Bitpanda logo
Invest
INVEST IN:
CryptocurrenciesBuy, sell & swap cryptocurrencies
Precious MetalsInvest in precious metals
Stocks* Invest in stocks with zero commissions
ETFs*Invest in ETFs 24/7
Crypto IndicesThe world's first real crypto index
Commodities*Invest in commodities 24/7
LeverageGo Long or Short on top cryptocurrencies
TOP CRYPTOCURRENCIES:
Tradingnew
The new standard for crypto trading
Bitpanda FusionTrade with aggregated liquidity at the best prices
Start Trading crypto
Broker vs exchange vs advanced trading
Trading indicators
Accelerated 10x crypto trading
Bitpanda Margin TradingA smarter way to trade crypto with 10x leverage
What is Margin Trading?
What is the Leverage Effect?
How does Leveraged Crypto Trading work?
Web3
A new era for the internet
Bitpanda Web3Your gateway to the future of the internet
Vision TokenBuilt to power Bitpanda Web3 and beyond
DeFi WalletWeb3 starts here
Bitpanda LaunchpadWhere the next big thing begins
Vision ChainThe regulated blockchain for real-world finance
Vision ProtocolOne route. Every chain.
New to Web3
What is Web3A Brief History of Web3
What is a Web3 wallet?Your key to the Web3 world
How does Web3 work? Discover the technology that powers Web3.
Vision (VSN) launch incentivesRewarding our community
Features
POPULAR FEATURES
Savings plan
Savings Plan A savings plan for Bitcoin and more
Bitpanda Spotlight New assets are waiting for you
Bitpanda Limit OrdersInvest on autopilot with Bitpanda Limit Orders
Save time & money
AffiliatesJoin the Bitpanda Affiliate Program
Tell-a-friendInvite your friends, earn rewards
Benefits & Rewards
Bitpanda Card & card benefits
Bitpanda Card & card benefitsA visa card with Bitcoin cashback
Stacking
StakingStart staking popular coins and tokens
Bitpanda Cash Plus Earn high-yield returns from 24/7 availability
Bitpanda ClubAdditional benefits for our most valued customers
Learn
Our Education Platform
academy icon
Bitpanda AcademyLearn everything you need to know about personal finance, digital assets, emerging technologies and more.
CRYPTOHow to start trading cryptocurrencies
BITCOINBitcoin ETFs explained
TRENDSWhat is a bull market?
STAKINGWhat is staking?
News, Updates & Stories
Bitpanda BlogBe the first to learn the latest news, announcements, and stories from the world of investing, cryptocurrencies, stocks and precious metals
BITCOINBitcoin (BTC) reaches new all time high
FEESInvest with zero deposit fees
LIMIT ORDERSInvest on autopilot with Bitpanda Limit Orders
Business
Our API for your business
Bitpanda Technology Solutions Use our tech infrastructure to offer a trading experience to your users
Our investment offering for your business
Bitpanda BusinessInvest your business idle cash in 3000+ digital assets - safely, securely and fully regulated
The solution for High Net Worth Individuals
Bitpanda WealthCrypto investment services for wealthy investors
Company
AboutSecurityPressCareersPartnershipsWhy BitpandaBrand manifesto
Help
How to get startedWho can use BitpandaPayment methods and limitsHelpdesk
Preferences
    Log in
    Bitpanda logo
    Log in
    Preferences
      • Invest
      • Prices
      • Tradingnew
      • Web3
      • Features
      • Learn
      • Business
      • Company
      • Help

      10/14/2025

      8 min read

      What is spoofing?

      Spoofing

      Spoofing is a deceptive practice that has persisted for years, often involving fraudulent communications that closely mimic legitimate sources. A common scenario includes victims receiving counterfeit emails or calls that appear to originate from their bank adviser, leading them to transfer funds unwittingly. In the realm of cryptocurrency, investors have become prime targets for such attacks. This article provides essential insights into this pervasive issue and offers guidance on safeguarding your investments.

