Who This Is For

Anyone interested in cryptocurrency needs to understand common scams. Crypto fraud is rampant, and even experienced users fall victim. This guide covers the most common scams and how to protect yourself.

Why Crypto Scams Are So Common

Several factors make cryptocurrency attractive to scammers:

• Irreversible transactions: Can't reverse or dispute crypto payments
• Pseudonymous: Hard to trace scammers' real identities
• No intermediary: No bank or company to stop fraudulent transactions
• Limited regulation: Fewer consumer protections than traditional finance
• Hype and FOMO: People eager to "get in early" make hasty decisions
• Technical complexity: Many users don't fully understand how crypto works

Result: Perfect environment for scammers.

The Golden Rule

If something sounds too good to be true, it is. No exceptions in crypto.

Now let's cover the most common scams:

1. Phishing Attacks

How It Works

Scammers create fake websites or send messages that look legitimate to steal your:

• Login credentials
• Seed phrases
• Private keys

Common tactics:

• Fake wallet websites (MetaMask-scam.com instead of MetaMask.io)
• Emails claiming "verify your account"
• Messages about "suspicious activity"
• Fake browser extensions

Example

You receive an email: "Your Coinbase account has been locked. Click here to verify."

The link goes to coinbase-secure.com (not coinbase.com), which looks identical. You enter credentials, scammer logs into your real account and drains it.

How to Avoid

DO:

• Bookmark official sites and only use bookmarks
• Check URLs carefully (exact spelling, correct domain)
• Type URLs manually when possible
• Enable 2FA on all accounts
• Be suspicious of unexpected emails/messages

DON'T:

• Click links in unexpected emails
• Enter seed phrases into websites (never necessary)
• Trust messages claiming urgency
• Download apps from unofficial sources

2. Fake Giveaways / Doubling Scams

How It Works

Scammers promise to multiply your crypto:

• "Send 1 ETH, get 2 ETH back!"
• "Elon Musk is giving away Bitcoin!"
• "Anniversary promotion: double your crypto!"

They may create fake social media accounts impersonating celebrities or companies.

Example

A verified-looking Twitter account (@ElonMusk_Official) posts: "To celebrate 100M followers, I'm giving back! Send 0.1-2 BTC to this address and I'll send back double!"

The address shows other "participants" receiving payouts (fake transactions the scammer controls).

Why People Fall For It

• Appears to have legitimacy (fake verification badges)
• Shows "proof" of others being paid
• Creates urgency ("only 30 minutes left!")
• Targets people's greed

How to Avoid

Simple rule: Legitimate people and companies NEVER ask you to send crypto to receive more back.

• No real giveaways require you to send crypto first
• Celebrities and companies don't randomly give away crypto
• "Too good to be true" always is
• Verification badges can be faked

3. Fake Customer Support

How It Works

You post about an issue on social media or forum. Within minutes, someone claiming to be customer support contacts you:

"I'm from [Wallet/Exchange] support. I can help you. Please provide your seed phrase so I can restore your account."

Common Tactics

• Direct messages on Twitter, Discord, Telegram
• Usernames similar to official accounts
• Official-looking profile pictures
• Urgency: "Your account will be locked in 24 hours"
• Request for seed phrase, private keys, or remote access

Reality

REAL customer support:

• Never initiates direct messages
• Never asks for seed phrases or private keys
• Communicates through official channels (support tickets on official website)
• Never asks for remote access to your device

If someone DMs you offering help, they are scamming you. Period.

How to Avoid

• Ignore all unsolicited direct messages offering help
• Only contact support through official website
• Never share seed phrases with anyone
• Enable DM filtering on social media
• If you need help, you contact them—not the other way around

4. Rug Pulls and Fake Projects

How It Works

Scammers create a new cryptocurrency token or NFT project:

1. Build hype on social media
2. Promise amazing returns or utility
3. Collect money from investors
4. Disappear with the funds

Example: DeFi Rug Pull

A new "yield farming" protocol launches:

• Promises 1000% APY
• Has professional website and whitepaper
• Developers are "doxxed" (supposedly identified)
• Early investors make money (to create buzz)
• Once enough money is deposited, developers drain all funds and disappear

Red Flags

• Anonymous team or fake identities
• Unrealistic promises of returns
• Pressure to invest quickly
• No clear use case or purpose
• Poor or copied documentation
• Code not audited or audited by unknown firm

How to Avoid

• Be extremely skeptical of new projects
• Research team thoroughly (not just what project says about themselves)
• Understand the technology and use case
• Ask: "What problem does this solve?"
• If returns sound incredible, it's a scam
• Don't invest due to FOMO

Reality: Most new crypto projects fail or are scams. Even if not an outright scam, most new tokens lose value.

5. Ponzi/Pyramid Schemes

How It Works

A program promises high returns with "no risk":

• Uses new investor money to pay earlier investors
• Creates illusion of profitability
• Recruits more people through referrals
• Eventually collapses when new money stops flowing

Common Phrases

• "Passive income guaranteed"
• "10% monthly returns, risk-free"
• "Refer friends and earn bonuses"
• "Ground floor opportunity"
• "We're revolutionizing finance"

Famous Example

BitConnect: Promised 1% daily returns. Eventually collapsed, costing investors billions. Founders disappeared.

