Common Crypto Scams and How to Spot Them Before You Lose Money

Common Crypto Scams and How to Spot Them Before You Lose Money

A left-to-right flow titled "The Anatomy of Almost Every Crypto Scam," with the subtitle "The specific stories change monthly. The shape almost never does." Four numbered boxes run across the top. Box 1, UNEXPECTED CONTACT: a stranger's DM, a "wrong number" text, a livestream, or an official-sounding call reaches you first. Box 2, A PROMISE TOO GOOD: outsized, steady, or "guaranteed" profits — double your coins, or "protect" your savings by moving them now. Box 3, PRESSURE + URGENCY: act now, keep it secret, move to a private app, a deadline and a story you didn't create. Box 4, outlined in red, THE POINT OF NO RETURN: you send crypto, connect and sign, or reveal your seed phrase — on-chain, it cannot be undone. A red arrow loops down from box 4 to a dashed red box, THE SECOND HIT — the recovery scam: weeks later a "recovery service," "law firm," or fake official promises to get the lost funds back for an upfront fee, which is the same scam again. A green footer band reads: the one defense that works on all of them is to slow down — unsolicited contact plus a too-good promise plus urgency plus "send, sign, or reveal" equals walk away; no one legitimately doubles the crypto you send them.
Almost every crypto scam, regardless of the cover story, walks through the same four steps — and then, for many victims, a fifth. Learn the shape and you’ll recognize versions you’ve never seen before.

If you’ve read the pillar on buying your first Bitcoin safely, you already know the single hardest fact about crypto: moving it is usually irreversible. There is no chargeback, no fraud department that reverses the transfer, no support line that claws the money back. That one property is exactly why fraud has migrated onto crypto rails so aggressively — and why the most valuable skill a beginner can build isn’t picking coins, it’s recognizing a scam before the irreversible step.

The numbers are not small. The FBI’s Internet Crime Complaint Center logged roughly 149,000 complaints involving digital assets in 2024, totaling about $9.3 billion in reported losses — a 66% jump over the prior year [source: FBI IC3 2024 Annual Report, April 2025]. The Federal Trade Commission reported that Americans lost $5.7 billion to investment scams in 2024, up 24%, and that consumers reported losing more money to scams paid with bank transfer or cryptocurrency than to all other payment methods combined [source: FTC, “New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024,” March 2025]. Blockchain-analytics firm Chainalysis estimated crypto scam losses reached a record ~$17 billion in 2025, with the average amount an individual victim lost rising from roughly $782 in 2024 to $2,764 in 2025 as AI-generated impersonation made the cons more convincing [source: Chainalysis 2026 Crypto Crime Report].

One more thing up front, because it frames everything below: crypto assets are volatile and can lose all their value on their own, without any fraud involved. Nothing here is a reason to think crypto is “safe if you just avoid scammers.” This article is about not handing your money to a thief on top of the market risk you’re already taking — and it is educational content, not advice, and not a suggestion to hold crypto in any amount.

Why Crypto Is the Scammer’s Favorite Payment Rail

Before the specific scams, understand why so many old cons have put on a crypto costume. It comes down to a handful of properties that are genuine features of the technology and, for a fraud victim, genuine bugs:

  • Transfers are irreversible. Once a transaction confirms, it’s final. A bank wire can sometimes be recalled within a window; a credit-card charge can be disputed; a crypto transfer generally cannot.
  • There’s no central fraud desk. No institution sits in the middle with the power — or the obligation — to reverse a payment or freeze an account on your behalf.
  • It’s fast, global, and always open. Money can leave the country in minutes, at 3 a.m., on a holiday, which is exactly what a scammer running victims across time zones wants.
  • It feels like technology, not money. Wallets, addresses, and apps add just enough unfamiliarity that a confident-sounding “manager” can talk a newcomer through steps they’d never take at a bank counter.

The takeaway isn’t “crypto is a scam.” It’s that the same con that used gift cards or wire transfers a decade ago now asks for crypto — because crypto removes the safety nets the con used to have to work around. That’s why the patterns below matter more than any single story.

