December 21, 2022

Surviving the Crypto Winter – common crypto scams and what to do if you’ve been defrauded

Since 2020 the awareness of cryptocurrency has continued to increase. In June 2021, consumer research by the Financial Conduct Authority suggested that 78% of adults in the UK have now heard of cryptocurrencies and around 3.3 million people (that is to say, 5% of United Kingdom’s total population) own crypto assets.

The increasing popularity of cryptocurrency, however, has also led to an increase in fraud. It is estimated that $14 billion in cryptocurrency was stolen by scammers in 2021, which is approximately a 79% rise in crypto-related crime from 2020.Although many people are now aware of the crypto space, many still lack understanding. This lack of knowledge creates opportunities for fraudsters, who are also becoming more sophisticated in targeting potential victims.

As has been widely reported, and much like the stock market, the crypto market has had a difficult 2022. Bitcoin and Ethereum are down more than 50% from their 2021 figures, which represented an ‘all-time high’. In June 2022, Bitcoin hit a low of $20,108.53 compared to a high of $61,374.28 in October 2021.

With the current downturn in the crypto market, many investors are now looking to ‘cash out’ their cryptocurrency investments and convert their holdings into more traditional currencies. In some cases, however, investors find they are unable to recover their funds and have been the victim of a fraud.

The question therefore arises, what recovery options are available when a person has been defrauded?

How do people commonly get scammed in crypto?

The most common cryptocurrency scams fall into two categories.

The first category involves gaining access to a victim’s digital wallet, and private security passwords/authentication credentials. If successful, scammers then gain access to a victim’s cryptocurrency holdings. Phishing scams are a good example of this; whereby scam emails include links to websites and require a victim to enter their private keys.

The second category involves victims transferring their cryptocurrency directly to the scammer. Examples of this include:

  • Fake cryptocurrency exchanges: This is where scammers pose as legitimate cryptocurrency exchanges.
  • Ponzi schemes: These typically involve the payment of supposed ‘returns’ to existing investors using money invested by new investors. The Securities and Exchange Commission recently charged 11 people in a cryptocurrency pyramid ponzi scheme allegedly worth $300m.
  • Rug Pull scams: These typically involve a supposed developer promoting a new coin or NFT release, but then disappearing with investor money.
  • Fake NFTs: NFTs (ie non-fungible tokens) are digital assets that are typically bought and sold using cryptocurrency. As awareness of NFTs continues to increase, many scammers are selling fake NFTs (passing them off as valuable collectibles), or otherwise looking to exploit security weaknesses for the purposes of ransacking the victim’s collection.
  • Online promotions: These typically involve promotions online, or via social media, erroneously promising investors the opportunity to match or multiply their investments.

What are the common red flags in crypto?

With the above in mind, there are common red flags that people should be aware of in the cryptosphere (and indeed with any investment) to mitigate the risks of being defrauded.

Such red flags include:

  • Any opportunity presenting high investment returns with little or no risk;
  • Any opportunity promising very consistent returns;
  • No minimum investor qualifications or experience;
  • Investments where withdrawing or receiving payments/earnings is difficult;
  • Excessive marketing; and
  • Poorly written “whitepapers” (ie information published by developers to explain the technology and purpose of the project).

What should you do if you’ve been crypto scammed?

Can you get your money back if you’re scammed on crypto?

If you have recently made a payment via your bank and then discovered the fraud, you should immediately notify your bank (the sending bank) and the other bank (the receiving bank). The sending bank may be able to recover the funds and must make reasonable efforts to recover the funds. The receiving bank may also be able to freeze funds.

If you paid via a credit card (say VISA or Mastercard), you might consider whether a chargeback claim is available. You might also consider whether there is other potential redress from your bank (the sending bank), for example, via the CRM Code (Contingent Reimbursement Model Code).

If you are aware of the identity of the fraudster, other claims may be available. But typically, a victim will hold very little information.

Another important consideration at the outset is the likely financial cost of a victim seeking to pursue legal action against the fraudster. Seeking recovery via the courts can prove expensive (especially, where tracing is required, the relevant exchange and/or the fraudster are located in a foreign jurisdiction, and/or where urgent court applications are required to freeze funds). If the likely costs make recovery action uneconomical, a victim might consider whether there are other people who have been defrauded in a similar way, with a view to bringing a group action.

From here, there are a number of actions you can take before pursuing legal action:

  • Using tracing experts to track the movement of funds and crypto-holdings;
  • Reviewing all relevant communications and producing a chronology, with available evidence in support;
  • Writing to the relevant exchanges with a view to perfecting any notice requirements and seeking co-operation in freezing any related funds;
  • Writing to Action Fraud in the UK, with a view to obtain input from UK authorities.

Taking legal action after being crypto scammed

Asset preservation via freezing injunctions or proprietary injunctions

The English Courts now almost certainly regard crypto assets as property under English Law. This means victims can seek freezing injunctions or proprietary injunctions over the stolen assets. These are aimed at preserving the assets until judgment can be obtained and enforced.

