Buy a licensed company 
VASPs live data and insights 
Learn about crypto safety 
Read the latest research 
Atis Shala
Atis is a senior analyst and community lead with four years of experience in crypto. He has a bachelor from the Rochester Institute of Technology.
How to Spot and Avoid Modern Crypto Scams
- AI deepfakes drove $4.6 billion in losses by impersonating executives and relatives, while automated “scam kits” allow low-skill criminals to launch massive, coordinated attacks.
- These long-con investment scams build trust over weeks, disproportionately impact people over 60, and are often run like organized corporate call centers by international crime rings.
- Fake websites and overly helpful “support agents” have one ultimate goal: tricking you into typing your recovery phrase. No legitimate service will ever ask for it.
- Often disguised as free airdrops, these malicious smart contracts trick users into signing away unlimited access to their tokens, which must be manually revoked to stop the bleeding.
- Because scammers can clone voices and faces in real time to defeat identity checks, the only reliable defense is verifying the request through a separate, trusted channel.
- Fraudsters rely on extreme time pressure, a frozen account, an expiring deal, or a relative in danger, to prevent you from pausing to think.
- Because crypto transactions are irreversible, you must adopt a zero-trust approach. Slowing down precisely when you are being told to hurry is the single best way to protect your wallet.
Modern Crypto Scams Are Getting More Common
Americans lost $11.37 billion to cryptocurrency scams in 2025, a 22% jump over the year before, and the average victim payment more than tripled to $2,764. The scams that drained those wallets are not the clumsy emails of a decade ago. They are AI-built deepfakes, fake support agents, and malicious smart contracts that empty a wallet the moment you click approve. The good news is that almost all of them rely on the same handful of moves, and once you can name those moves you can stop them.
Most crypto scams fall into five families: investment or pig butchering scams, phishing sites, wallet drainers and approval exploits, AI deepfake impersonation, and rug pulls. The defenses are the same across all of them. Never share a recovery phrase, never click links from messages, verify identities independently, revoke unused token approvals, and keep serious funds on a hardware wallet.
Why the Losses Keep Climbing
The scale of the problem is the first thing worth understanding. The FBI and consumer agencies recorded $11.37 billion in US crypto scam losses for 2025, up 22% on 2024. The damage is not spread evenly. People aged 60 and older accounted for about $4.35 billion of that total, roughly 38%, because they are often targeted with patient, relationship-based scams that play out over weeks.
Two forces are driving the surge. The first is artificial intelligence. AI-powered deepfakes alone drove an estimated $4.6 billion in crypto scams during 2025, and operations that used AI generated about 4.5 times more revenue per scam than those that did not. Real-time voice and video cloning lets a fraudster impersonate a CEO, a family member, or an exchange agent convincingly. In the first quarter of 2026, CEO impersonation scams alone caused $577 million in losses.
The second force is automation. Off-the-shelf scam kits now handle the technical work, so a low-skill operator can deploy a professional-grade attack. In early 2026, security researchers at Safe Labs uncovered a single coordinated campaign that used 5,000 malicious addresses tied to wallet drainer tools. When the tooling is industrialized, the number of attacks rises even if the underlying tricks stay the same.
There is also a quieter reason the numbers keep rising: reporting is improving, so more of the damage that was always happening is now being counted. Even so, agencies believe the true figure is higher than the reported one, because shame and confusion keep many victims silent. That underreporting matters, because it means the threat is at least as large as the headline statistics suggest, not smaller.
The Five Scam Families, and How Each One Works
Almost every crypto scam is a variation on five core schemes. Learning the shape of each one is more useful than memorizing individual stories, because the names change but the structure rarely does. The table below is a quick reference, and the sections after it explain the mechanics and the warning signs.
| Scam family | How it works | Clearest red flag |
|---|---|---|
| Pig butchering | A stranger builds trust over weeks, then steers you to a fake investment platform showing fake profits. | An online contact you never met pushes you to invest. |
| Phishing | A fake site or support agent copies a real exchange or wallet to capture logins, codes, or seed phrases. | Any request for your recovery phrase or 2FA code. |
| Wallet drainers | A malicious site asks you to approve a transaction that grants ongoing access to your tokens. | A signing prompt for unlimited token approval. |
| AI deepfakes | Cloned voice or video impersonates a CEO, celebrity, or relative to authorize a transfer or promote a fake deal. | Urgency plus a face or voice you cannot verify live. |
| Rug pulls | Developers hype a new token, attract money, then vanish with the funds and leave a worthless coin. | Anonymous team and promises of guaranteed returns. |
The five most common crypto scam families and their telltale signs.