The Shape Almost Every Scam Shares

Look at the diagram at the top of this article. Strip away the cover story and nearly every crypto scam runs the same four steps: unexpected contact → a promise too good to be true → manufactured urgency → an irreversible step (you send crypto, you connect a wallet and sign, or you reveal your seed phrase). For a large share of victims there’s a fifth step weeks later — a recovery scam that re-targets the same person. The specific characters change constantly; the skeleton almost never does. If you can name which step you’re standing on, you can step off before the irreversible one.

With that map in hand, here are the patterns you’ll actually meet — grouped by how they take the money.

Group A — Scams That Get You to Send the Money

1. The Relationship, Then the “Platform” (Pig Butchering)

This is the single costliest pattern, and the most emotionally engineered. It usually begins with a message that seems like a wrong number, a friendly stranger on social media, a match on a dating app, or an invitation into a group chat “full of successful investors” [source: FTC, “What To Know About Cryptocurrency and Scams,” consumer.ftc.gov; FTC social-media-scams reporting, 2025]. There’s no pitch at first — just conversation, sometimes for weeks. Trust builds. Eventually the new “friend” or “mentor” mentions a crypto platform or strategy that’s doing remarkably well, and offers to show you.

The platform is fake. It’s a slick website or app that displays rising balances and lets you make a small test withdrawal early on to prove it “works.” Then you’re encouraged to add more. When you finally try to take out a meaningful amount, you’re told you must first pay a “tax,” a “fee,” or “unlock” the account — more money that vanishes the same way. The FBI classifies this as cryptocurrency investment fraud, often called “pig butchering,” and it accounted for roughly $5.8 billion in reported losses across 41,557 complaints in 2024 alone [source: FBI IC3 2024 Annual Report].

The tell: an unexpected relationship — romantic, friendly, or professional — that drifts toward a specific investment only they introduced you to, on a platform they named, showing gains that look steady and outsized, where you can’t withdraw without paying something first. Steady, high, low-drama returns are the signature of a fake dashboard, not a real market.

2. The “Move Your Money to Safety” Call and the Bitcoin ATM

Here the emotional lever is fear, not romance. You get a call, text, or pop-up: your bank account has been “compromised,” there’s a “warrant” out for you, a “tech-support” agent needs to protect your computer, or a business you use flags a fraudulent charge. The fix, they say, is to move your cash somewhere “safe” — and increasingly, that means feeding it into a Bitcoin ATM (a crypto kiosk) using a QR code they provide, which sends the cash straight to their wallet.

The FTC’s data on these kiosks is stark. Reported losses at Bitcoin ATMs grew nearly tenfold from 2020 to over $110 million in 2023, then topped $65 million in just the first half of 2024 [source: FTC Data Spotlight, “Bitcoin ATMs: A payment portal for scammers,” September 2024]. Older adults are hit hardest: people 60 and over were more than three times as likely as younger adults to report a loss at these machines, and reported $46 million — about 71% of all Bitcoin-ATM losses — in the first half of 2024, with a median loss of $10,000. The overwhelming majority of these reports involve government impersonation, business impersonation, and tech-support scams [source: same FTC Data Spotlight].

The tell: anyone who creates a sudden crisis and then directs you to a crypto ATM or kiosk is running this scam. No real government agency, bank, or company will ever ask you to resolve a problem by putting cash into a Bitcoin machine. That instruction, by itself, is the whole diagnosis.

3. Giveaways, “Double Your Crypto,” and Deepfake Impersonation

The promise here is a mathematical impossibility dressed up as generosity: send some crypto to this address and you’ll instantly get back double. Modern versions are disturbingly polished. Scammers hijack YouTube channels, rebrand them to look like official Tesla, SpaceX, or exchange channels, and run 24/7 “live” streams featuring AI-generated deepfakes of public figures whose synthesized voices tell viewers to visit a site and deposit crypto to a giveaway [source: Engadget, “Deepfakes of Elon Musk are pushing crypto giveaway scams on YouTube Live”; Bitdefender reporting on crypto-doubling streams]. One fraudulent stream reportedly drew more than 30,000 concurrent viewers, and a single deepfake broadcast pulled in over $50,000 in under two hours [source: same reporting].

The tell: the offer inverts how the world works — you send first, on the promise of getting more back. No legitimate person, company, or celebrity doubles the crypto you send them. A famous face plus urgency plus a wallet address to send to is not an opportunity; it’s the entire con in three parts.

