This is a guest post by Alex J Coyne
Cryptocurrency is one of the hottest search terms of the past ten years, and a potential hotbed of investment for those who believe it's worth the risk.
Unfortunately, its popularity has also meant that it has a lot of potential to be used as a choice currency for crimes, scams and what's called "cryptojacking" - or the practice of hijacking resources and systems to mine cryptocurrency in the background.
Are you protected enough against the possibility of falling victim to cryptocurrency crime - and what can law enforcement do in order to spot and combat these crimes?
Alex J. Coyne spoke to Bryan Turner from Worldwide Worx, resident data analyst, text expert and writer about the current cryptocurrency crimes market and what users and law enforcement can do.
"The illegal use of cryptocurrency definitely has adverse effects on the success cryptocurrency could have, especially when it's used as a form of payment for ransomware scams and sextortion e-mails."
Bryan says that these uses of cryptocurrency might make it seem like a riskier form of payment, but that it carries no more consumer risk than using cash.
What you can do with cash, you can do with cryptocurrency.
This has given rise to scams, hacks and other illegal activities using crypto instead of any physical currency. Some of the most common cryptocurrency-related scams and crimes seen include -
Cryptojacking: Cryptojacking refers to the hijacking of systems and resources in order to mine cryptocurrency.
Ransomware: Ransomware shuts down essential system processes or files, and then demands payment for its release.
Sextortion: Sextortion is much like ransomware, but involves real, faked or claimed sexual pictures, screenshots or images, demanding payment.
Fraud: Cryptocurrency fraud is a vast field and can involve everything that would constitute regular fraud, just involving cryptocurrency as the medium instead of cash.
MLM Scams: Multi-Level Marketing scams are the pyramid schemes of old and usually rely on the recruitment of the next person up in the pyramid until the entire scheme collapses: Now modernized, and available in cryptocurrency variety.
Theft: Cryptocurrency can be stolen directly from accounts in a variety of ways, just like funds from bank accounts.
Fake Currencies: Not all cryptocurrencies and cryptocurrency exchanges are real, registered or legitimate and there are many "fake" websites and currencies floating around that could disappear with your cash.
Laundering: Is someone offering you cryptocurrency at below-market prices? This might be a sign of money laundering, a practice increasingly involving cryptocurrency that makes clean money come out for the scammer at the other end.
Kidnapping: When we're not talking about ransomware, sometimes cryptocurrency is demanded as physical ransom in the event of kidnappings.
Illegal Gambling: The instant, online aspects of cryptocurrency has made it ideal for conducting illegal online gambling transactions.
Illegal Payments: Other than what's already been mentioned here, cryptocurrency can - in theory - be used to pay for anything else illegal through the internet, including payment for drugs, weapons or black hat hacking jobs.
"The number one risk is older software, especially with operating systems like Windows XP and Windows 7 still being used today." says Bryan. "Microsoft no longer patches these operating systems, so it's really easy for cryptojackers to compromise these systems."
Articles in 2016 reported that Donald Trump's email servers were still running on Windows 2003 at the time, leaving a wide-open security hole that remains common for many computers and servers online today.
According to Bryan, other risky behaviours can also increase your risk of being affected by hacks or cryptojackers. "Installing illegitimate software (or illegally patching software) also puts users at risk."
Software like Photoshop make common targets for built-in cryptominers, especially when the software gets downloaded illegally. "Photoshop is process-intensive on a computer, so it's natural for a computer to act slower when running these programs,"
Bryan says this makes these types of software - especially when cracked - ideal for hiding "process-intensive" background miners.
"Running most new and updated anti-virus software, like Windows Defender (for Windows 10) or F-Secure Mobile Security (for Android) can help to track down these background mining programs as well as help remove them." says Bryan.
If you've picked up a severe system virus, recently been hacked or suspect that you have a background mining program, he also recommends that users backup their information - and then wipe the system clean.
"Although many wouldn't wipe their computers or phones after infection, we highly recommend performing a full wipe to ensure that no other traces of the programs are on the compromised system."
Other forms of internal protection against background miners exist: Browsers like Firefox now block cryptocurrency miners by default, and e-mail servers like Gmail are increasingly better at picking up tell-tale signs of a dodgy e-mail and sending it straight to the appropriate Spam-folder.
The first thing that most people would do in the event of being hit by a cryptocurrency crime or scam is to contact the police. It's the most logical option, although it only helps if law enforcement is prepared and trained to deal with an emerging type of cyber-crime.
"Law enforcement needs to actively monitor crypto wallets and crypto laundering, which is sending money across several wallets to hide its endpoint." recommends Bryan.
While he admits this is no small feat, he says that an active investment into tracking software for cryptocurrency "can greatly improve catching bad actors."
How can law enforcement prepare for cryptocurrency crimes better?
"Getting money out at the end of the day is often the goal," says Bryan. "Finding this endpoint where it's exchanged for flat currency is ideal." He notes this can be difficult in cases where cryptocurrency gets laundered by scammers selling it at lower-than-market rates for a quick, clean turnaround.
He also says that law enforcement should notify the public on what qualifies as legitimate or a scam. Many sextortion e-mails claim to have personal information, passwords or pictures of the person being scammed, when the e-mail is only full of threatening hot air.
"People shouldn't be falling for these scams, but many would rather not have their online activity posted online as opposed to questioning whether the e-mail is legitimate."