Pig Butchering and Investment Scams
Pig butchering is the most damaging scam category by total dollars. The name is grim. Scammers fatten a victim with attention and small wins before the slaughter. It usually starts with a friendly message that seems like a wrong number or a casual connection on a dating app or social platform. Over days or weeks the scammer builds a relationship, then mentions a crypto investment that is performing beautifully.
The victim is guided to a polished platform that shows steady gains, allowed to withdraw a small amount to build confidence, then pushed to deposit more and more. When they try to cash out the real balance, the money is gone.
The defining red flag is simple. The investment opportunity comes from someone you met online and have never verified in person. No real financial relationship begins that way. In April 2025 a woman in Maryland lost millions to exactly this pattern, run by a network operating out of Southeast Asia, where many of these operations are based in industrial-scale scam compounds.
Scale is part of what makes these operations so dangerous. Many compounds run like call centers, with scripts, shift work, and quotas, and some are staffed by trafficking victims forced to defraud strangers. That industrial structure is why a single lonely message can lead to a multimillion dollar loss, and why authorities increasingly treat pig butchering as organized crime rather than isolated fraud.
Phishing: Fake Sites and Fake Support
Phishing is the workhorse of crypto fraud. Attackers build websites that mirror a real exchange, wallet, or support channel, then harvest whatever you type: login details, two-factor codes, or the recovery phrase itself. In January 2026 alone, phishing attacks drained more than $311 million from crypto users. A common twist is fake customer support. You post a problem in a public forum, and a helpful stranger messages you claiming to be support, then walks you toward handing over your keys.
The rule that defeats nearly all phishing is absolute. No legitimate company will ever ask for your recovery phrase. Not support, not an airdrop, not a wallet upgrade, never. The recovery phrase is the master key to your funds, and anyone requesting it is trying to rob you. Reaching sites only through your own saved bookmarks, rather than links in messages, closes the other main door.
Wallet Drainers and Approval Exploits
Wallet drainers are the most technical of the five and the hardest for newcomers to spot. Instead of stealing your password, they trick you into signing a transaction that grants a smart contract permission to move your tokens. Many request unlimited approval, which means the attacker can keep withdrawing long after you have forgotten the interaction. Some of the worst losses come from old approvals to protocols people used once and never thought about again.
Fake airdrops are a favorite delivery method. You are told to connect your wallet to claim free tokens, and the claim transaction hides an approval function that hands over access. Fake airdrops drained more than $1 billion from DeFi wallets in mid-2026. The defense is to read what you are signing, be suspicious of any unlimited approval, and periodically revoke old permissions through a tool such as Revoke.cash.
AI Deepfake Impersonation
Deepfakes are the newest and fastest-growing threat. With a short sample of audio or video, modern tools can clone a person’s voice and face well enough to fool people in real time. Scammers use this to impersonate company executives authorizing a transfer, celebrities promoting a fake giveaway, or a relative in fake distress asking for crypto. The same technology is now used to defeat identity checks, generating synthetic documents and live video to pass exchange verification.
Because the impersonation can be convincing, the defense shifts from spotting a fake to verifying through a separate channel. If a message or video asks you to move money, confirm it by calling the person back on a number you already trust, or by asking a question only the real person could answer. Urgency is the constant. Scammers manufacture time pressure precisely to stop you from making that second call.
Rug Pulls and Fake Projects
Rug pulls target the urge to catch the next big token early. Developers launch a project, market it hard, attract investment, then pull the liquidity and disappear, leaving holders with a coin worth nothing. Rug pulls caused more than $2.8 billion in losses across networks between 2024 and 2025. The warning signs are usually visible before you invest: an anonymous team, promises of guaranteed or unrealistic returns, heavy pressure to buy now, and little real product behind the hype.
Anatomy of a Scam: How One Unfolds
Seeing the stages laid out makes the pattern easier to catch in real life. Most scams move through four predictable phases, and there is a natural exit point at each one.
Initial Contact
The approach arrives where your guard is lowest: a wrong-number text, a friendly direct message, a comment under a video, or an email dressed up as your exchange. At this stage nothing is asked of you, which is exactly why it works. The exit point is simply recognizing that unsolicited contact about money deserves suspicion, not curiosity.
