Featured

Cryptocurrency Scams: Common Schemes, Real Cases and How to Protect Yourself

--

Press enter or click to view image in full size

In 2025, Chainalysis estimated that crypto scams stole up to record $17 billion globally, with impersonation scams growing sharply and AI-enabled scams becoming more profitable than traditional ones. The FBI also reported that Americans filed more than 181,000 cryptocurrency-related complaints in 2025, with losses topping $11 billion.

The good news? Most cryptocurrency scams leave warning signs. Once you know what to look for, you can avoid the most common traps.

Changelly team created a comprehensive guide on how the most common crypto scams work in 2026, how to spot red flags, and how to protect your crypto before you click, connect, or send.

What Are Cryptocurrency Scams?

Cryptocurrency scams are fraud schemes that use crypto as the bait, payment method, or theft target.

Sometimes the scam is a fake investment. Sometimes it’s a fake exchange, fake wallet, fake airdrop, or fake support agent. In other cases, criminals use romance, friendship, job offers, celebrity deepfakes, or panic messages to push victims into sending crypto.

The key difference is this: crypto transactions are usually irreversible. Once you send funds to a scammer’s wallet, you cannot call a bank and cancel the transfer.

That’s why scammers love crypto payments. They’re fast, global, and difficult to reverse.

Why Crypto Scams Are So Common

Crypto scams are common because scammers mix old tricks with new technology. The old tricks are familiar: fake promises, pressure, romance, greed, fear, and urgency. But new tools make them harder to spot. Scammers can now use AI-generated images, cloned voices, fake trading dashboards, wallet-draining smart contracts, phishing websites, and polished social media ads.

The FBI says cryptocurrency investment fraud often starts through social media, texts, dating apps, WhatsApp, Telegram groups, online ads, or even fake apps listed in app stores. Scammers build trust first. Then they move victims toward a fake crypto investment platform.

That’s why crypto security is far from keeping your passwords safe. It’s all about behavior: slow down, verify everything, never let urgency make the decision for you.

Cryptocurrency Scam Schemes

Crypto scams change constantly, but most still fall into a few major categories. Here are the ones every user should know. We also used our passion for true crime shows to provide some real-life examples so that you can read about these stories further.

AI Deepfake and Impersonation Scams

In 2025, the FBI’s Internet Crime Report mentioned above included artificial intelligence complaints for the first time. AI has made impersonation scams much more convincing.

Scammers can now create fake videos, cloned voices, fake interviews, and realistic social media ads. They may impersonate celebrities, founders, exchange executives, influencers, support agents, or even people you know. The end goal is simple: borrow trust from a familiar face.

Deepfake scams often promote fake giveaways, fake trading platforms, fake investment groups, or fake emergency requests.

Elon Musk Impersonators

In 2025, Norton reported multiple deepfake videos of Elon Musk circulating on YouTube and X to promote fraudulent crypto giveaways. The videos appeared to show Musk promising rewards, but victims who sent crypto simply lost their funds.

How to Protect Yourself

Don’t trust investment advice just because it appears in a video. Check official websites and verified accounts. Remember, celebrities don’t need you to send crypto to “activate” a reward.

Pig Butchering Scams

Pig butchering is one of the most damaging crypto scams today. It’s a confidence-based scheme where criminals develop a friendship or romance before pushing victims into fake cryptocurrency investments.

The name sounds strange, but the method is simple. Scammers “fatten” the victim with attention, friendship, romance, or financial advice before stealing as much as possible.

It often starts with a message that looks harmless:

• “Sorry, wrong number.”
• “Are you still coming to dinner?”
• “Hey, do you use WhatsApp?”

From there, the scammer builds trust. They may talk for weeks or months. Then they introduce a crypto investment opportunity. The victim is guided to a fake platform, coached through deposits, and encouraged to invest more.

Tinder Swindlers

We all know Tinder Swindler from the infamous Netflix show. But he’s not the only one out there. Despite the true crime show’s popularity, even in 2025, people kept describing similar cases on Reddit. One victim lost €55,000 in Germany after trusting a Tinder date’s investment advice. Apparently, the platform was a scam.

https://www.reddit.com/r/Scams/comments/1mvmlo6/my_sad_story_tinder_crypto_scam_i_lost_55000/

How to Protect Yourself

Don’t mix online romance and investment advice. Be careful when someone quickly moves the conversation to WhatsApp or Telegram. Never use an investment platform recommended by a stranger, romantic interest, or online “mentor.”

Also, never trust guaranteed returns. Test withdrawals before adding more funds. Search for the platform through independent sources, not links sent by strangers. If someone says you must pay extra money to withdraw your own crypto, treat it as a major red flag.

Phishing Scams

Phishing scams trick you into giving away sensitive information. In crypto, that usually means your seed phrase, private key, login details, or wallet access.