Group B — Scams That Drain the Wallet Directly

4. Phishing Sites, Fake Apps, and Wallet Drainers

Not every scam asks you to send funds. Some get you to authorize their removal. A “wallet drainer” is malware, usually planted on a convincing phishing site, that tricks you into signing a malicious transaction or token approval — after which the attacker can move your funds. Often they never see your keys at all; you clicked “confirm” on something you didn’t fully read. In 2024, wallet-drainer attacks stole roughly $494 million across about 332,000 victim addresses, up about 67% in losses over the prior year [source: Scam Sniffer 2024 Web3 Phishing Report, January 2025, as reported by BleepingComputer and Infosecurity Magazine]. The bait is usually a “connect your wallet and claim” offer — a free airdrop, a mint, a “check if you’re eligible” page.

The tell: any site that wants you to connect your wallet and then sign, approve, or grant a “permission” in exchange for something free or urgent. Reach wallets and exchanges through your own bookmarks, download apps only from official sources, and read what you’re approving on the device’s own screen. In crypto, “confirm” is final.

5. Fake “Support” and Seed-Phrase Phishing

Somewhere in your loss, panic, or confusion, “support” appears — a helpful account in your DMs, a search-ad “help line,” a lookalike email — offering to fix it. What they’re really after is your recovery phrase (seed phrase), your private key, or remote access to your device. This one has a bright-line rule that never has an exception:

The tell / the rule: no legitimate wallet, exchange, or company will ever ask for your recovery phrase. Anyone who does — “to verify,” “to sync,” “to restore,” “to help” — is a thief, 100% of the time. Real support never needs it, because the phrase is the whole wallet. Type it nowhere, tell it to no one.

6. Address Poisoning and Clipboard Swaps

This one exploits a small human habit: reusing an address from your transaction history instead of retyping it. In an address-poisoning attack, the scammer generates a “vanity” address whose first and last characters match one you actually use, then sends you a tiny or zero-value transaction so their lookalike address lands in your history. Later, when you go to send funds and copy “the usual address” from your past transactions, you copy theirs — and the money is gone [source: Cointelegraph, “How does zero-value transfer work?”; MetaMask Help Center, “Address poisoning scams”; Ledger Academy, 2025]. It costs the attacker almost nothing, which is why it scaled: address-poisoning losses ran to roughly $1.8 million in February 2025 and $1.2 million in March 2025, with a single incident exceeding $2.6 million in May [source: address-poisoning reporting, 2025].

The tell: you’re about to send to an address you “recognize” from history. Verify the entire destination address, not just the first and last few characters, and prefer a saved, verified address book or a small test transaction over copying from your transaction log.

Group C — Scams Built Into the “Investment” Itself

7. Rug Pulls and Fake Tokens

Sometimes the fraud is the asset. A new token launches with heavy hype, coordinated social buzz, and pressure to “get in early before it moons.” Once enough people have bought in, the creators pull the liquidity or dump their holdings, the price collapses to near zero, and buyers discover they can’t sell into a market that no longer exists. The project’s anonymous team disappears. Unlike the cons above, no one calls you — the trap is baited and you walk in.

The tell: an anonymous or unverifiable team, a token you heard about through hype rather than research, promises of outsized gains framed as near-certain, pressure to buy right now, and thin or locked liquidity that would make exiting hard. Age, transparency, and the ability to actually sell matter more than the size of the promised upside.

Group D — The Scam After the Scam

8. Recovery and Refund Scams

This is the cruelest pattern, because it targets people who have already lost money. According to the FBI, almost all victims of cryptocurrency fraud are subsequently contacted by recovery-fraud schemes — scammers impersonating law enforcement, government agencies, law firms, or “asset recovery” companies, claiming they can get the lost funds back [source: FBI, “Cryptocurrency Investment Fraud” victim resources; FBI field-office recovery-scam advisories; CFTC, “Don’t be Re-Victimized by Recovery Frauds”]. They ask for an upfront fee, a “tax,” or a “retainer” — and once you pay, the requests keep coming.

The tell / the rule: anyone who contacts you promising to recover stolen crypto for a fee is running the second scam. The FBI does not charge victims a fee to investigate, does not ask for payment to release “recovered” funds, and does not move communications to private messaging apps [source: same FBI/CFTC guidance]. Legitimate help does not arrive as an unsolicited DM asking for money. If you’ve been defrauded, report it through the FBI’s Internet Crime Complaint Center at IC3.gov and the FTC at reportfraud.ftc.gov — and treat every “we can get it back” offer as a red flag, not a lifeline.

