Photo credit: Pixabay/Pexels

Although crypto is reaching new heights and Bitcoin is breaking all-time records and almost touching $100,000, the number of scams still prevails in this new technological and financial sector. 

With reports of losses crossing millions and billions of dollars, there is still yet to be an effective solution to completely exterminate the malicious individuals. So this question remains unanswered: How do we tackle the bad actors and scams rising in the industry? 

The Byteline decided to have an exclusive conversation with Bitget’s Vugar Usi Zade — who is the crypto exchange’s current Chief Operating Officer — to discuss the crypto securities and how to reduce the losses in blockchain sector. Zade has over 15 years of experience from Fortune 500 companies and fast-paced startups.

Crypto scams reportedly stole billions from Americans last year, with older investors being hit hardest. What specific security measures does Bitget implement to protect these vulnerable groups from scams?

First of all, I like good statistics, but I'm also wondering how much money is lost in traditional banking scams and phishing scams. Scams existed before crypto and now they exist within crypto as well. At BitGet, we believe that the responsibility for safety and security shouldn’t be on the shoulders of the customer — it should be on the product end. Therefore, we are trying to build a robust product that will prevent such issues.

At BitGet, we have two approaches. One, as I mentioned, is building a product that is scam-proof and fraud-proof. The other is developing and educating our customers and users. In September, we conducted an entire anti-scam month where we produced a huge amount of content to educate our users. But again, education is — I don’t think it’s as effective; it’s never been effective. Banks have been conducting education campaigns on anti-scam and anti-phishing for so long.

Therefore, we have product features that really help. For example, we have something called an anti-phishing code. The anti-phishing code is similar to your password; you set it up on the BitGet app, and every communication that comes from an official BitGet account will include this code. It acts as a code phrase between you and us. If you receive any communication claiming to be from BitGet that doesn’t have this code, it means it’s not official or not a real source of information.

Another important aspect for us is delayed payments. You can configure how much time you want a payment to be delayed — it can range from one minute to one hour. This means that after initiating an action, you still have, for example, an hour to cancel the transaction. This is especially helpful if you’re being forced to make a transaction under duress. This is another important factor.

At BitGet, we have very strong measures. To conduct any transaction, you need at least three layers of security. These include your app login password, a funds code, and a one-time password (OTP) sent to your mobile or email. Additionally, you must use an authenticator. These three different measures ensure robust security for any transaction. All of this demonstrates how much you can prevent fraudulent activity.

Another important factor is that because transactions are on-chain, we can track them. If you attempt to send a transaction to a wallet that has previously been flagged as involved in a scam, you’ll likely receive a notice alerting you. It will inform you that the wallet you are sending to has been involved in a scam, allowing you to reconsider the transaction.

On-chain actions make it easy to identify scams and block funds in such accounts, particularly within the exchange ecosystem. We refer to these as "stained wallets." If a wallet was involved in a scam, we ensure users are prevented from completing transactions with it. This is especially feasible on an exchange platform because we KYC everyone and have detailed knowledge of our users. However, it might not be as easy with decentralized wallets.

What are some of the newest technologies or protocols Bitget uses to safeguard users’ funds and personal information? Are there any AI or blockchain-based solutions that you find particularly effective?

I think my favorite tool is the ability to whitelist wallets, especially on a centralized exchange. Basically, you don’t have to input the wallet details every time. You can whitelist it, set it up, and complete a verification process. For example, if it’s your browser, the next time you use it, the chances of entering the wrong wallet address or password are significantly reduced. This is especially important when someone could impersonate your browser, particularly with the rise of deepfakes and AI. Therefore, whitelisting wallets is an easy and effective solution, and it’s the best version we’ve implemented. This feature might not be available in decentralized wallets or many other products on the market.

Regarding scams, as I mentioned earlier, they mostly target seniors above the age of 40. So, how does BitGet tailor its security features or try to inform these specific groups? Honestly, we don’t create a specific target base. The way we handle information—especially with KYC processes—means that we don’t store all user information, nor do we rely on that. Building a product based on age isn’t a priority for us, and I think it would go against principles of inclusivity and fairness. Instead, we aim to create a product that is foolproof and provides equal levels of information and security for both new and professional users.

As I mentioned, the triple security measures we’ve implemented make it significantly harder for everyone to bypass or fall victim to scams. We usually find that scams targeting seniors don’t originate from their crypto exchange accounts. Instead, they are manipulated through other means. For example, a well-known scam in the United States involves gift cards, or scammers might coerce people by claiming that their children or grandchildren are in trouble. These scams often leverage AI tools. In most cases, the scams occur off the platform, and only the payment part happens on the platform.

This is not solely a problem within the crypto industry. Partnerships also play a role in combating scams. For example, when one company partners with another entity, they aim to achieve a specific objective or gain mutual benefits.

