Common Crypto Scams And How To Avoid Them
Content
Crypto runs on one hard rule that scammers exploit every day: transactions can’t be reversed. There’s no bank to call, no chargeback, no undo button. Once your coins move, they’re gone.
That’s why fraud in crypto pays so well. Scammers reuse a small set of patterns dressed up in new packaging, so learning the playbook matters more than memorizing any single scheme. Spot the pattern and you’ll catch the next variant before it costs you. Here are the most common crypto scams and the habits that shut them down.
Why Crypto Is A Scammer’s Playground
The same features that make crypto powerful also make it attractive to fraud.
- Transactions are irreversible. No one can claw back a payment you sent.
- It’s pseudonymous and global. Scammers operate across borders and cash out fast.
- Self-custody puts you in charge — which makes you the last line of defense.
- Hype and FOMO push people to act fast, and speed is exactly what scammers want.
Most crypto scams aren’t hacks. They’re social engineering — the attacker convinces you to hand over access or send funds yourself. The weak point is rarely the technology. It’s the human at the keyboard.
The Two Lies Behind Almost Every Scam
Nearly every scam stands on one of two false claims. Learn these and you’ve got a filter for the rest.
- “Share your seed phrase, private key, or screen and I’ll help.” No legitimate person or company ever needs any of these. Anyone who asks is trying to rob you.
- “Send funds now and you’ll get more back” — or “pay a fee and I’ll recover or guarantee your money.” No one can reverse a blockchain transaction or guarantee returns.

If a message rests on either lie, stop. You’ve already found the scam.

Scams That Go After Your Keys And Accounts
Seed-Phrase Phishing
How it works: Fake wallet and exchange sites, plus emails, trick you into entering your recovery phrase or connecting your wallet, then drain it. Many are pixel-perfect clones sitting on a lookalike URL.
Red flag: Any prompt to enter your seed phrase, anywhere. Real apps never ask.
How to avoid it: Bookmark the real sites and reach them through your bookmarks, not search results, ads, or links.
Fake Support And Impersonation
How it works: Scammers pose as “support,” moderators, or team members on chat apps, email, and social media. They offer to “fix” your wallet, then ask for your phrase or a signature.
Red flag: Unsolicited messages offering help, or “official support” that contacts you first.
How to avoid it: Decentralized networks have no official DM support. Use only help channels you open yourself, never links or messages sent to you.
SIM Swapping And 2FA Interception
How it works: Attackers hijack your phone number through your carrier, intercept SMS codes, and reset your accounts.
Red flag: Sudden loss of cell service, or valuable accounts still protected by SMS codes.
How to avoid it: Use an authenticator app or hardware key instead of SMS, add a PIN with your carrier, and keep your email locked down.
Scams That Promise Easy Money
Giveaway And Doubling Scams
How it works: “Send 1 coin, get 2 back,” often wrapped in fake videos, livestreams, or impersonations of famous figures and projects.
Red flag: Any “send first to receive more” offer.
How to avoid it: It’s always theft. No real giveaway asks you to send crypto first.
Ponzi Schemes And Fake Yield
How it works: Guaranteed high returns paid out of new deposits rather than real profit. This covers fake “mining,” “staking,” “liquidity mining,” and referral pyramids. The whole thing collapses when new money slows.
Red flag: Fixed, high, “risk-free” returns, heavy referral pressure, and a vague explanation of where the yield comes from.
How to avoid it: Real yield carries real risk and moves around. “Guaranteed” plus “high” is a lie.
Pig Butchering (Romance And Investment Cons)
How it works: A long con. The scammer builds trust over weeks through dating apps, “wrong number” texts, social media, or fake job offers. Then they steer you to a slick trading platform that shows fake gains. You can deposit, but when you try to withdraw, surprise “fees” and “taxes” appear and the money never comes.
Investment fraud like this consistently drives the largest reported crypto losses, according to the FBI’s Internet Crime Complaint Center.
Red flag: An online-only contact who eventually pitches a crypto platform, and a dashboard that only ever goes up.
How to avoid it: Don’t take investment advice from someone you met online. If you can’t freely withdraw a small test amount, it’s a trap.
Fake Job And Task Scams
How it works: “Easy crypto earning” jobs that require you to deposit crypto to “unlock tasks,” commissions, or withdrawals.
Red flag: A job that asks you to pay or deposit before you can earn.
How to avoid it: Legitimate work pays you. It never asks you to pay in first.
On-Chain And Smart-Contract Traps
Malicious Token Approvals And Wallet Drainers
How it works: You connect to a malicious app and approve a transaction — often an “unlimited” spending allowance or a deceptive signature. That permission lets the contract pull your tokens later. Ready-made “drainer” kits automate the whole thing.
Red flag: A site pushing you to approve or sign in order to “claim,” “verify,” “sync,” or “validate” your wallet.
How to avoid it: Read what you sign, and prefer wallets that show transactions in plain language. Set spending limits instead of unlimited approvals, and revoke unused approvals through a block explorer or a revoke tool.
Fake Tokens, Airdrops, And Dust
How it works: Worthless lookalike tokens show up in your wallet. Trying to sell or “claim” them sends you to a phishing site. Scam tokens can even copy a real project’s name and symbol.
Red flag: Tokens you never expected, and “claim your airdrop” prompts.
How to avoid it: Ignore tokens you didn’t expect. Verify contract addresses from the project’s own official source, and never connect your wallet to claim a surprise.
Rug Pulls And Exit Scams
How it works: Developers hype a token or project, attract money, then abandon it or drain its liquidity. The price collapses to near zero. Some tokens hide code that blocks selling, a trick known as a honeypot.
Red flag: Anonymous teams, unrealistic promises, no meaningful audit, and buyers who somehow can’t sell.
How to avoid it: Research the team and the contract, treat brand-new tokens with huge promised returns as suspect, and never put in more than you can afford to lose entirely.
Address Poisoning And Clipboard Malware
How it works: Attackers seed your transaction history with a lookalike address that matches the first and last characters of one you’ve used, hoping you copy the wrong one later. Separately, malware can swap a copied address the instant you paste.
Red flag: Copying an address from your history, or approving a send without checking the full string.
How to avoid it: Verify the entire address, keep a whitelist or address book of known destinations, and send a tiny test amount first for large transfers.
Fake Exchanges And Apps
How it works: Clone websites and app-store listings mimic real exchanges and wallets. You can deposit, but you can never withdraw — or the app quietly harvests your seed phrase.
Red flag: Apps found through ads or unofficial links, withdrawal problems, and pressure to deposit more to “unlock” your balance.
How to avoid it: Download only through the link on the official website, check the app’s history and reviews, and withdraw a small amount early to confirm it works.
Recovery Scams: The Scam After The Scam
How it works: After a loss, fake “recovery experts” or “blockchain investigators” promise to get your funds back for an upfront fee, then disappear. They hunt for people who mention being scammed online.
Red flag: Anyone promising to recover your funds, especially for a fee paid in advance.
How to avoid it: No one can reverse a confirmed transaction, and real authorities never charge upfront to recover money. Treat every “we can get it back” message as a second attack.
Habits That Stop Most Scams

