will we preempt and prevent more headline-making cryptocurrency fraud, hacks, and scams. The use of graph technology gives us the preemptive view into activity within a blockchain network to ensure anomalous activity is being caught early and often. The more we identify it, the more we can segment these potential bad actors and remove them from the network ensuring customer and data security.