Scammers may send fake emails, fake exchange alerts, fake wallet updates, fake support messages, or fake security warnings. The messages are usually designed to make you panic:

• “Your account has been locked”
• “Your wallet must be verified”
• “Your funds are at risk”

As a result, you click the link, the page looks real, you enter your details… and the scammer now has your access.

MyEtherWallet DNS Attack

In 2018, MyEtherWallet (MEW) users became targets of a DNS hijacking attack. Instead of reaching the real MEW website, some users were silently redirected to a fake version designed to steal private keys. Those who entered their wallet details on the phishing page gave attackers access to their funds, leading to roughly $150,000 worth of ETH being stolen.

How to Protect Yourself

The MEW case is still a useful reminder: Even when a website looks familiar, crypto users should check URLs, security warnings, and never enter private keys or seed phrases online.

Never enter your seed phrase on any website. Bookmark official crypto services. Check URLs carefully. Do not click wallet or exchange links from emails, social media, Discord, Telegram, or search ads unless you verify them first.

Fake Airdrops and Wallets

Fake airdrops are everywhere. Scammers promise free tokens, NFTs, rewards, or early access. To claim them, you are asked to connect your wallet and approve a transaction. That transaction may not claim anything. Instead, it may approve a wallet drainer.

When it comes to fake wallet apps, scammers create apps that copy the branding of real wallets, exchanges, or Web3 services. Some steal seed phrases during setup. Others redirect users to phishing pages or trick them into approving malicious permissions.

The scary part? Fake apps can appear in official app stores, too.

Famous Project Dupes

In 2024, a fake WalletConnect app on Google Play reportedly stole around $70,000 from more than 150 users. The app copied WalletConnect’s name and logo, attracted thousands of downloads, and redirected users to malicious pages before being removed.

How to Protect Yourself

Don’t connect your wallet to random claim pages. Verify airdrops through official project websites and official social accounts. Read wallet prompts before signing. If a “free” token asks for broad permissions, walk away.

Download apps only from official websites or verified app store pages. Check developer names, reviews, download history, and official project links. Never enter your seed phrase into an app unless you are restoring a wallet you fully trust.

Rug Pulls and Pump-and-Dump Schemes

Rug pulls happen when project creators attract buyers, collect funds, and disappear. They may promise staking, rewards, a game, a metaverse, token burns, future listings, or exclusive access. The project looks active at first: Their social media is loud, influencers may talk about it, all while the token price climbs.

Then insiders sell, remove liquidity, or abandon the project. The price collapses, and buyers are left holding worthless tokens.

Pump-and-dump schemes are slightly different. There, a group hypes a low-value coin, pushes others to buy, then sells into the demand.

NFT Project Steals $3M

The DOJ charged the creator of Mutant Ape Planet NFTs in a multi-million-dollar fraud case. Prosecutors said buyers were promised benefits: rewards, raffles, and metaverse-related features. Instead, the developer stole nearly $3 million for personal use and later pleaded guilty.

How to Protect Yourself

Check the team, liquidity, token distribution, roadmap, and actual product. Be careful with anonymous teams, locked comment sections, unrealistic promises, and sudden hype. If the project only survives on FOMO, it’s not a strong sign.

Ponzi and Pyramid Schemes

Crypto Ponzi schemes, as many mentioned before, promise steady returns. They may claim to use trading bots, mining, staking, arbitrage, AI, or secret market strategies. In reality, old investors are paid with money from new investors.

Pyramid schemes add another layer: referrals. You earn more by recruiting others, not because the product creates real value.

These scams often use phrases like:

• “Guaranteed passive income”
• “Daily profit”
• “No risk”
• “Invite friends and earn more”

The Notorious BitConnect Ponzi

BitConnect remains one of the best-known crypto Ponzi examples. US prosecutors charged its founder with orchestrating a global $2.4 billion cryptocurrency scheme. The DOJ said BitConnect’s “Trading Bot” and “Volatility Software” were presented as profit-generating tools, while the indictment described the operation as a textbook Ponzi scheme.

How to Protect Yourself

Ask where the yield comes from. If the answer is vague, avoid it. Be skeptical of fixed returns, referral pressure, locked deposits, and dashboards showing profits that cannot be withdrawn.

Quick Crypto Scam Prevention Checklist

At Changelly, we have an easy-to-follow scam prevention checklist. Before you send funds, connect a wallet, or follow someone’s investment advice, ask yourself:

Press enter or click to view image in full size

If something feels off, stop. The FTC puts it simply: Only scammers demand crypto payments in advance, and only scammers guarantee profits or big returns.

How to Check Whether a Crypto Offer Is Legit

Verify the Website and Domain

Scammers often use domains that look almost right. Still, one letter may be different or the ending may be unusual. The site also may copy the design of a real wallet, exchange, or project.

Search for the official website yourself without relying on links from ads, Telegram groups, Discord messages, emails, or influencers.

Research the Team, Company, and Licenses

Look for real people, real history, and real accountability. Check whether the company has public information, legal registration, regulator warnings, third-party reviews, security audits, and a clear business model.