How to Avoid

• No investment is risk-free
• Consistent high returns don't exist without high risk
• If model relies on recruiting others, it's a pyramid scheme
• Check if registered with financial regulators (most aren't)
• Ask: "Where do these returns actually come from?"

6. Malicious Smart Contracts

How It Works (More Technical)

You're asked to "connect your wallet" to a website or approve a transaction:

• Website has malicious smart contract
• By approving, you give contract permission to drain your wallet
• Funds are immediately stolen

Common Scenarios

• Fake NFT mint sites
• Compromised DeFi platforms
• "Free" token claims
• Fake airdrops

How to Avoid

• Only connect wallet to trusted, verified sites
• Understand what you're signing/approving
• Use a separate wallet with small amounts for trying new platforms
• Never approve unlimited token allowances
• If you don't understand the transaction, don't approve it

7. Romance/Pig Butchering Scams

How It Works

Scammer builds romantic relationship over time:

1. Contacts you on dating app or social media
2. Builds trust over weeks/months
3. Eventually mentions their crypto "investment success"
4. Offers to "help" you invest too
5. Directs you to fake exchange or investment platform
6. You deposit crypto, site shows fake gains
7. When you try to withdraw, you're told to deposit more for "taxes" or "verification"
8. Eventually scammer disappears

Why It Works

• Long con builds trust
• Emotional manipulation
• Fake platform looks legitimate
• Shows "profits" to encourage more deposits

Red Flags

• Person you've never met in person brings up crypto investment
• Pushes specific platform or app
• Success seems too consistent
• Reluctant to video chat or meet
• Provides excuses for why you can't withdraw

How to Avoid

• Be suspicious of anyone you meet online who discusses crypto investing
• Never invest in platforms recommended by online strangers
• Research any exchange thoroughly
• If they pressure you or create urgency, it's a scam
• Trust your instincts—if something feels off, it is

8. SIM Swap Attacks

How It Works

Scammer gets control of your phone number:

1. Contacts your mobile carrier impersonating you
2. Convinces them to transfer your number to their SIM card
3. Uses phone number to reset passwords and bypass 2FA
4. Accesses your email, exchange accounts, etc.
5. Drains your crypto

How to Avoid

• Use authenticator apps instead of SMS for 2FA
• Set up PIN or password with mobile carrier
• Don't share personal information on social media
• Use separate email for crypto accounts
• Consider Google Voice or separate number for accounts
• Don't link important accounts to phone number if possible

9. Fake Wallet Apps

How It Works

Scammers create fake wallet apps:

• Posted to app stores (before removal)
• Sent via phishing messages
• Look identical to legitimate wallets
• Steal seed phrases when entered

Example

You search "MetaMask" in app store. The top result is "MetaMask Wallet Pro" (fake). You download it and enter your seed phrase to "restore" your wallet. Scammer now has your seed phrase.

How to Avoid

• Download apps only from official websites
• Check developer name carefully
• Read recent reviews (fake apps often have complaints)
• Verify download links multiple times
• Bookmark official app store pages
• If app isn't linked from official website, don't download

10. Job Offer Scams

How It Works

Scammer offers a "job":

• Social media manager for crypto company
• Remote crypto trader
• NFT community moderator

But requires you to:

• Pay "training fee" in crypto
• Provide seed phrase for "company wallet"
• Purchase "starter kit" with crypto

How to Avoid

• Legitimate jobs never require upfront crypto payment
• No employer needs your seed phrase
• Research company thoroughly
• If offered unsolicited job, verify independently
• Be suspicious of jobs that seem too easy for high pay

Scam Prevention Checklist

Before sending crypto or sharing information:

• [ ] Did I verify the URL is exactly correct?
• [ ] Did anyone ask for my seed phrase? (If yes, it's a scam)
• [ ] Does this promise returns that seem too good to be true?
• [ ] Am I feeling pressure to act quickly?
• [ ] Have I independently researched this person/company/project?
• [ ] Did I verify the official communication channel?
• [ ] Am I being contacted unsolicited about "help" or "opportunities"?
• [ ] Have I sent a small test transaction first?

If you answered "yes" to pressure, urgency, or unsolicited contact—STOP. It's likely a scam.

What to Do If You've Been Scammed

Unfortunately, recovery is usually impossible, but take these steps:

1. Stop further losses: Change passwords, revoke approvals, transfer remaining funds to new wallet
2. Document everything: Screenshots, transaction IDs, communications
3. Report it:
   • Local law enforcement
   • FBI IC3 (for US)
   • FTC (reportfraud.ftc.gov)
   • Platform where scam occurred
4. Warn others: Report the scammer on relevant platforms
5. Learn from it: Understand what happened so it doesn't happen again

Reality check: Law enforcement rarely recovers funds, but reporting helps track patterns and may prevent others from being victimized.

Key Takeaways

• Crypto scams are everywhere and constantly evolving
• If someone contacts you unsolicited, it's probably a scam
• No one legitimate needs your seed phrase—ever
• High returns with "no risk" don't exist
• Take time to research—urgency is a red flag
• When in doubt, don't act

Better to miss a "good opportunity" than lose everything to a scam.

Further Reading

• Phishing and Fake Support
• Seed Phrase Security
• What to Do If You've Been Scammed
• Safe Transaction Habits