Common Crypto Scams: How to Recognize and Avoid Them
Crypto scammers stole over $5.6 billion in 2023 alone, according to the FBI. The irreversible nature of blockchain transactions makes crypto a prime target — once you send funds to a scammer, there’s no chargeback, no fraud department, and usually no way to get your money back.
This guide catalogs every major scam type so you can recognize them before they cost you money.
1. Phishing Attacks
How it works: Scammers create pixel-perfect copies of legitimate websites, emails, or messages to steal your login credentials or seed phrase.
Common vectors:
- Fake exchange login pages (URL differs by one character)
- Fake wallet connection popups
- Emails claiming “unusual activity detected” with a malicious link
- Google ads for fake exchange/wallet sites (these appear ABOVE legitimate results)
- Fake customer support in Telegram/Discord DMs
Real example: A user searches “MetaMask” on Google. The first result is an ad for “metamask.io” — but it’s actually “metamask.io” with an invisible Unicode character. The fake site looks identical and asks for the seed phrase “to restore your wallet.”
How to protect yourself:
- Bookmark official sites and only access through bookmarks
- Never click links in emails, DMs, or ads
- Check URLs character by character (or use your bookmark)
- No legitimate service asks for your seed phrase on a website
- Use a hardware wallet — even if you visit a phishing site, they can’t extract keys from the device
2. Rug Pulls
How it works: A project creator launches a token, generates hype, attracts buyers, then drains the liquidity and disappears.
Types of rug pulls:
| Type | Mechanism | Detection |
|---|---|---|
| Liquidity pull | Creator removes all liquidity from DEX pool | Check if liquidity is locked (on-chain) |
| Unlimited mint | Contract allows creator to mint infinite tokens | Read the contract or check audit |
| Sell-only tax | Contract prevents selling (honeypot) | Test with small buy, try to sell |
| Hidden function | Contract has backdoor function to drain funds | Requires code audit |
Red flags:
- Anonymous team with no track record
- Token contract is not verified on block explorer
- Liquidity isn’t locked (check on team.finance or unicrypt)
- Unrealistic promises (“1000x guaranteed”)
- Heavy influencer promotion with no substance
- Telegram/Discord mods delete critical questions
How to check a token:
- Paste the contract address into a scanner (TokenSniffer, RugCheck, GoPlus)
- Check if the contract is verified on Etherscan/BscScan
- Look up liquidity lock status
- Check holder distribution — if top 5 wallets hold 80%+, it’s risky
- Try a test sell with a tiny amount
3. Ponzi / Pyramid Schemes
How it works: “Investment platform” pays existing investors using money from new investors. Returns look real until new money stops flowing, then it collapses.
In crypto, these look like:
- “Staking” platforms offering 1–5% daily returns
- “Lending” protocols with guaranteed 100%+ APY and no clear source of yield
- “Mining” operations that pay returns from new deposits
- Multi-level referral systems where recruitment is the primary activity
The math test: If a platform promises 2% daily returns, that’s 730% annually. Ask yourself: where does this yield come from? Legitimate DeFi yields come from trading fees and lending interest (typically 3–15% APY). Anything dramatically above market rates is almost certainly a Ponzi.
Famous crypto Ponzis:
| Scheme | Year | Amount Lost | Promise |
|---|---|---|---|
| BitConnect | 2018 | $2.5B | 1% daily returns |
| OneCoin | 2019 | $4B+ | “Bitcoin killer” with guaranteed growth |
| PlusToken | 2019 | $2B+ | AI trading with guaranteed returns |
| Celsius Network | 2022 | $4.7B | Unsustainable yield on deposits |
| Hyperverse | 2022 | $1.3B | ”Metaverse” membership with returns |
4. Pump and Dump
How it works: A group accumulates a low-cap token, then coordinates promotion to inflate the price. When retail buyers pile in, the group sells (dumps), crashing the price.
The lifecycle:
Price
↑
| ╱╲ ← Dump (insiders sell)
| ╱ ╲
| ╱ ╲
| ╱ ╲
| ╱ ← Pump (social media hype, FOMO)
| ╱ ╲
| ╱ ╲────── Bag holders stuck
|──╱
+──────────────────────→ Time
Accumulation Hype CrashWhere to spot pump & dumps:
- “Secret” Telegram groups sharing “insider tips”
- Crypto Twitter accounts promoting unknown tokens aggressively
- Sudden volume spikes on low-cap tokens with no news
- Influencers who disclose “I’m invested” but not “I bought before promoting”
Rule: If you hear about a “hot tip” from social media, you’re late. The promoters bought before you heard about it.
5. Romance / Pig Butchering Scams
How it works: Scammers build romantic or friendship relationships over weeks or months on dating apps, social media, or messaging platforms. Once trust is established, they introduce a “crypto investment opportunity.”
The name “pig butchering” (from Chinese “杀猪盘”) refers to the process of “fattening the pig before slaughter” — building the relationship before extracting money.
The playbook:
- Contact via dating app, LinkedIn, or “wrong number” text
- Build relationship over 2–8 weeks (attentive, charming, successful)
- Casually mention their crypto profits
- Show fake portfolio screenshots showing massive gains
- Recommend a specific platform (scam site designed to look real)
- Small initial “investment” shows profits (fake — they control the numbers)
- Victim deposits more and more
- When victim tries to withdraw: “You need to pay taxes/fees first”
- Scammer disappears with all funds
Scale of the problem: The FBI reported pig butchering as the fastest-growing fraud type, with $3.96 billion in losses in the US alone in 2023.