If a platform hides its team, promises huge returns, and pushes you to deposit fast, that isn’t an “early alpha,” but a warning sign.

Test Withdrawals Before Sending More Funds

Fake trading platforms often show fake profits. A small withdrawal may work at first but that’s just bait. Later, when you deposit more, the platform may freeze your balance and demand fees.

Before trusting any platform with meaningful money, test whether withdrawals work.

Check Smart Contract and Token Risks

For DeFi tokens, check the basics:

• Who controls the contract?
• Is liquidity locked?
• Are there suspicious permissions?
• Can the owner mint more tokens, block sales, or change fees?
• Has the contract been audited?

You don’t need to be a developer to ask better questions. If nobody can explain the risks clearly, don’t rush in.

How to Protect Yourself From Crypto Scams

Press enter or click to view image in full size

1. Never Share Your Seed Phrase or Private Keys

Your seed phrase is the master key to your crypto wallet. No legitimate wallet, exchange, support agent, project, airdrop, or investment manager needs it. If someone asks for your seed phrase, they are trying to steal your crypto.

2. Use Two-Factor Authentication

Use two-factor authentication for exchanges, email accounts, and financial apps. Authenticator apps are usually safer than SMS codes. Also, protect the email account linked to your crypto services. If scammers get your email, they can reset passwords and impersonate you.

3. Download Apps Only from Official Sources

Go to the official project website first. Follow the official download link from there. Do not download wallet apps from random ads, search results, Telegram groups, or “support” links.

4. Use a Hardware Wallet for Larger Holdings

A hardware wallet keeps your private keys offline. You can still sign a bad transaction or fall for a fake app. But cold storage can reduce the risk of malware, phishing, and device compromise.

5. Be Careful with Wallet Connections and Approvals

Connecting a wallet is not always harmless. Some websites ask for permissions that allow them to move tokens later. Others disguise dangerous approvals as simple claims or verification steps. Read the transaction, check what asset is affected, and use a burner wallet for risky interactions.

6. Ignore Pressure, Urgency, and Secret Instructions

Scammers hate slow thinking: they want you excited, scared, embarrassed, or rushed.

If someone tells you not to tell anyone, act immediately, borrow money, or pay a fee to unlock funds, it’s the pause that can save your wallet.

What to Do If You Think You’ve Been Scammed

Stop Sending Money Immediately

Do not pay withdrawal fees, taxes, security deposits, verification fees, or recovery fees. Scammers often keep inventing reasons for more payments. Sending more crypto rarely fixes anything, it usually increases the loss.

Save All Evidence

Take screenshots, save chats, copy wallet addresses. If available, write down transaction hashes, dates, amounts, crypto types, usernames, websites, phone numbers, and emails.

The FBI advises victims to provide as much transaction information as possible when reporting crypto fraud, including addresses, amount and type of cryptocurrency, date and time, and transaction ID or hash.

Report the Scam

Here are the steps you should follow to report the scam:

• Report all the screenshots, chats, and transaction IDs to your local cybercrime authority or law enforcement agency.
• Contact the exchange or wallet provider you used to send the malicious transaction. Send them all the transaction IDs and addresses. They may not be able to reverse the transaction, but they may flag addresses, preserve records, or help with documentation for law enforcement.
• Contact the blockchain investigators like Arkham Intelligence, Etherscan, Nansen, or Dune Analytics. They might be able to trace the stolen funds way faster.

Beware of Recovery Scammers

After a crypto scam, you may be contacted by people claiming they can recover your funds. Be careful. Many so-called “recovery experts,” “blockchain investigators,” “law firms,” or “white-hat hackers” are scammers targeting victims a second time.

The creditors of FTX, one of the major exchanges to ever collapse, have also faced this problem. After the FTX claims process began, scammers created fake claims portals, phishing emails, and fraudulent recovery messages that looked like official communications from FTX or Kroll, the only aurthorized entities.

These fake pages were designed to steal login details, personal information, or wallet access. The official FTX claims portal has warned users about fake portals, misspelled domains, phishing emails, fake social media accounts, and requests for payments or wallet connections. Kroll’s official FTX restructuring page also warns that third-party scams are actively targeting FTX customers.

You can usually recognize a recovery scam by these red flags:

• Someone contacts you first and claims they can recover your funds.
• They ask for an upfront fee, “tax,” “retainer,” “processing fee,” or “unlock payment.”
• They guarantee recovery.
• The brand name uses odd spelling, symbols like @ or !, or appears in a one-off review from a new account–it is likely a paid or fake review meant to lure scam victims.
• They claim to have special access to exchanges, law enforcement, courts, or bankruptcy administrators.
• They ask for your seed phrase, private keys, passwords, ID documents, or remote access to your device.
• They send links to unofficial claims portals or ask you to connect your wallet.
• They pressure you to act quickly or keep the conversation private.

Do not pay strangers upfront. Do not share your seed phrase or private keys. Use only official reporting channels, official claims portals, and trusted legal or law enforcement support.