In the face of a rising tide of scams and exploits, even CertiK, a security firm that specializes in comprehensive security for blockchains, smart contracts, and Web3, is not immune. Scammers are targeting users by fraudulently latching on the company’s brand, which is dedicated to ensuring the security of digital assets and decentralized technologies.

In the latest blog post, CertiK revealed that it is facing a myriad of challenges beyond its primary focus on auditing. Among these challenges are scams that exploit the CertiK brand to spread misinformation and defraud users.

CertiK’s Struggle Against Brand Exploitation

One prevalent scam involves phishing sites falsely claiming to have undergone CertiK audits. These fraudulent certifications are used to deceive users into investing in schemes like Wixpool, a fraudulent crypto-mining site. CertiK said it actively reports such sites to hosting providers for takedown, safeguarding users from financial losses.

Scammers perpetrate exit scams by falsely claiming to be audited by CertiK. The Lymex scam is a notable example, resulting in approximately $300,000 in losses. In its new report, CertiK emphasized the importance of verifying audit claims, as in the Lymex case, where no services were rendered due to failed KYC verification.

The rise of social media also gave scammers a platform to create fake profiles impersonating CertiK employees. Platforms like LinkedIn witness scammers brokering fake deals, presenting fraudulent investment opportunities, and even offering fake job positions. CertiK warns users to verify the legitimacy of interactions, citing an incident where a scammer on Telegram duped a project owner into transferring funds.

Bad actors target victims of investment fraud with recovery scams, offering to retrieve lost funds for an upfront fee. CertiK cautions users to be wary of such frauds, emphasizing that its genuine communication is through certik.com. The recovery service, while not guaranteed, involves engaging with relevant parties to retrieve assets potentially.

Bots on X

Misinformation and bot activity on Twitter have wreaked havoc for several years, including until Elon Musk took over in October 2022. The subsequent rebranding to ‘X’ has done little to curb the scam bot activity that continues to be a major pain point.

CertiK also revealed observing instances of brand misuse on X, ranging from harmless inquiries to outright scams. The report highlighted the use of bots interacting with posts related to CertiK’s services, clarifying that the project is not affiliated with these posts and does not endorse them.