A short defensive routine covers the majority of what’s above.
- Never share or type your seed phrase. Not for support, not to “sync,” not ever.
- Slow down. Urgency is the scammer’s main tool. Take a beat before you send or sign anything.
- Distrust guaranteed returns. High, fixed, “risk-free” yield is the oldest lie in finance.
- Bookmark real sites and reach them through those bookmarks, not ads, search, or messages.
- Read what you sign. Limit token approvals, revoke unused ones, and keep real money on a hardware wallet.
- Verify full addresses and send a test amount first.
- Use app-based or hardware 2FA, not SMS, and protect your phone number and email.
- Treat unsolicited contact as hostile — giveaways, job offers, investment tips, and “support” alike.
If You’ve Already Been Scammed

Move fast, and don’t beat yourself up. These are professional operations that fool careful people every day.
- Stop sending money immediately and cut off contact with the scammer.
- Protect what’s left. Move remaining funds to a new wallet, and revoke any token approvals the scammer may hold.
- Secure your accounts. Change passwords, and lock down your email and 2FA.
- Document everything. Save transaction hashes, wallet addresses, URLs, screenshots, and messages.
- Report it. In the US, file with the FBI’s IC3 and the FTC, notify the exchange involved, and log the addresses on a community tool like Chainabuse. Investment or securities angles may involve the SEC or CFTC. Elsewhere, report to your national cybercrime or consumer-protection authority.
- Ignore “recovery” offers. The people who reach out after a loss promising to get your money back are almost always the next scam.
Scams change their costume constantly, but the script underneath stays the same: create urgency, promise the impossible, or ask for access you should never give. Keep that in mind and you’ll see most of them coming.
FAQ
- What’s The Most Common Crypto Scam?
Phishing is the most widespread. Scammers build fake versions of real wallets and exchanges to capture your seed phrase or trick you into signing a malicious transaction. Bookmark the real sites and reach them through your bookmarks. - Can Stolen Crypto Be Recovered?
Rarely. Blockchain transactions can’t be reversed, and most “recovery services” that contact you are themselves scams. Reporting to authorities and the exchange involved is worth doing, but treat any upfront-fee recovery offer as fraud. - How Do I Know If A Crypto Investment Is A Scam?
Watch for guaranteed or fixed high returns, pressure to act fast, and anyone you met online steering you toward a platform. If you can’t freely withdraw a small test amount, assume it’s a trap. - Is It Safe To Click Links From “Support” Or Giveaways?
No. Decentralized networks have no official DM support, and “send crypto to receive more” is always theft. Ignore unsolicited support messages, giveaways, and surprise airdrops. - What Should I Do Right After Realizing I’ve Been Scammed?
Stop sending money, cut contact, move any remaining funds to a new wallet, and revoke token approvals the scammer may hold. Then secure your accounts and report it. - Are Hardware Wallets Immune To Scams?
No. A hardware wallet protects your key from malware, but it can’t stop you from approving a malicious transaction or handing over your seed phrase. You still have to read what you sign and guard your recovery phrase.