The Unifying Tells (Print This List)

Notice how much the eight patterns overlap. Almost all of them light up several of these at once — and any one of them is reason to stop:

  • You didn’t start the contact. The stranger, the “wrong number,” the DM, the caller, or the livestream came to you.
  • The promise is too good. Outsized, steady, or “guaranteed” profits; doubling your money; “protecting” your savings by moving them now. Real markets don’t offer smooth, high, drama-free returns, and nobody legitimately doubles crypto you send first.
  • There’s urgency and secrecy. A deadline you didn’t set, pressure to act before you can think, and requests to keep it private or move to a personal app.
  • You’re asked to send, sign, or reveal. Send crypto to an address, connect a wallet and approve a transaction, or hand over your recovery phrase. The recovery phrase request is always a scam.
  • You can’t get your money out without paying more. “Fees,” “taxes,” or “unlock” charges standing between you and your balance mean the balance was never real.
  • An authority or a celebrity is invoked. A “government official,” a “bank,” a “tech-support agent,” or a famous face — plus, somewhere, a crypto address or kiosk.

The single habit that defeats nearly all of them is the one in the green band of the diagram: slow down. Scams are built to collapse your decision-making window. Stepping away for an hour — or a day — to verify through a channel you looked up yourself dissolves most of them.

A Sane Default Defense for a Beginner

None of this is a recommendation of any product; it’s the general, widely taught hygiene that makes you a hard target. Confirm current best practices yourself:

  1. Reach everything through your own bookmarks. Never through a link in an email, DM, ad, or text. Type it, bookmark it, use the bookmark.
  2. Treat unsolicited contact as guilty until proven innocent. No real institution resolves a “crisis” by having you buy crypto or move it to a kiosk. Hang up and call the organization back on a number you look up independently.
  3. Guard the recovery phrase offline and share it with no one — ever. Store it physically (paper or metal), never in a photo, cloud note, or synced app, and understand that anyone asking for it is a thief. As holdings grow, a hardware wallet moves your keys offline; see Crypto Wallets Explained for the full custody picture.
  4. Verify the full destination address every time, and read what you’re signing on the device’s own screen before you approve it.
  5. Assume no one doubles your crypto and no one guarantees a market return. Both are impossibilities, and both are bait.
  6. If you’re defrauded, report — and refuse the “recovery.” File with IC3.gov and reportfraud.ftc.gov, and treat any “we can recover your funds for a fee” contact as the next scam.

The goal isn’t paranoia. It’s a small set of reflexes — bookmarks, independent call-backs, address checks, and a hard “no” on the seed phrase — that make the whole catalog above bounce off you.

Almost everyone who spends time in crypto eventually gets the message — the too-friendly stranger who steers the conversation toward a “platform,” the group chat where everyone but you seems to be getting rich, the “support” account that appears the moment you post a question. The people who don’t lose money aren’t smarter or more technical; they’ve usually just seen the shape once before, felt the little tug of urgency, and recognized it for what it was. The first time you catch one in the wild — you notice the unsolicited contact, the too-good promise, the push to hurry — and simply stop, the whole thing loses its power. That recognition is the entire skill, and it’s learnable in an afternoon.

Where to Go Next

You now have the map: the common shape, the eight patterns, and the reflexes that neutralize them. To go deeper on the safety side this article opened:

If you’d like the plain-English read on crypto and investing — explained, never hyped, and always risk-first — that’s what the newsletter is for. Subscribe below.

Disclaimer: This article is educational content, not financial advice. I am not a licensed financial advisor, and nothing here is a recommendation to buy or sell any security or asset. Investing and trading involve risk, including the possible loss of the money you invest. Do your own research and consider consulting a licensed financial professional before making investment decisions. Read the full Disclaimer.

Historical and backtested results are hypothetical, carry inherent limitations, and do not guarantee future results. Figures were accurate to the best of my knowledge as of this article’s last-updated date and may have changed.

Get the research in your inbox

One idea a week — a market observation, the best piece we published, and one concrete action step. No hype, ever.


Continue reading