Scam 1: Advanced phishing attacks
Advanced phishing attacks now target crypto wallets and exchange accounts using sophisticated tactics that exploit user trust to steal private keys or login credentials.
To carry out advanced phishing attacks, criminals create fake websites that mimic legitimate platforms. They send deceptive emails posing as trusted organizations or use social engineering tactics to trick victims into sharing sensitive information. Some impersonate support staff or design cloned interfaces to capture information.
Attackers may employ sophisticated tactics for such phishing attacks:
-
Wallet drainers: These are malicious programs or scripts used in phishing attacks. After a victim connects their wallet to a fraudulent site and approves a malicious transaction or grants token permissions, the attacker can automatically move funds out of the wallet.
-
Quishing: Fraudsters use malicious QR codes placed in emails, text messages or on public surfaces. When scanned, these codes redirect users to phishing websites or trigger harmful downloads that steal credentials and personal or financial information.
-
Spear phishing: Unlike general phishing, this method targets specific individuals or organizations. Scammers craft personalized messages, often using urgent phrases such as “Immediate Action Required.” The goal is to create a sense of panic and pressure victims into making quick, costly mistakes.
In August 2025, Zak Cole, a core Ethereum developer, discovered his crypto wallet had been drained after a malicious Cursor extension stole his private key. Earlier that year, in May 2025, an elderly US citizen fell victim to a $330-million Bitcoin (BTC) heist, where the attacker used advanced social engineering tactics to gain access to the victim’s wallet.
Did you know? The earliest recorded Bitcoin scam dates back to 2011, when a Ponzi scheme called “Bitcoin Savings & Trust” promised investors 7% weekly returns. It ultimately defrauded them of more than 700,000 BTC.
Scam 2: Rug pulls
Scammers often exploit the hype surrounding decentralized finance (DeFi) platforms and non-fungible token (NFT) projects to deceive investors. A common tactic is the rug pull, where developers suddenly withdraw liquidity and disappear with investors’ funds.
These schemes often imitate legitimate ventures, promising extraordinary returns or exclusive digital assets but ultimately diverting funds from unsuspecting users. Many are overhyped projects that rely on social media buzz without offering real value. Others are cloned platforms that replicate trusted DeFi or NFT websites to trick users into depositing their assets.
Warning signs of rug pulls include unrealistic promises of high returns with little to no risk, no transparent audits or publicly available code and anonymous teams unwilling to share their identities or qualifications.
Since the beginning of 2025, rug pulls have caused nearly $6 billion in losses across the Web3 ecosystem. By comparison, during the same period in early 2024, total losses from rug pulls were only about $90 million.
A prominent example is the LIBRA token on the Solana network. The token’s market value surged to $4.56 billion after it was mentioned by Argentine President Javier Milei on X. Following the deletion of the post, the token’s price fell by over 94%, leading to accusations of a rug pull.
Scam 3: Impersonation
Impersonation — often on social media — poses a serious threat to the crypto ecosystem, undermining trust and leading to significant losses. Scammers frequently pose as trusted influencers, developers or support staff on platforms like X.
In impersonation scams, fraudsters infiltrate conversations or create fake profiles to exploit users chasing quick profits. They often run fake giveaways, promising doubled returns in exchange for small “verification” deposits. Scammers may also operate impersonation accounts copying celebrities or send direct messages posing as exchange support to gain wallet access or prompt urgent fund transfers.
Red flags include accounts with slight misspellings (e.g., “@ElonMuusk”), unverified profiles without verification badges and any requests for direct crypto transfers, as legitimate entities never ask for these.
In 2024, crypto scams cost victims $9.9 billion globally, with impersonation fueling a fourfold rise, according to the Federal Trade Commission. In Hong Kong, scammers impersonated Chief Executive John Lee through a fake X account and a deepfake video promoting a supposedly government-backed digital currency.
Did you know? Even as blockchain security improves, scams continue to adapt. In 2024-25, scammers shifted from hacking smart contracts to manipulating human behavior. By 2025-26, their tactics had become even more advanced.
Scam 4: AI-powered deepfake scams
AI-powered deepfake scams have emerged as a major threat, using advanced technology to deceive users and steal assets. Criminals now leverage artificial intelligence to create highly realistic videos or voice clones of prominent executives, influencers and celebrities.
Trained on publicly available content such as interviews, podcasts and YouTube clips, AI-powered deepfakes are highly convincing. They can easily trick even cautious users into believing fraudulent claims.
In August 2024, The New York Times labeled a deepfake version of Elon Musk “the internet’s biggest scammer.” One victim, 82-year-old retiree Steve Beauchamp, was so convinced by the video that he invested his entire retirement savings of $690,000 over several weeks. The money vanished without a trace, and many others have fallen for similar scams.
Quantum AI was an allegedly fraudulent online investment program that falsely claimed to use AI and quantum computing to generate high returns for investors. The scammers allegedly manipulated their website to display fake trading results and used deepfake videos to promote the scheme.
Deepfakes blur the line between genuine and fraudulent communication. They exploit trust, urgency and FOMO (fear of missing out), making them a serious threat.
Did you know? Crypto romance scams surged during the pandemic and continue into 2025. Scammers build trust on dating apps before pitching fake “investment opportunities,” ultimately leading victims to send their life savings.
Scam 5: Crypto support
Fake crypto support scams are an increasing threat, targeting users with deceptive offers of assistance to steal money or sensitive information. Fraudsters often pose as customer support agents from trusted exchanges or wallet providers.
Scammers posing as customer support executives contact victims through social media platforms like X and Telegram or via fake websites that closely resemble official domains. By offering seemingly genuine assistance, they exploit user trust.
These scammers often share phishing links disguised as support portals, promote “wallet recovery” services that request private keys or seed phrases, or offer fake refunds designed to drain accounts. Such tactics prey on users already dealing with technical issues or seeking quick solutions.
A well-known crypto support scam emerged following the Coinbase data breach in May 2025, where leaked personal details — including names, addresses, ID images and bank information — were allegedly exploited. Criminals posing as Coinbase support contacted victims, urging them to share security codes, two-factor authentication (2FA) details or transfer assets to fraudulent wallets.
