Below you can observe the most common ways of fraud in the p2p section of the exchange. Unfortunately, this segment often attracts dubious individuals who use crypto services for their own purposes, in particular, to launder funds obtained by criminal activity.

For effective counteraction, we recommend that you familiarize yourself with all kinds of scam schemes that attackers try to implement in every service that has a p2p exchange section. What is written below is the result of analyzing our personal cases, as well as cases of other crypto-projects, exchangers and other products, where it is possible to exchange cryptocurrency to fiat and vice versa.

1. Triangle (triangle, triangular transaction, transaction involving third parties without their knowledge)
2. Forgery of payment documents
3. A fake text message instead of a notification
4. Sending a similar amount
5. Refund via bank
6. Social engineering methods

Triangle

This is probably the most common fraudulent scheme in p2p. How does it work?

1. The attacker entices the victim to buy a non-existent product or service. For example, he posts various ads on Avito, sells theater or movie tickets in Telegram chats, offers lucrative trips or airline tickets, provides specific services like data breach, buying fake documents, and so on. Naturally, the attacker does not actually sell anything.
2. Once the victim is processed and ready to make the payment, the attacker goes to the p2p service, opens an exchange request for the amount he has defrauded the victim of and takes the trader's details.
3. The victim transfers money to the trader, he releases the cryptocurrency to the scammer and the scammer withdraws it from the service;
4. The victim is left with nothing and naturally begins to look for the deceiver in different ways: turns to the bank, tries to call the number, if the payment system was SBP, turns to the police.
5. The trader remains the extreme in the scheme, as everything is closed on him. Of course, in the course of the investigation, it will most likely turn out that the trader was just selling cryptocurrency, but why bring it to this situation? Even with all the evidence of non-involvement in the scheme (for example, the history of transactions in the service), there is no 100% guarantee that the trader will not have problems with law enforcers.

Countermeasures

a) ask to write a comment on the payment "BitBridge transaction", "bitcoin purchase" or something similar. However, in the current realities, this method may lead to a shorter lifespan of your cards;

b) pay attention to the speed of payment in the transaction (the faster the better, the slower the more suspicious);

c) pay attention to the client's statistics, you can view it by using the /rating command directly in the transaction card itself;

d) request verification of the payment (possession of payment funds) from the client by means of a photo of the card against the background of the transaction, or better - a video recording of the screen from the banking application's LC, where the payment will be visible in the history (this is the best way!).

Forgery of payment documents

Today, any check, payment receipt, screenshot of a payment in the history - all of this can be easily faked and drawn. In the era of AI development, the problem has become even more acute. There are ready-made products and Telegram bots to fake anything, so you should be careful.

Countermeasures

a) Verify that the payment is actually credited to your account;

b) request payment verification (possession of payment funds) via screen capture video recording

A fake text message instead of a notification

Some scammers send SMS to the trader's phone number with alleged crediting of funds to his account. The scheme is simple, but it is designed for inattention and haste. As a rule, the phone number is taken in the SBP stack, and the deal is opened in another one, where the trader has a card number.

Countermeasures

a) Verify that the payment is actually credited to your account;

b) pay attention only to NOTICES from the banking application;

c) request payment verification (possession of payment funds) via screen capture video recording

Sending a similar amount

An even older, but still working scheme, counting on inattention and haste, is sending a similar amount. For example, instead of 100,000 rubles, the fraudster sends 10,000 rubles, counting on the fact that the trader will fluently let go of the cryptocurrency without paying attention to the discrepancy. This can work, as the notification will say not 10,000 rubles, but 10,000.00 rubles, which can be misleading.

Countermeasures

a) Verify that the payment is actually credited to your account;

b) request payment verification (possession of payment funds) via screen capture video recording

Chargeback via bank (Chargeback)

This method is as old as the world, but it is still used by scammers. In the current realities, it is almost non-operational, but there are exceptions. The essence is that the fraudster tries in every possible way to convince the bank that he made an erroneous payment and asks to return the funds back to the account. Sometimes it can work.

Countermeasures

a) Comment on the payment (completely eliminates the situation)

b) confirm the transaction to the bank (send screenshots from the service, transaction uploads, correspondence with the client, etc.)*.

*This way you can get your funds back, but with 99% probability your card will be blocked under 115 FZ.

Social engineering methods

1. Stalling. They try to communicate with the trader on various topics, most often unrelated to the deal. The expectation is that the trader will accidentally release the coins, having mixed up the transactions, as there are often several open at the same time. However, BitBridge has double confirmation of coin releases, so the scammer really needs to try hard here, and the trader needs to lose all vigilance completely. But there are exceptions here as well.
2. His client. The scammer conducts several successful trades, after which he tries to take coins "on loan", counting on the gullibility of the trader. No coins should be lent, even if the client has made a dozen or two successful trades.
3. Identical trades. The fraudster opens several transactions with different accounts for identical amounts, and then makes payment only on one of them, hoping that the trader will accidentally release another transaction under a different number. In this case, he will be "right", because he made the payment in another transaction and logically the trader should release the coins a second time, "to another client who actually transferred the funds".
4. Fake service operator. Here the scope of a scammer's thought can be very wide, but this method is almost not working. Always check the operator's account through the support button in the bot or on our website. The account is always the same! Moreover, the operator in extremely rare situations writes to you first. It is important to keep this in mind in the first place. If this happens, you should go to the support account from the site or bot and see the correspondence with the real operator.
5. Canceling an unconfirmed transaction. The scammer offers a transaction on favorable terms off the platform, offering to send the trader cryptocurrency directly. He deliberately specifies the minimum commission in the network, so that the transaction hangs until the trader makes a payment in fiat, after which the transaction is canceled, for example, through Electrum wallet using the Replace By Fee (RBF) method.
6. Any transaction outside the platform. Most often, scammers refer to the allegedly high commissions of the service or the speed of the transaction, offering to conduct the transaction directly. As a rule, a more favorable rate is offered to make it look attractive and make sense. In such transactions, the service declines responsibility and will not help the trader if he is cheated.
7. Fake bot. A scammer can slip you a link to a fake bot in your correspondence, which completely duplicates the bot's interface, after which you will lose money, for example, after replenishment, having confused the original bot with the fake bot in the list of dialogs. You should not open any links sent by you in the transaction. Moreover, you should not search for the bot in a search or ask for a link to it in chats. You can always find the correct address on our website.
8. Intimidation. Scammers can take advantage of the trader's lack of legal knowledge and start demanding a refund, threatening to go to the bank or law enforcement agencies, citing all sorts of nonsense, from fraud to terrorist financing. None of this will be done in reality, and even if it is, you have not done anything wrong, just conducted a transaction to sell cryptocurrency and can confirm it. If they try to blackmail you or "sway" you to return your funds, contact the support of the service.

Remember - the only argument you should care about is the amount transferred to the details you provided in the transaction.