Security: How to Avoid Scams
Last updated: July 1, 2026
Cryptocurrency attracts scammers for a few reasons: transactions are irreversible, many users are still new to the space, and the industry remains lightly regulated. Below is a breakdown of the most common scams and how to spot them.
Phishing
Scammers build fake websites, emails, or messaging-app messages that mimic exchanges, wallets, or well-known projects to trick you into revealing a password, a two-factor code, or your seed phrase. Warning signs include:
- A site URL that differs from the real one by a single letter or character (e.g., "binnance.com").
- Messages that create false urgency: "your account will be locked in one hour."
- Anyone asking you to type in your seed phrase or private key — no legitimate support team ever asks for this.
- Spelling mistakes, odd formatting, or an unfamiliar sender.
Always type exchange and wallet URLs manually, or use saved bookmarks — never links from emails or social media.
Fake Airdrops
Posing as a free token giveaway, scammers ask you to connect your wallet to a malicious site and sign a transaction that actually grants access to your funds, or they demand an upfront "withdrawal fee" for tokens that don't exist. Legitimate projects never charge a fee to claim an airdrop and never need unlimited access to your wallet.
P2P Scams
On P2P platforms (direct crypto-for-fiat trades between users), common scams include:
- Fake payment proof — the buyer sends a forged screenshot or PDF of a bank transfer and pressures the seller to release crypto before the money actually arrives.
- Chargebacks — after receiving the crypto, the buyer reverses the bank payment through their bank, leaving the seller with neither money nor coins.
- Fake escrow — a scammer offers an "independent" deal guarantor who is actually working with them.
Only trade P2P through a verified platform's built-in escrow, and confirm funds have actually landed in your account — not just a screenshot claiming payment was sent.
Other Common Scams
- Fake support accounts — social-media or messaging accounts impersonating an exchange's or wallet's support team that reply first to users' public complaints.
- Cloned apps — fake versions of popular wallets in app stores or on third-party sites that steal funds the moment you enter your seed phrase.
- "Guaranteed returns" — projects promising a fixed, high, "risk-free" yield from staking or trading usually turn out to be Ponzi schemes.
- Romance/investment scams (pig butchering) — a scammer builds a trusting online relationship over weeks or months, then convinces the victim to "invest" on a fake trading platform.
Security Checklist
- Never share your seed phrase or private key with anyone — not "support," not friends.
- Always type the website URL manually before entering any credentials.
- Enable two-factor authentication (2FA) on every exchange and wallet.
- Keep large amounts in a cold wallet rather than on an exchange.
- Be suspicious of any "guaranteed" or "risk-free" returns.
- Independently verify a project's smart contract and address on a block explorer before investing.
- Slow down — scammers almost always push for urgent decisions.
Where to Report a Scam
If you've been scammed, report it to your local police and to the support team of the exchange or wallet involved in the transaction. If you'd like to warn other readers about a new scam, email us at mrybalko@icloud.com.