Recognize Crypto Scams Before You Act

Scams often begin with something believable

Many scams are built around a situation the user already recognizes: a delayed withdrawal, an account restriction, a token claim, a security warning, a job offer, or a message from someone who appears to know the platform involved.

The scam becomes dangerous when the user is pushed to act before checking the request through an independent source.

Explore common scam types

Pause when the message creates urgency

Scammers often invent a short deadline: a withdrawal will be cancelled, an account will be closed, a token claim will expire, or funds will be lost unless the user acts now.

A real security issue may still require quick action, but you should verify it through the official website, application, or support channel rather than using the link or contact details inside the message.

Fake support appears when users are already under pressure

Users who post publicly about a missing deposit, delayed withdrawal, locked account, or wallet problem may receive private messages within minutes. The account may use the right logo, mention the correct platform, and appear to understand the issue.

Common next steps include sending the user to a “verification” page, asking for a wallet connection, requesting a payment, or moving the conversation to another application.

• Use support links published on the official website.
• Do not trust an account because it has the correct logo or username.
• Check whether the platform says it contacts users through private messages.
• Ask for a ticket reference that is visible inside the official account.
• Never share a recovery phrase, private key, or login code.
• Do not install remote-access software for support.

A copied website may look almost correct

Phishing pages can copy logos, colours, support widgets, wallet buttons, and even legal pages from a real platform. The difference may be one added character in the domain or a different ending.

Before logging in or connecting a wallet, check:

• The full domain name, including its ending
• Whether the site was opened from a saved bookmark or official source
• Whether the page appeared through a sponsored search result
• Whether the wallet request matches the action you intended
• Whether the platform is asking for information it normally would not need
• Whether the spelling, legal company, and contact details match the real service

A secure connection symbol only means the connection to that website is encrypted. It does not prove that the website belongs to the company it claims to represent.

Wallet drainers do not always ask for the seed phrase

Some malicious sites use wallet signatures and contract approvals instead of asking for the recovery phrase. The request may appear to be a login, token claim, account check, or reward confirmation.

Depending on the permission, a contract may be able to move specific tokens later. This is why users should review the domain, contract, asset, network, and permission before signing.

• Cancel requests that do not match the action you started.
• Avoid unlimited token approvals where a smaller permission is enough.
• Use a separate wallet for unfamiliar applications.
• Review old approvals and revoke those no longer needed.
• Do not connect a wallet holding long-term funds to unverified sites.

For broader protection, visit the wallet safety hub.

Recovery scams target people who have already lost money

After a theft, failed transfer, or platform dispute, users may search publicly for help. Scammers monitor these conversations and present themselves as blockchain experts, hackers, legal agents, investigators, or people who recovered funds from the same service.

They may provide a convincing explanation and then ask for an investigation fee, wallet activation payment, tax, software purchase, or a percentage paid in advance.

Do not give a recovery service control of another wallet, access to your email, remote control of your device, or additional money simply because it claims to see the stolen funds on-chain.

Fake platforms may show profits that do not exist

Some scam platforms allow small withdrawals at first, display steady profits, or assign an account manager who appears helpful. The balance shown on the website may not represent assets held for the user.

The fraud becomes clearer when a larger withdrawal is requested and the user is asked to pay tax, insurance, liquidity, verification, or account-upgrade fees.

• Do not treat an on-screen balance as proof that funds exist.
• Check the operating company and regulatory claims independently.
• Be cautious with guaranteed returns or unusually consistent profits.
• Do not deposit more money to unlock an existing balance.
• Check whether withdrawals require payments to personal wallet addresses.
• Search for copied text, cloned domains, and repeated complaint patterns.

Casino scams often hide inside withdrawal demands

A casino may be genuine but still use unclear or unfair rules. In other cases, the entire operation may be copied, unlicensed, or built mainly to collect deposits.

Warning signs include:

• A second deposit required to release a withdrawal
• A tax or verification fee sent to a separate wallet
• Bonus rules introduced only after the withdrawal request
• No identifiable company behind the casino
• Licence details that do not match the website
• Support moving the conversation to private social accounts
• Repeated changes to the reason funds are being held
• Requests for wallet secrets or remote device access
• Copied games, fake providers, or unverifiable software claims

For broader checks, visit the casino safety hub.

Do not trust a token because it appears in your wallet

Anyone may be able to send a token or NFT to a public wallet address. An unexpected asset does not prove that it has value, belongs to a real project, or is safe to interact with.

The token name and symbol may copy a legitimate asset. Its website may ask the user to connect a wallet, approve a contract, or pay a fee to claim or sell it.

• Verify the contract through an official project source.
• Do not open links inside token descriptions or unsolicited messages.
• Do not approve contracts simply to remove an unwanted asset.
• Hide suspicious tokens in the wallet interface rather than interacting with them.
• Check whether the asset has genuine liquidity before assuming it has value.

Check the payment request itself

Scammers often use payments that are difficult to reverse. The request may involve crypto, gift cards, prepaid vouchers, or transfers to an individual rather than the company named in the conversation.

Pause when you are asked to pay:

• A fee to release money already shown in your account
• Tax directly to a platform employee or personal wallet
• A deposit to activate or verify another deposit
• A fee to remove a wallet restriction
• Gas or liquidity funds to a stranger’s address
• An investigator before any written scope or verifiable identity is provided
• A private seller who refuses normal platform protections

Ask whether the charge appears in the official terms, account interface, or company invoice. Verify the answer independently.

If you think you interacted with a scam

Act according to what was exposed. Clicking a link, entering a password, signing a wallet request, sharing a recovery phrase, and sending a payment create different risks.

1. Stop communicating with the suspicious account. Do not send another payment or follow new recovery instructions.
2. Record what happened. Save website addresses, usernames, wallet addresses, transaction hashes, messages, timestamps, and screenshots.
3. Protect the affected account. Change exposed passwords, enable two-factor authentication, and end unfamiliar sessions through the official service.
4. Check wallet exposure. Review recent transactions, connected applications, and token approvals. Treat the wallet as compromised if its recovery phrase or private key was exposed.
5. Contact the real provider. Use the official website or application rather than details supplied by the suspicious contact.
6. Report the incident. Depending on the case, notify the platform, wallet provider, exchange, relevant authority, or law-enforcement body.

Evidence worth preserving

Do not delete messages simply because they are upsetting or embarrassing. Details that seem unimportant at first may help connect the incident to another account, domain, or wallet.

• Full website address
• Email headers where available
• Social media usernames and profile links
• Wallet addresses
• Transaction hashes
• Token contract addresses
• Support or ticket references
• Payment instructions
• Dates and times
• Screenshots of messages and account balances
• A short timeline written in order

Do not include seed phrases, private keys, passwords, authentication codes, or unredacted identity documents in a public report.

Report a scam or suspicious pattern

If you have found a phishing website, fake support account, wallet drainer, copied platform, suspicious casino demand, recovery scam, or another pattern that may affect other users, contact [email protected].

Include a short explanation, relevant links, wallet addresses, transaction hashes, and redacted screenshots where available. Clearly separate what you observed directly from what another person reported.

TrendCrypt can review patterns, compare reports, contact platforms for comment, and publish educational warnings. We cannot recover funds, reverse transactions, identify every person behind a scam, or guarantee that a report will lead to reimbursement.