Trust Building
The scammer invests time. A pig butchering operator chats for days about ordinary life. A fake support agent is patient and reassuring. A deepfake call uses a familiar face. The goal is to convert you from a stranger into someone who feels a relationship is at stake. The exit point here is the habit of verifying identity through a separate channel before any money or keys enter the conversation.
The Ask
Eventually the request appears: deposit into a platform, connect your wallet to claim a reward, confirm your account by entering your seed phrase, or approve a transaction. This is the moment the scam needs you to act. The exit point is the strongest rule in crypto, which is that no legitimate party ever needs your recovery phrase and no genuine reward requires an unlimited approval.
Pressure Starts
If you hesitate, urgency arrives. The deal closes tonight, the account will be frozen, the relative is in danger, the token is about to moon. Manufactured time pressure exists to stop the second thought that would expose the scam. The exit point is to treat urgency itself as the red flag and to slow down precisely when you are being told to hurry.
A quick check protects you before you buy into a new token. See whether the team is public and verifiable, whether the project has a working product rather than just a roadmap, and whether the liquidity is locked so developers cannot drain it on a whim. If the people behind a coin will not put their names to it, that absence is the answer.
A Practical Defense Checklist
The encouraging part of this picture is that a small set of habits neutralizes most attacks across all five families. None of them require technical skill. They require routine.
| Habit | Why it works |
|---|---|
| Never share your recovery phrase | It is the master key. No legitimate service ever needs it, so any request is a scam. |
| Reach sites via bookmarks | Cuts off phishing links from emails, DMs, and social posts before they can load a fake page. |
| Verify identities on a second channel | Defeats deepfakes and impersonation by confirming through a number or detail you already trust. |
| Read and limit approvals | Avoid unlimited token approvals and revoke old ones monthly via Revoke.cash. |
| Use a hardware wallet | Keeps private keys offline so a malicious site cannot extract them. Essential for larger holdings. |
| Distrust guaranteed returns | Real investments carry risk. A promise of guaranteed profit is the signature of a scam. |
Six habits that stop the majority of crypto scams.
What to Do if You Are Targeted or Hit
If you suspect a scam in progress, stop all contact and move any remaining funds to a fresh wallet whose keys have never touched the suspicious site. If you signed an approval, revoke it immediately. Speed matters, because drainers often act within minutes.
If money is already gone, report it. Enforcement has improved sharply. In March 2026 the US Secret Service, the UK’s National Crime Agency, and Canadian authorities launched Operation Atlantic against approval phishing scams, and the US Department of Justice Scam Center Strike Force recovered $580 million in crypto within its first three months while seizing hundreds of fake investment websites. Reporting feeds those efforts and occasionally leads to recovery, so it is always worth doing even when it feels hopeless.
The Mindset That Keeps You Safe
Tools and checklists matter, but the deeper protection is a mindset. Crypto transactions are final and largely irreversible, which removes the safety net that credit cards and banks provide in the traditional world. That single fact should reframe how you treat every prompt, message, and offer. The cost of pausing to verify is a few minutes. The cost of acting on a scammer’s schedule can be everything in the wallet.
Scammers are betting on speed, trust, and the fear of missing out. Every habit in this guide is really a way of buying yourself time to think. Slow down at the moment you are told to hurry, confirm through a channel you already trust, and never let anyone, however friendly or authoritative they appear, separate you from your recovery phrase.
Frequently Asked Questions (FAQ)
What is the most common crypto scam right now? +
Pig butchering, a long-game investment scam where a stranger builds trust before steering you to a fake platform, causes the largest dollar losses, while phishing is the most frequent technical attack.
Can someone steal my crypto if I just share my wallet address? +
No. A public address only lets people send you funds or view your balance. Theft requires your private key, recovery phrase, or a transaction approval you sign, which is why those are the things to guard.
How do I avoid AI deepfake scams? +
Verify any money request through a separate, trusted channel. Call the person back on a known number or ask something only they would know. Treat urgency as a warning sign rather than a reason to act fast.
Are hardware wallets really necessary? +
For meaningful holdings, yes. A hardware wallet keeps your private keys offline, so even if you visit a malicious site, it cannot extract the keys needed to move your funds.
What should I do the moment I realize I have been scammed? +
Cut contact, move any remaining funds to a new wallet with fresh keys, and revoke any approvals you signed. Then report it to your local fraud authority and the platform involved, since enforcement teams have recovered hundreds of millions in recent operations.