Red flags:
- Unsolicited contact from an attractive, successful stranger
- Conversation quickly moves to crypto investing
- They recommend a specific trading platform you’ve never heard of
- The platform isn’t on any major exchange list
- “Everyone can make money” / “I’ll teach you”
- You can’t withdraw without paying additional fees
6. Fake Airdrops and Token Approvals
How it works: You receive unexpected tokens in your wallet. When you try to sell or interact with them, the transaction triggers a malicious smart contract approval that drains your real assets.
Variations:
- Tokens appear in your wallet with names like “Visit [scam-site].com to claim”
- “NFT airdrop” that requires connecting your wallet to a phishing site
- Social media posts promoting “free claim” for a popular project
- Emails about “unclaimed airdrop rewards”
How to protect yourself:
- Never interact with tokens you didn’t expect or request
- Never visit URLs embedded in token names
- Never connect your wallet to sites from social media links
- If an airdrop sounds too good to be true, it’s fake
- Real airdrops from legitimate projects are announced on official channels
7. Impersonation Scams
How it works: Scammers impersonate known figures (Elon Musk, Vitalik Buterin, CZ) or brands (Binance, Coinbase, MetaMask) to trick you into sending funds or sharing credentials.
Common formats:
- “Elon Musk Bitcoin Giveaway — Send 0.1 BTC, receive 1 BTC” (YouTube livestream with stolen footage)
- “Binance Support” DMing you on Telegram about account issues
- Fake verified Twitter accounts with one letter changed
- “MetaMask team” asking you to “validate your wallet” with your seed phrase
The golden rules:
- Nobody gives away free crypto
- Real support teams never DM you first
- No legitimate entity asks for your seed phrase
- Verify accounts by checking follower count, account age, and official links
- Go to the official website directly, never through links in messages
8. Fake Exchanges and Wallets
How it works: Entire platforms designed to steal deposits. They look professional, have customer support, and even let you “trade” — but your funds never leave the scammer’s control.
Signs of a fake exchange:
- No verifiable company registration or licenses
- Promises of extremely high guaranteed returns
- Pressure to deposit more before withdrawing
- Withdrawal “processing fees” that keep increasing
- No presence on CoinGecko, CoinMarketCap, or other aggregators
- Only accessible through a specific link (not searchable)
Signs of a fake wallet app:
- Not from the official developer on the app store
- Asks for your seed phrase during setup (legitimate wallets generate new ones)
- Low download count and recent publish date
- Slightly different name from the real app
9. SIM Swap Attacks
How it works: Attacker convinces your mobile carrier to transfer your phone number to their SIM. They then use SMS-based 2FA to access your exchange accounts.
The attack chain:
- Scammer obtains your phone number, email, and exchange info (from data breaches, social engineering, or social media)
- Calls your carrier pretending to be you
- Carrier transfers your number to scammer’s SIM
- Scammer resets exchange password via SMS 2FA
- Drains your exchange account
Protection:
- Use authenticator apps (Google Authenticator, Authy), never SMS for 2FA
- Set a PIN/password on your carrier account
- Don’t share your phone number publicly
- Consider a Google Voice number for account recovery
The Universal Red Flag Checklist
If ANY of these are present, walk away:
- Guaranteed returns of any kind
- Pressure to act quickly (“limited time,” “exclusive”)
- Request for your seed phrase or private key
- “Send crypto to receive more crypto”
- Unsolicited contact about investment opportunities
- Anonymous team with no verifiable history
- Can’t find the project/platform on major aggregator sites
- Withdrawal requires additional payment
- Income primarily from recruiting new members
- Returns significantly above market rates with no clear yield source
What to Do If You’ve Been Scammed
- Stop sending money immediately. No matter what the scammer says about “unlocking” your funds.
- Document everything. Screenshots of conversations, transaction hashes, wallet addresses, platform URLs.
- Report to authorities:
- US: FBI IC3 (ic3.gov), FTC (reportfraud.ftc.gov)
- UK: Action Fraud
- EU: Local cybercrime unit
- Report to exchanges. If funds were sent to a major exchange, they may be able to freeze the recipient’s account.
- Report to blockchain analytics firms. Chainalysis, Elliptic, and others maintain scam databases.
- Warn others. Share your experience (without shame — scams are designed by professionals).
- Don’t pay “recovery services.” Most “crypto recovery” services are secondary scams targeting victims.
Key Takeaways
- If someone promises guaranteed crypto returns, it’s a scam — no exceptions
- Never share your seed phrase or private key with anyone, for any reason
- Phishing is the #1 attack — bookmark official sites and never click links in messages
- Check every token contract before buying — rug pull tools (TokenSniffer, RugCheck) take 30 seconds
- Romance scams are the fastest growing type — be skeptical of unsolicited contacts who mention crypto investing
- When in doubt, don’t interact — it’s better to miss an opportunity than to lose your money
FAQ
Q: Can stolen crypto be recovered? A: Sometimes, if the funds were sent to a major exchange that cooperates with law enforcement. On-chain analytics can trace stolen funds. But in most cases, especially for smaller amounts, recovery is unlikely. Prevention is far more effective.
Q: How do scammers get my contact information? A: Data breaches (billions of records available on dark web), social media profiles, wallet addresses visible on-chain linked to identities via exchanges, and random mass messaging.
Q: Are airdrops safe? A: Legitimate airdrops from established projects (Uniswap, Arbitrum, etc.) are safe — but only claim them through official channels. If you’re not sure whether an airdrop is real, check the project’s official Twitter/Discord. Don’t trust DMs, emails, or random websites.
Q: Is it worth reporting small scams? A: Yes. Reports build cases against scam networks. Your $500 loss might be one of thousands that add up to a federal case. Reporting also helps analytics firms flag associated wallets, which can prevent others from being victimized.