      • Spoofing involves crafting fake communications that mimic legitimate sources to deceive victims

      • Crypto investors are frequently targeted due to the irreversible nature of blockchain transactions

      • Techniques like typosquatting, alias spoofing, and domain spoofing are commonly used in these attacks

      • Recognizing warning signs and verifying communications are essential for staying protected

      What is spoofing: definition and meaning

      The term "spoofing" originates from "spoof," meaning a prank or hoax. In cybersecurity, spoofing involves falsifying communication sources to impersonate a legitimate entity. A typical example is an employee receiving an email that appears to come from their company's CEO, complete with a convincing email address and signature. The message may request an urgent, confidential transfer, exploiting the recipient's trust and sense of urgency. This is particularly effective because several elements are combined:

      • Authority: the impersonation of a senior figure, such as a CEO

      • Credibility: a plausible context, like a confidential acquisition

      • Urgency: pressuring immediate action

      • Authenticity: a visually convincing appearance

      How does email spoofing work?

      Spoofing exploits the inherent trust in internet mechanisms. Imagine the email system as a postal service. In traditional mail, anyone can write any sender address on an envelope. The email protocol (SMTP) works the same way: it was designed for message transmission, not sender verification.

      This historical architecture makes spoofing technically simple to achieve. The technical barrier has been further lowered with the appearance of software available on the Web, exploiting one of the following techniques.

      Typosquatting

      Typosquatting involves creating domain names that closely resemble official sites, relying on subtle changes to mislead users. This can include minor spelling errors (e.g., "laposte.fr" becomes "lappost.fr"), using different extensions (e.g., "amazon.fr" becomes "amazon-fr.com"), or misleading capitalisation (e.g., "PayPaI.com" with a capital I instead of an L).

      Email alias spoofing

      Email alias spoofing is a simpler yet highly effective technique. Hackers alter the displayed name in your inbox, making the email appear to come from a trusted source. For example, an email might seem to come from "Customer Support - Bitpanda," but the actual sender’s address could be something entirely different, like "[email protected]." Attackers rely on users focusing only on the displayed name and not verifying the complete email address.

      Domain name spoofing

      Domain name spoofing is a more advanced technique. Hackers manipulate the technical details within the email headers to make the message look like it originates from a legitimate domain. For instance, an email could appear to come from "[email protected]" while actually being sent from an entirely different address.

      These methods rely on mass distribution, where even a small success rate can yield significant gains for cybercriminals. A single successful attempt can compromise networks or result in large financial losses.

      Variations of spoofing

      Spoofing attacks come in many forms, each exploiting different aspects of digital communication to deceive and manipulate targets. Below are two common variations that highlight how cybercriminals adapt their methods to exploit vulnerabilities:

      IP address spoofing (IP spoofing)

      IP address spoofing is a highly sophisticated cyberattack where the attacker masks their IP address, making their device appear as a trusted one. Similar to a car’s number plate, an IP address is a unique identifier that facilitates communication between devices on the internet. In an IP spoofing attack, the hacker manipulates this "number plate" by altering the data packets sent from their computer, enabling them to bypass security measures or disguise malicious activities.

      Phone spoofing (caller ID spoofing)

      Phone spoofing, also known as caller ID spoofing, manipulates the phone number displayed on the recipient’s device during a call. This type of spoofing preys on our instinct to trust familiar or recognised numbers. It is enabled by the SS7 protocol, which governs telephone networks and relies on unverified information to display the caller’s number. This lack of verification makes phone spoofing a particularly dangerous and deceptive tactic.

      New to Bitpanda? Get started today!

      Sign up here

      Who are the primary targets of spoofing?

      Spoofing attacks often target individuals and organisations with high-value assets or sensitive data. Here are two examples of how these attacks exploit trust and urgency to devastating effect:

      Companies and their treasury

      One of the most notable cases of spoofing cybercrime involved the French cinema group Pathé. In 2018, fraudsters targeted its Dutch subsidiary, leading to a loss of €19.2 million. Impersonating then-CEO Marc Lacan, the attackers sent emails to the Dutch financial director referencing a confidential acquisition in Dubai and requesting urgent money transfers.

      This attack was remarkably elaborate: the emails mirrored the company’s official communication style, included accurate logos and signatures and referred to plausible business processes. To add credibility, the fraudsters even arranged fake conference calls with supposed lawyers. Over time, €19.2 million was transferred to foreign accounts, showcasing the immense risk spoofing poses to businesses.

      Crypto investors

      Crypto investors are frequent targets for spoofing due to the irreversible nature of blockchain transactions. In December 2024, a sophisticated spoofing campaign targeted users of Ledger hardware wallets. The attackers forged Ledger's official support email address to send fake alerts claiming a "recent data breach."