‍

Can you discuss any recent partnerships or collaborations Bitget has initiated to combat fraud and ensure a secure trading environment for all users?

We are partnering with a company called SumSub. SumSub is an AI-powered tool that helps us identify deepfake-related scams. First of all, it helps us prevent and block accounts that might not be authentic or realistic and are powered by deepfakes to bypass the KYC process. Therefore, we want to ensure that everyone on our platform is real and human. That is a very important aspect for us.

OKX and other centralized exchanges have already suffered from scams involving deepfakes and AI, while BitGet has not, thanks to our partnership with SumSub. This is a significant advantage for us, as we conduct KYC for all users. Scammers often attempt to use deepfakes during the KYC process to hide their identities because, without successfully completing KYC, they cannot access wallets or funds they aim to exploit.

By ensuring that all users are real humans, we can effectively track individuals if something goes wrong. This makes BitGet less appealing to scammers, which is a crucial aspect of our security strategy.

Beyond platform security, how does Bitget help educate users about scam tactics, such as phishing schemes or social engineering, which are often difficult to detect?

Recently, similar incidents have occurred, and we are still investigating them. Specifically, there were two scam cases where someone posed as BitGet and took money from projects by claiming they would be listed on BitGet. However, these projects were never listed because it wasn’t actually us.

To assist the affected users, we are investigating the issue further. In the meantime, we refunded the money through the BitGet protection fund. Our fund is the second largest in the industry and consists of 6,500 Bitcoins. Whenever something goes seriously wrong, we use this fund to compensate users, which is our way of offering support. However, this approach is more about addressing the problem after it happens rather than preventing it in the first place.

Technology is evolving rapidly, and it’s not always possible to prevent everything. That said, when it comes to preventive measures against scams, our biggest priority is notifying users at every step of their transactions, particularly when they attempt to withdraw funds. Another significant measure we’ve implemented is limiting how quickly funds can be withdrawn after an account is created.

Most scams target new users, as you mentioned, by directing them to unfamiliar platforms for transactions. To combat this, we’ve instituted a 24-hour withdrawal hold for new accounts. This is crucial because scammers often pressure users over the phone to complete actions quickly. Some financial apps now detect when users are on a call and prompt them to hang up to prevent scams.

Our approach is to identify scam patterns and build products that specifically address those patterns. For instance, we focus not just on educating users but also on developing solutions like the anti-phishing code. A common scam involves alerting users that someone is trying to access their account and instructing them to change their password. In the process, they unknowingly provide both their old and new passwords to scammers, who then use that information to hack their accounts.

To prevent this, we introduced the anti-phishing code. If an email doesn’t contain this code, users know it didn’t come from BitGet. This is especially important because people can sometimes be too tired or unsure about how to verify the sender’s email address. With our system, the anti-phishing code is the first thing users see in official emails, providing an additional layer of security.

Given Trump’s election, do you believe his administration could lead to enhanced protections for crypto investors, particularly those targeted by scams?

I think it’s about the political regime. I don’t believe they will become like El Salvador because, for instance, Trump wanted to build a wall but couldn’t due to the American legislative system. However, I still believe that Trump’s election is pro-crypto. I hope this stance goes beyond just an election promise.

I think America should have embraced crypto earlier. Over the last five or six years, we’ve seen a significant withdrawal from the crypto community in the US. But we must also remember that some major court cases involving crypto took place during Trump’s previous term. So, why has he suddenly had this change of heart? Why didn’t he act four, five, or six years ago when he was already in power? This isn’t his first time holding office.

That said, I think the most important part of his narrative is about giving custodian rights to Bitcoin holders. It’s around 60,000 people in the U.S., I believe. That’s a critical aspect because, in America, the Federal Reserve holds all the wealth and is responsible for printing money. Simply acknowledging that there’s another “printer” — in this case, Bitcoin — is a step in the right direction.

What role do you think the U.S. government should play in protecting crypto investors from scams?

I would recommend that, in a similar way to how they bail out banks, they consider how they could bail out projects.

Jokes aside, I think the biggest problem with harsh regulations is that they stifle innovation and kill startups. America, particularly Silicon Valley, was the birthplace of so many technological advancements. Therefore, I believe that with better legislation, the U.S. could also promote entrepreneurship.

Good products always come with strong anti-phishing and anti-scam measures. In my opinion, it’s about finding ways to motivate a new generation of builders. I also believe in the democracy of the U.S. court system, which is one of the best systems to be judged by.

With the right legislation, the U.S. could become a major hub for crypto again. However, it’s currently losing its edge in this space. When you look at the Middle East’s regulations, the U.S. is falling behind. Many U.S. firms are moving to the Middle East because of its better regulatory environment.