Skip to content
Security

How to Spot and Avoid the Most Common Crypto Scams

Learn to recognise the recurring patterns behind phishing, rug pulls, fake support, and approval drains, and the checks that keep your funds out of a scammer's reach.

Sofia Lindqvist

Explainers Lead · Jun 16, 2026 · 7 min read

CRYPTO-SCAMS

Scammers do not need to break cryptography. They need to persuade you to sign a transaction or hand over a secret. Almost every crypto scam is a variation on a handful of psychological patterns, and once you recognise the patterns, most attempts become obvious. This guide maps the recurring scams and the concrete checks that defeat them. It is educational information, not financial advice.

Why is urgency the universal warning sign?

The common thread across nearly every scam is manufactured urgency. You are told a deal ends in minutes, your account is about to be frozen, an airdrop is almost gone, or support needs to act right now. Urgency exists to stop you thinking, checking, and asking a second person. The single most protective habit in crypto is to slow down. A genuine opportunity survives a ten-minute pause to verify it; a scam usually does not.

If a message, offer, or person is pressuring you to act immediately, treat that pressure itself as the red flag, before you evaluate anything else.

What do the most common scams actually look like?

A few structures account for the majority of losses:

  • Phishing sites and links. A fake version of a real wallet, exchange, or DeFi app, often reached through a sponsored search result, a lookalike domain, or a direct message. It asks you to connect your wallet and sign a transaction that drains it, or to enter your seed phrase.
  • Fake support and impersonation. Someone posing as customer support, a well-known figure, or a project admin messages you first. Real support teams almost never DM users first, and none will ever ask for your seed phrase or remote access to your screen.
  • Rug pulls. A token or project attracts money, then the creators drain the liquidity or dump their allocation and disappear. Warning signs include anonymous teams, no liquidity lock, a supply concentrated in a few wallets, and promises of guaranteed returns.
  • Approval and signature drains. Instead of stealing keys, the attacker gets you to sign a token approval or a malicious message that grants a contract permission to move your assets. The wallet may show no immediate outflow, so the theft happens later.
  • Giveaway and doubling scams. An offer to send back double whatever you deposit. There is never a return. This one is old and still works because greed and urgency override caution.

Which checks stop these attacks?

Each pattern has a practical countermeasure you can apply in seconds:

  • Reach sites through your own bookmarks, never through search ads, DMs, or unsolicited links. Typo-squatted domains are designed to pass a quick glance.
  • Read what you are signing. Modern wallets and transaction-simulation tools preview the effect of a transaction. If a simple action requests broad permission to move your tokens, stop.
  • Guard the seed phrase absolutely. No legitimate entity ever needs it. Any request for it identifies the requester as an attacker.
  • Do basic project due diligence before committing funds: is the team identifiable, is liquidity locked, how is the token supply distributed, and does the return being promised make economic sense? Guaranteed or fixed high yields are a classic tell.
  • Verify claims through a second independent channel. If support or a friend contacts you, confirm through the official site or a known contact rather than the channel that reached out.
  • Use a burner wallet for unknown apps. Interact with new or unaudited protocols using a separate wallet holding little value, so a malicious approval cannot reach your main holdings.

What should you do if you think you have been hit?

Speed matters once an attack is underway. If you suspect a wallet is compromised, move any remaining assets to a fresh wallet with a brand-new seed phrase immediately, because the old one can no longer be trusted. Revoke outstanding token approvals using a reputable approval tool to cut off any lingering permissions. Report the fraudulent site or account to the relevant platform and, where meaningful sums are involved, to the authorities, even though on-chain recovery is rarely possible.

The uncomfortable truth is that reversibility does not exist for most crypto transactions, so prevention carries almost all the weight. Internalise the patterns, distrust urgency, verify independently, and protect your keys and approvals. Those habits neutralise the overwhelming majority of scams before they can cost you anything.

Share
Sofia Lindqvist

Explainers Lead

Sofia turns dense on-chain mechanics into plain English. She writes Coin Currents Daily's Learn desk and edits the glossary.