      The emails urged users to "verify" their private recovery phrase (seed phrase) to secure their assets. Victims were redirected to a counterfeit website that closely resembled Ledger's official site. A pop-up on the site prompted users to input their 24-word seed phrase, granting the attackers full access to their wallets. This example highlights how spoofing tactics exploit trust and technical ignorance to compromise sensitive crypto assets.

      What is order book spoofing?

      In the cryptocurrency ecosystem, spoofing often manifests as a form of market manipulation. The tactic involves placing large buy or sell orders with the sole intention of cancelling them before execution. The goal is to create an illusion of liquidity to influence market prices. Here's how it works in practice:

      • A manipulator places large orders at key price levels, just below the current market price. For example, if Bitcoin is trading at $95,000, they might place large buy orders at $94,500.

      • Other traders observe these significant orders and interpret them as a sign of strong interest at that price. Sellers, anticipating a price rise, may adjust their selling prices upward.

      • Before these large orders are executed, the manipulator cancels them. This action removes the apparent support from the order book.

      • The cancellation creates a vacuum in the order book, causing selling traders’ orders to be executed at unexpectedly lower prices. This rapid price drop allows the manipulator to buy assets at a reduced cost.

      Once they’ve acquired their position at an artificially low price, the manipulator either works to push prices higher or waits for natural market recovery to sell at a profit.

      In regulated financial markets, spoofing has been illegal for years, with authorities actively pursuing and penalizing offenders. For example, in 2021, a former Deutsche Bank trader, James Vorley, received a prison sentence for using spoofing tactics to manipulate gold and silver prices between 2008 and 2013.

      However, in the relatively unregulated crypto market, spoofing remains a persistent issue. The lack of stringent oversight allows manipulators to exploit these tactics, disrupting market integrity and eroding trust among investors.

      What is a “spoof coin”?

      “Spoof coins,” or fake cryptocurrencies, are a type of fraud that targets the crypto ecosystem. These counterfeit tokens are designed to closely mimic popular and legitimate cryptocurrencies by copying their names, symbols and visual identities. Fraudsters create these tokens to deceive unsuspecting investors into purchasing them, thinking they are acquiring the real asset.

      Examples include:

      • SHIBA on BSC: The legitimate SHIB token operates on Ethereum, but imitations circulate on the BNB Smart Chain.

      • BONK on Ethereum: The real BONK token is native to Solana, yet fake versions exist on other chains.

      • XRP on BSC: Tokens labelled “Ripple” or “XRP” on the BNB Smart Chain are not the genuine Ripple.

      Fraudsters often use subtle naming tricks, such as replacing characters (e.g., “BlTCOIN” with a lowercase L instead of an I), adding symbols (“USDC_”), or introducing slight variations like “ŞOL” (using a cedilla) or “DOGE2.” These counterfeit tokens pose a particular risk on decentralised exchanges (DEX), where anyone can create and list a token without rigorous oversight. Victims may unknowingly purchase these worthless tokens, thinking they are legitimate assets.

      Using a regulated platform like Bitpanda helps mitigate this risk. Bitpanda ensures that only official tokens are available for purchase by verifying smart contract addresses and accepting authentic versions on their native blockchains.

      Conclusion: how to protect yourself from spoofing

      The December 2024 attack on Ledger users underscores the importance of vigilance in the crypto space. Unlike traditional banking, cryptocurrency transactions are irreversible, leaving little recourse after a successful spoofing attack. To safeguard your assets:

      • Verify sender information: always check the full email address, not just the display name

      • Be cautious of inconsistencies: scrutinize emails for minor errors or unusual requests

      • Avoid clicking on unsolicited links: do not engage with unexpected emails containing attachments or links, even if they appear to come from known companies

      • Confirm through alternate channels: if in doubt, contact the company directly using official contact information to verify the communication's legitimacy

      • Never share confidential information: refrain from disclosing sensitive details like login credentials or recovery phrases via email

      Staying safe also requires staying informed about the latest developments and deepening your understanding of how scams operate. The Bitpanda Academy offers many resources to help you stay secure in the crypto world, covering the biggest risks in investing and more.

      Bitpanda logo
      Invest
      Earn
      Learn
      Features
      Products
      Bitpanda Technology Solutions
      Get the app
      © 2025 Bitpanda GmbH