In the case of X Y v Persons Unknown (1) Binance Holdings Ltd (2) Huobi Global Limited (3) [2021] EWHC 3352 (Comm) (heard before HHJ Pelling QC sitting as a High Court Judge, 27 October 2021) a Worldwide Freezing Order was obtained against the unknown fraudsters and a Proprietary Injunction and Bankers Trust Order as against Binance (registered in the Cayman Islands). The case involved the theft of cryptocurrency US Dollar Tethers (USDT) by cyber criminals acting on the dating site Tinder and other social media. £83,515 was stolen which was the applicant’s life savings.

Whilst cases will turn on their own facts, typically an application for an injunction needs to show:

  • A cause of action, that is, an underlying legal or equitable right;
  • The English court has jurisdiction;
  • A good arguable case, that is:
    • Prima facie evidence that the respondent has assets within the jurisdiction;
    • A real risk that the assets will be dissipated and not be available at enforcement stage;
  • A cross-undertaking in damages.

Where the assets within the jurisdiction are insufficient to meet the claim, the court can order a worldwide freezing order [1] or an injunction over assets in a specific country.

Obtaining more information via disclosure orders, for example

1 - A Bankers Trust Order (BTO):

This is essentially a third-party disclosure order, originating from the order granted in Bankers Trust Company v Shapira [1980] 1 WLR 1274.

This is only available in limited circumstances where:

  • There is a clear-cut fraud case;
  • Or, a claimant seeks disclosure of confidential documents from a financial institution to support a proprietary claim to trace assets.

An applicant for a BTO must show the following:

  • A clear case that the monies lost belong to the claimant and the loss is as a result of clear fraud;
  • Real prospect that the information sought might lead to finding or preserving the assets lost;
  • Target relevant and specific documents/information;
  • Act quickly;
  • No notice (BTOs are often made without notice);
  • Pay all and any expenses incurred by the bank in making disclosure;
  • Give an undertaking in damages to the bank;
  • Consider including a gagging order to prevent the bank from tipping off the account holder; and
  • If the BTO is sought to simply strengthen existing ongoing proceedings, the order may be refused by the court.
2 - Norwich Pharmacal orders (NPO):

Similar to the above, this order requires a respondent to disclose certain documents or information to the applicant and was established in the House of Lords’ decision in Norwich Pharmacal v Commissioners of Customs & Excise [1974] UKHL 6.The requirements are as follows:

  • There is no CPR provision that would provide the appropriate relief;
  • The respondent is likely to have relevant documents or information;
  • There is a good arguable case that there has been wrongdoing;
  • The "mere witness" rule is not infringed;
  • The respondent is involved in the wrongdoing;
  • The order is necessary in the interests of justice and is not sought for an improper purpose; and
  • The applicant is good for the cross-undertaking in damages.

Depending on the case, the order can be made either by:

  • Issuing a claim under CPR 8 accompanied by a draft order and witness statement; or
  • An application notice under CPR 23 (where the identity of the wrongdoer is known and proceedings have been issued).

Serving orders obtained on any relevant third-party

Practice Direction 6B of the Civil Procedure Rules 1998 is a new jurisdictional gateway for service out of the jurisdiction in relation to ‘information orders against non-parties’. Basically, this makes it easier for victims to get information from outside of the jurisdiction.

Given the majority of cryptocurrency exchanges which may hold information relevant to a fraud are based out of the jurisdiction, Practice Direction 6B now makes it easier for applicants to obtain these disclosure orders on exchanges out of the jurisdiction.

Proceeding with the fraud litigation

A claim will need to be commenced, with a view to recovering a judgment. This will also need to be served and then progressed through the various stages to trial (though it may be possible to shortcut this process by obtainining default judgment or summary judgment).


At present, enforcement remains the “great unknown”, as many cases relating to crypto assets through the UK courts have not progressed that far. Due to the decentralised nature of crypto assets, enforcement may remain an area of difficulty. Further, enforcement would typically require access to the private key to obtain the misappropriated crypto assets, which places a reliance on the Respondent to co-operate and provide the information.

The main concern in crypto fraud cases is the misappropriation of monies. Although this is a new area of fraud, the familiar weapons in civil fraud cases (such as injunctions and disclosure orders) remain available. If you are affected by any of the above issues, RWK Goodman has substantial expertise in civil fraud and investigations, and fraud relating to cryptocurrencies.

[1] Royal Bank of Scotland plc v FAL Oil Company Ltd and others [2012] EWHC 3628 (Comm)

Key contacts relating to crypto fraud

Find out more about our civil fraud and investigations expertise

We act for claimants in complex and high value fraud litigation affecting various types of business and personal situations.

Our civil fraud expertise

More articles from our dispute resolution team

View more articles related to Dispute Resolution and Dispute Resolution